Re: Tapestry-Acegi / Tapestry-Spring-Security
Ok i can confirm is not working. I know it's impossible to keep everything working with the new tapestry releases. So i just wanted to send the message to the list in case somebody else has the same issue. Thanks On Sat, Feb 28, 2009 at 8:02 PM, Juan E. Maya wrote: > Hi, > i have 2 questions regarding this libraries. > > 1. Does anybody now if Tapestry-Spring-Security it's compatible with the > latest snapshot of Tapestry (5.1.0.1-SNAPSHOT)? For some reason the @Secured > is not working at all. > > 2. Shouldnt Tapestry-Spring-Security be in the home of the Tapestry instead > of Tapestry-Acegi? Or is there a reason why is not like this? > > Thanks a lot for your help!
Tapestry-Acegi / Tapestry-Spring-Security
Hi, i have 2 questions regarding this libraries. 1. Does anybody now if Tapestry-Spring-Security it's compatible with the latest snapshot of Tapestry (5.1.0.1-SNAPSHOT)? For some reason the @Secured is not working at all. 2. Shouldnt Tapestry-Spring-Security be in the home of the Tapestry instead of Tapestry-Acegi? Or is there a reason why is not like this? Thanks a lot for your help!
Tapestry-Acegi / Tapestry-Spring-Security
Hi, i have 2 questions regarding this libraries. 1. Does anybody now if Tapestry-Spring-Security it's compatible with the latest snapshot of Tapestry (5.1.0.1-SNAPSHOT)? For some reason the @Secured is not working at all. 2. Shouldnt Tapestry-Spring-Security be in the home of the Tapestry instead of Tapestry-Acegi? Or is there a reason why is not like this? Thanks a lot for your help!
Has anyone integrated tapestry-acegi with CAS?
Hi! I'm looking for examples/code for how to configure tapestry-acegi to use CAS. Anyone out there that have done this? TIA, Olle Hallin
Re: tapestry-acegi example app question (solved)
On Tue, Mar 11, 2008 at 3:37 AM, Julian Wood <[EMAIL PROTECTED]> wrote: > Hate to answer my own question, but I think the proper relation for: > > is: > > @ManyToMany( cascade={CascadeType.PERSIST, CascadeType.MERGE} ) > > You then need to persist your GrantedAuthorityBean independently from > UserDetails, but that makes sense, and it solves the problem of the > GrantedAuthorityBean and the join table exploding with duplicate info. Thanks! I'll update the example. -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi example app question
On Tue, Mar 11, 2008 at 12:18 AM, Julian Wood <[EMAIL PROTECTED]> wrote: > In the provided example for tapestry-acegi, I have a question about > the GrantedAuthorityBean table. That is, if I add more users which > share roles, each role will create a new row in the GAB table. How can > this be avoided? Users and Roles are a many-to-many relation ship. You'll need a third table to normalize the sql. However, as the example app is just an example, a better approach would be to create a table for the roles. Users table: user_id username password Roles table: role_id name Users_Roles tables user_id role_id -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi example app question (solved)
Hate to answer my own question, but I think the proper relation for: @OneToMany @Cascade(CascadeType.ALL) public Collection getGrantedAuthorities() { return grantedAuthorities; } is: @ManyToMany( cascade={CascadeType.PERSIST, CascadeType.MERGE} ) You then need to persist your GrantedAuthorityBean independently from UserDetails, but that makes sense, and it solves the problem of the GrantedAuthorityBean and the join table exploding with duplicate info. Thanks, J PS. http://www.localhost.nu/svn/public/tapestry5-acegi-example/src/ main/java/nu/localhost/tapestry/acegi/example/entities/ UserDetailsBean.java On 10-Mar-08, at 5:18 PM, Julian Wood wrote: In the provided example for tapestry-acegi, I have a question about the GrantedAuthorityBean table. That is, if I add more users which share roles, each role will create a new row in the GAB table. How can this be avoided? I've tried making the authority unique: @Table(uniqueConstraints = [EMAIL PROTECTED](columnNames = {"authority"})}) but hibernate is not clever enough to realize that it should reuse existing roles, and just throws a constraint exception. I'm looking at interceptors now. I guess this is really a hibernate question, but I thought that someone here might have encountered this issue, given its context in tapestry-hibernate. Thanks, J - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
tapestry-acegi example app question
In the provided example for tapestry-acegi, I have a question about the GrantedAuthorityBean table. That is, if I add more users which share roles, each role will create a new row in the GAB table. How can this be avoided? I've tried making the authority unique: @Table(uniqueConstraints = [EMAIL PROTECTED](columnNames = {"authority"})}) but hibernate is not clever enough to realize that it should reuse existing roles, and just throws a constraint exception. I'm looking at interceptors now. I guess this is really a hibernate question, but I thought that someone here might have encountered this issue, given its context in tapestry-hibernate. Thanks, J - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [T5][ANN] - Tapestry+Acegi+Spring+JDBC+Hibernate+JPA+HSQLDB all in one
another way : encrypt your and password and then send it with url. you can do this in two way 1 - with java code in Login.java class : this is my sample that used in a project : public String digest(String password, String salt) { if ((password == null) || (salt == null)) { throw new IllegalArgumentException(); } try { MessageDigest digest = MessageDigest.getInstance("MD5"); int half = salt.length() / 2; String firstSubString = salt.substring(0, half); String secondSubString = salt.substring(half); digest.update(firstSubString.getBytes()); digest.update(password.getBytes()); digest.update(secondSubString.getBytes()); return new String(digest.digest(), "UTF-8"); } catch (Exception e) { throw new RuntimeException(e); } note that you most encrypt new user passwords too, before save in database. 2 - with javascript code in Login.tml you can find sample javascripts for encrypt password in internet. On Jan 22, 2008 5:14 PM, Baptiste Meurant <[EMAIL PROTECTED]> wrote: > > Thanks for your response. > > It is the solution that I decided to use. It is perfectly working but > without using T5 mechanisms. I was wondering if some "full T5" solution > was > posible. > > Thanks again, > > Baptiste. > > > dalahoo wrote: > > > > a simple idea is to change Login.tml to submit directly to acegi filter > : > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Jan 22, 2008 4:43 PM, Baptiste Meurant <[EMAIL PROTECTED]> > > wrote: > > > >> > >> Hi, > >> > >>Thank you for this great work. It will be really useful. > >> > >>I still have a question about security T5/acegi integration : the > >> "classic" solution that you used to perform strong authentication with > >> acegi > >> through T5 is creating a T5 LinkImpl object. You give then parameters > >> (login > >> and password) to this link object to pass the request to acegi. > >> > >> The problem is that you are the able to see login and password in clear > >> in > >> your server (Apache, Tomcat, ...) logs. Indeed, T5 uses a LinkImpl > object > >> to > >> perform a GET (and not a POST) to server. > >> > >> I am very annoyed with this security hole that I have encountered on my > >> own > >> implementation of T5/acegi integration. I don't know any correct and > >> elegant > >> fix to this issue for now. > >> > >> Did you experiment this issue ? Do you have an idea on it ? Or maybe > you > >> found yet a solution to fix it ? > >> > >> Regards, > >> > >> Baptiste > >> > >> > >> > >> dalahoo wrote: > >> > > >> > Hi all, > >> > > >> > latest release of my phone book application is available now, > >> > > >> > In this release i used : > >> > > >> >- Tapestry 5.0.7 as a Web MVC framework. > >> >- Acegi 1.0.5 as a Security System. > >> >- Spring 2.5 as a Application framework. > >> >- Spring JDBC for Data Access Layer. > >> >- Hibernate 3.2.4 an alternative for Data Access Layer. > >> >- JPA (Hibernate Implementation) another alternative for Data > Access > >> >Layer. > >> >- HSQLDB 1.8.0.7 for application database. > >> > > >> > read more about application configuration at > >> > http://code.google.com/p/shams/wiki/TASJHJ > >> > > >> > you can download source code for this release and previous releases > >> from > >> > http://code.google.com/p/shams/ > >> > > >> > > >> > -- > >> > sincerely yours > >> > M. H. Shamsi > >> > > >> > > >> > >> -- > >> View this message in context: > >> > http://www.nabble.com/-T5--ANNTapestry%2BAcegi%2BSpring%2BJDBC%2BHibernate%2BJPA%2BHSQLDB-all-in-one-tp15017544p15018441.html > >> Sent from the Tapestry - User mailing list archive at Nabble.com. > >> > >> > >> - > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > > > > > > -- > > sincerely yours > > M. H. Shamsi > > > > > > -- > View this message in context: > http://www.nabble.com/-T5--ANNTapestry%2BAcegi%2BSpring%2BJDBC%2BHibernate%2BJPA%2BHSQLDB-all-in-one-tp15017544p15019005.html > Sent from the Tapestry - User mailing list archive at Nabble.com. > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- sincerely yours M. H. Shamsi
Re: [T5][ANN] - Tapestry+Acegi+Spring+JDBC+Hibernate+JPA+HSQLDB all in one
Thanks for your response. It is the solution that I decided to use. It is perfectly working but without using T5 mechanisms. I was wondering if some "full T5" solution was posible. Thanks again, Baptiste. dalahoo wrote: > > a simple idea is to change Login.tml to submit directly to acegi filter : > > > > > > > > > > > > > > > On Jan 22, 2008 4:43 PM, Baptiste Meurant <[EMAIL PROTECTED]> > wrote: > >> >> Hi, >> >>Thank you for this great work. It will be really useful. >> >>I still have a question about security T5/acegi integration : the >> "classic" solution that you used to perform strong authentication with >> acegi >> through T5 is creating a T5 LinkImpl object. You give then parameters >> (login >> and password) to this link object to pass the request to acegi. >> >> The problem is that you are the able to see login and password in clear >> in >> your server (Apache, Tomcat, ...) logs. Indeed, T5 uses a LinkImpl object >> to >> perform a GET (and not a POST) to server. >> >> I am very annoyed with this security hole that I have encountered on my >> own >> implementation of T5/acegi integration. I don't know any correct and >> elegant >> fix to this issue for now. >> >> Did you experiment this issue ? Do you have an idea on it ? Or maybe you >> found yet a solution to fix it ? >> >> Regards, >> >> Baptiste >> >> >> >> dalahoo wrote: >> > >> > Hi all, >> > >> > latest release of my phone book application is available now, >> > >> > In this release i used : >> > >> >- Tapestry 5.0.7 as a Web MVC framework. >> >- Acegi 1.0.5 as a Security System. >> >- Spring 2.5 as a Application framework. >> >- Spring JDBC for Data Access Layer. >> >- Hibernate 3.2.4 an alternative for Data Access Layer. >> >- JPA (Hibernate Implementation) another alternative for Data Access >> >Layer. >> >- HSQLDB 1.8.0.7 for application database. >> > >> > read more about application configuration at >> > http://code.google.com/p/shams/wiki/TASJHJ >> > >> > you can download source code for this release and previous releases >> from >> > http://code.google.com/p/shams/ >> > >> > >> > -- >> > sincerely yours >> > M. H. Shamsi >> > >> > >> >> -- >> View this message in context: >> http://www.nabble.com/-T5--ANNTapestry%2BAcegi%2BSpring%2BJDBC%2BHibernate%2BJPA%2BHSQLDB-all-in-one-tp15017544p15018441.html >> Sent from the Tapestry - User mailing list archive at Nabble.com. >> >> >> - >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > -- > sincerely yours > M. H. Shamsi > > -- View this message in context: http://www.nabble.com/-T5--ANNTapestry%2BAcegi%2BSpring%2BJDBC%2BHibernate%2BJPA%2BHSQLDB-all-in-one-tp15017544p15019005.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [T5][ANN] - Tapestry+Acegi+Spring+JDBC+Hibernate+JPA+HSQLDB all in one
a simple idea is to change Login.tml to submit directly to acegi filter : On Jan 22, 2008 4:43 PM, Baptiste Meurant <[EMAIL PROTECTED]> wrote: > > Hi, > >Thank you for this great work. It will be really useful. > >I still have a question about security T5/acegi integration : the > "classic" solution that you used to perform strong authentication with > acegi > through T5 is creating a T5 LinkImpl object. You give then parameters > (login > and password) to this link object to pass the request to acegi. > > The problem is that you are the able to see login and password in clear in > your server (Apache, Tomcat, ...) logs. Indeed, T5 uses a LinkImpl object > to > perform a GET (and not a POST) to server. > > I am very annoyed with this security hole that I have encountered on my > own > implementation of T5/acegi integration. I don't know any correct and > elegant > fix to this issue for now. > > Did you experiment this issue ? Do you have an idea on it ? Or maybe you > found yet a solution to fix it ? > > Regards, > > Baptiste > > > > dalahoo wrote: > > > > Hi all, > > > > latest release of my phone book application is available now, > > > > In this release i used : > > > >- Tapestry 5.0.7 as a Web MVC framework. > >- Acegi 1.0.5 as a Security System. > >- Spring 2.5 as a Application framework. > >- Spring JDBC for Data Access Layer. > >- Hibernate 3.2.4 an alternative for Data Access Layer. > >- JPA (Hibernate Implementation) another alternative for Data Access > >Layer. > >- HSQLDB 1.8.0.7 for application database. > > > > read more about application configuration at > > http://code.google.com/p/shams/wiki/TASJHJ > > > > you can download source code for this release and previous releases from > > http://code.google.com/p/shams/ > > > > > > -- > > sincerely yours > > M. H. Shamsi > > > > > > -- > View this message in context: > http://www.nabble.com/-T5--ANNTapestry%2BAcegi%2BSpring%2BJDBC%2BHibernate%2BJPA%2BHSQLDB-all-in-one-tp15017544p15018441.html > Sent from the Tapestry - User mailing list archive at Nabble.com. > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- sincerely yours M. H. Shamsi
Re: [T5][ANN] - Tapestry+Acegi+Spring+JDBC+Hibernate+JPA+HSQLDB all in one
Hi, Thank you for this great work. It will be really useful. I still have a question about security T5/acegi integration : the "classic" solution that you used to perform strong authentication with acegi through T5 is creating a T5 LinkImpl object. You give then parameters (login and password) to this link object to pass the request to acegi. The problem is that you are the able to see login and password in clear in your server (Apache, Tomcat, ...) logs. Indeed, T5 uses a LinkImpl object to perform a GET (and not a POST) to server. I am very annoyed with this security hole that I have encountered on my own implementation of T5/acegi integration. I don't know any correct and elegant fix to this issue for now. Did you experiment this issue ? Do you have an idea on it ? Or maybe you found yet a solution to fix it ? Regards, Baptiste dalahoo wrote: > > Hi all, > > latest release of my phone book application is available now, > > In this release i used : > >- Tapestry 5.0.7 as a Web MVC framework. >- Acegi 1.0.5 as a Security System. >- Spring 2.5 as a Application framework. >- Spring JDBC for Data Access Layer. >- Hibernate 3.2.4 an alternative for Data Access Layer. >- JPA (Hibernate Implementation) another alternative for Data Access >Layer. >- HSQLDB 1.8.0.7 for application database. > > read more about application configuration at > http://code.google.com/p/shams/wiki/TASJHJ > > you can download source code for this release and previous releases from > http://code.google.com/p/shams/ > > > -- > sincerely yours > M. H. Shamsi > > -- View this message in context: http://www.nabble.com/-T5--ANNTapestry%2BAcegi%2BSpring%2BJDBC%2BHibernate%2BJPA%2BHSQLDB-all-in-one-tp15017544p15018441.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[T5][ANN] - Tapestry+Acegi+Spring+JDBC+Hibernate+JPA+HSQLDB all in one
Hi all, latest release of my phone book application is available now, In this release i used : - Tapestry 5.0.7 as a Web MVC framework. - Acegi 1.0.5 as a Security System. - Spring 2.5 as a Application framework. - Spring JDBC for Data Access Layer. - Hibernate 3.2.4 an alternative for Data Access Layer. - JPA (Hibernate Implementation) another alternative for Data Access Layer. - HSQLDB 1.8.0.7 for application database. read more about application configuration at http://code.google.com/p/shams/wiki/TASJHJ you can download source code for this release and previous releases from http://code.google.com/p/shams/ -- sincerely yours M. H. Shamsi
T5: tapestry-spring v tapestry-acegi
hi all, has somebody managed to set up a project with tapestry-spring and tapestry-acegi together? As soon as i add the tapestryspring filter to web.xml, tapestry-acegi doesn't work anymore (based on the acegi demo app from robin) Exception constructing service 'RememberMeServices': Error invoking service builder method nu.localhost.tapestry.acegi.services.SecurityModule.build(UserDetailsService, String) (at SecurityModule.java:198) (for service 'RememberMeServices'): No service implements the interface org.acegisecurity.userdetails.UserDetailsService. anyone? regards c)hristian -- View this message in context: http://www.nabble.com/T5%3A-tapestry-spring-v-tapestry-acegi-tf4626390.html#a13210597 Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: RequestGlobals in tapestry-ACEGI UserDetailsService
On 10/2/07, T. Papke <[EMAIL PROTECTED]> wrote: > Hi, Hi! > i have tried the tapestry 5 acegi example providing security controll > for tapestry pages. > > I need the hostname of the requested url for getting the user by > username. So i want to have the username per page. > > I have tried it with RequestGlobals, but it did not work to inject it > into this service? Anyone an idea? How do you inject it? @Inject on members only works on page and component classes. You need to add RequestGlobals to the constructor as Session is done, and depending on how you define your service in AppModule inject the RequestGlobals there. > public class UserDetailsServiceImpl implements UserDetailsService { > private final Session session; > public UserDetailsServiceImpl(Session session) { > this.session = session; > } -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RequestGlobals in tapestry-ACEGI UserDetailsService
Hi, i have tried the tapestry 5 acegi example providing security controll for tapestry pages. I need the hostname of the requested url for getting the user by username. So i want to have the username per page. I have tried it with RequestGlobals, but it did not work to inject it into this service? Anyone an idea? public class UserDetailsServiceImpl implements UserDetailsService { private final Session session; public UserDetailsServiceImpl(Session session) { this.session = session; } public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { //here i need the hostname of the request to do something like 'SELECT x FROM UserDetailsBean x WHERE x.username = :username and x.hostname=:hostname' ... return bean; } } Thank you, Thomas - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: T5: help needed with tapestry-acegi
On 9/17/07, Thiago H de Paula Figueiredo <[EMAIL PROTECTED]> wrote: > After some hours trying to figure out what mistake I have been doing, I've > found it! Using the default configuration, Acegi only takes into account > roles prefixed with "ROLE_"!!! Acegi's Javadoc states that here: > http://www.acegisecurity.org/acegi-security/apidocs/org/acegisecurity/vote/RoleVoter.html. Great! > Now everything works like a charm! It's amazingly simple to just add or > change an annotation, reload the page and being allowed or denied to view > the page! Kudos to Howard (for Tapestry 5) and Robin (tapestry5-acegi) for > such amazing work and support!!! :) Thanks, and I also thank Ivan that wrote most of the initial code. > Robin: what about having a warning in tapestry5-acegi docs about this > error I've had? Yeah, that might be a good idea, I'll take a mental note about it :) -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: T5: help needed with tapestry-acegi
On Mon, 17 Sep 2007 16:35:13 -0300, Robin Helgelin <[EMAIL PROTECTED]> wrote: No, you should be able to have an arbitrary length of roles. How does your public GrantedAuthority[] getAuthorities() from your user UserDetails look? I can't post the code here (and it wouldn't help much, as it's written in Portuguese), but I have this architecture: class User { private List groups; ... } class Group { private List permissions; ... } class Permission { private String name; // name of the role/authority } I created an UserDetails implementation which getGrantedAuthorities() method returns all the permissions of all the groups some user belongs to. I'm using the GrantedAuthorityImpl class that comes with Acegi. -- Thiago H. de Paula Figueiredo Desenvolvedor, Instrutor e Consultor de Tecnologia Eteg Tecnologia da Informação Ltda. http://www.eteg.com.br - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: T5: help needed with tapestry-acegi
On 9/17/07, Thiago H de Paula Figueiredo <[EMAIL PROTECTED]> wrote: > I have an user that has a number of roles (GrantedAuthority instances), > one of them named "Admin". When I annotate a page class with > @Secured("Admin"), Acegi denies access to the page. I have just tried the > same page, with the same annotation, now with an user with just one > GrantedAuthority, "Admin". Now Acegi happily gives me access to the page. > > Does that mean that each user must have exactly one role (aka > GrantedAuthority) in order to use the @Secured annotation? No, you should be able to have an arbitrary length of roles. How does your public GrantedAuthority[] getAuthorities() from your user UserDetails look? -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: T5: help needed with tapestry-acegi
On Mon, 17 Sep 2007 16:13:03 -0300, Thiago H de Paula Figueiredo <[EMAIL PROTECTED]> wrote: I have an user that has a number of roles (GrantedAuthority instances), one of them named "Admin". After some hours trying to figure out what mistake I have been doing, I've found it! Using the default configuration, Acegi only takes into account roles prefixed with "ROLE_"!!! Acegi's Javadoc states that here: http://www.acegisecurity.org/acegi-security/apidocs/org/acegisecurity/vote/RoleVoter.html. Now everything works like a charm! It's amazingly simple to just add or change an annotation, reload the page and being allowed or denied to view the page! Kudos to Howard (for Tapestry 5) and Robin (tapestry5-acegi) for such amazing work and support!!! :) Robin: what about having a warning in tapestry5-acegi docs about this error I've had? -- Thiago H. de Paula Figueiredo Desenvolvedor, Instrutor e Consultor de Tecnologia Eteg Tecnologia da Informação Ltda. http://www.eteg.com.br - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
T5: help needed with tapestry-acegi
Hi! I'm using the wonderful tapestry5-acegi integration but I need some help. I have an user that has a number of roles (GrantedAuthority instances), one of them named "Admin". When I annotate a page class with @Secured("Admin"), Acegi denies access to the page. I have just tried the same page, with the same annotation, now with an user with just one GrantedAuthority, "Admin". Now Acegi happily gives me access to the page. Does that mean that each user must have exactly one role (aka GrantedAuthority) in order to use the @Secured annotation? Thank you! -- Thiago H. de Paula Figueiredo Desenvolvedor, Instrutor e Consultor de Tecnologia Eteg Tecnologia da Informação Ltda. http://www.eteg.com.br - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [T4] Tapestry-Acegi error
My first guess would be that you refer to something called "ClassWorkers" in your hivemodule.xml, but it is undefined. I think it might be helpful if you posted your hivemodule.xml. Hth, Lutz On 8/8/07, kael20 <[EMAIL PROTECTED]> wrote: > > Hi, > > I am trying to setup tapestry-acegi using the wiki - > http://wiki.apache.org/tapestry/AcegiSpringJava5 > > > I have tried for several hours to solve this error but I have been > unsuccessful. Hoping someone might be able to shed some light on this: > > exception > > javax.servlet.ServletException: Unable to initialize application servlet: > Error at > jar:file:/C:/jboss/jboss-4.2.1.GA/server/default/tmp/deploy/tmp20641YingYang-exp.war/WEB-INF/lib/tapestry-acegi.jar!/META-INF/hivemodule.xml, > line 38, column 51: Module tapestry.acegi has contributed to unknown > configuration point ClassWorkers. The contribution has been ignored. > > org.apache.tapestry.ApplicationServlet.init(ApplicationServlet.java:206) > > org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179) > > org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84) > > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104) > > org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157) > > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241) > > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) > > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580) > > org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) > java.lang.Thread.run(Thread.java:619) > > root cause > > org.apache.hivemind.ApplicationRuntimeException: Error at > jar:file:/C:/jboss/jboss-4.2.1.GA/server/default/tmp/deploy/tmp20641YingYang-exp.war/WEB-INF/lib/tapestry-acegi.jar!/META-INF/hivemodule.xml, > line 38, column 51: Module tapestry.acegi has contributed to unknown > configuration point ClassWorkers. The contribution has been ignored. > [jar:file:/C:/jboss/jboss-4.2.1.GA/server/default/tmp/deploy/tmp20641YingYang-exp.war/WEB-INF/lib/tapestry-acegi.jar!/META-INF/hivemodule.xml, > line 38, column 51] > > org.apache.hivemind.impl.StrictErrorHandler.error(StrictErrorHandler.java:39) > > org.apache.hivemind.impl.RegistryInfrastructureConstructor.addContributions(RegistryInfrastructureConstructor.java:451) > > org.apache.hivemind.impl.RegistryInfrastructureConstructor.addImplementationsAndContributions(RegistryInfrastructureConstructor.java:400) > > org.apache.hivemind.impl.RegistryInfrastructureConstructor.constructRegistryInfrastructure(RegistryInfrastructureConstructor.java:176) > > org.apache.hivemind.impl.RegistryBuilder.constructRegistry(RegistryBuilder.java:151) > > org.apache.tapestry.ApplicationServlet.constructRegistry(ApplicationServlet.java:253) > > org.apache.tapestry.ApplicationServlet.init(ApplicationServlet.java:194) > > org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179) > > org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84) > > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104) > > org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157) > > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241) > > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) > > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580) > > org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) > java.lang.Thread.run(Thread.java:619) > > -- > View this message in context: > http://www.nabble.com/-T4--Tapestry-Acegi-error-tf4233997.html#a12046203 > Sent from the Tapestry - User mailing list archive at Nabble.com. > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[T4] Tapestry-Acegi error
Hi, I am trying to setup tapestry-acegi using the wiki - http://wiki.apache.org/tapestry/AcegiSpringJava5 I have tried for several hours to solve this error but I have been unsuccessful. Hoping someone might be able to shed some light on this: exception javax.servlet.ServletException: Unable to initialize application servlet: Error at jar:file:/C:/jboss/jboss-4.2.1.GA/server/default/tmp/deploy/tmp20641YingYang-exp.war/WEB-INF/lib/tapestry-acegi.jar!/META-INF/hivemodule.xml, line 38, column 51: Module tapestry.acegi has contributed to unknown configuration point ClassWorkers. The contribution has been ignored. org.apache.tapestry.ApplicationServlet.init(ApplicationServlet.java:206) org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179) org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84) org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104) org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157) org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241) org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580) org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) java.lang.Thread.run(Thread.java:619) root cause org.apache.hivemind.ApplicationRuntimeException: Error at jar:file:/C:/jboss/jboss-4.2.1.GA/server/default/tmp/deploy/tmp20641YingYang-exp.war/WEB-INF/lib/tapestry-acegi.jar!/META-INF/hivemodule.xml, line 38, column 51: Module tapestry.acegi has contributed to unknown configuration point ClassWorkers. The contribution has been ignored. [jar:file:/C:/jboss/jboss-4.2.1.GA/server/default/tmp/deploy/tmp20641YingYang-exp.war/WEB-INF/lib/tapestry-acegi.jar!/META-INF/hivemodule.xml, line 38, column 51] org.apache.hivemind.impl.StrictErrorHandler.error(StrictErrorHandler.java:39) org.apache.hivemind.impl.RegistryInfrastructureConstructor.addContributions(RegistryInfrastructureConstructor.java:451) org.apache.hivemind.impl.RegistryInfrastructureConstructor.addImplementationsAndContributions(RegistryInfrastructureConstructor.java:400) org.apache.hivemind.impl.RegistryInfrastructureConstructor.constructRegistryInfrastructure(RegistryInfrastructureConstructor.java:176) org.apache.hivemind.impl.RegistryBuilder.constructRegistry(RegistryBuilder.java:151) org.apache.tapestry.ApplicationServlet.constructRegistry(ApplicationServlet.java:253) org.apache.tapestry.ApplicationServlet.init(ApplicationServlet.java:194) org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179) org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84) org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104) org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157) org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241) org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580) org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) java.lang.Thread.run(Thread.java:619) -- View this message in context: http://www.nabble.com/-T4--Tapestry-Acegi-error-tf4233997.html#a12046203 Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tapestry-Acegi - carmanconsulting.com not responding
carlos f wrote: > > Also I can't seem to get anonymous access working to the svn repo - > http://svn.javaforge.com/svn/tapestry/tapestry-acegi/trunk > anonymous/anon works - chalk that up to user error Carlos -- View this message in context: http://www.nabble.com/Tapestry-Acegi---carmanconsulting.com-not-responding-tf3878665.html#a10992390 Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tapestry-Acegi - carmanconsulting.com not responding
Not sure if there is an issue on my end, but the the tapestry-acegi URL is not responding -- http://www.carmanconsulting.com/tapestry-acegi/ Also I can't seem to get anonymous access working to the svn repo - http://svn.javaforge.com/svn/tapestry/tapestry-acegi/trunk I am also having general issues with JavaForge . . . pages time out, I get 404 and 500 errors when i click on links etc. Does anyone know if the carmanconsulting site is up or if SVN anonymous access is working. Carlos -- View this message in context: http://www.nabble.com/Tapestry-Acegi---carmanconsulting.com-not-responding-tf3878665.html#a10991197 Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi
I will try it out, thanks a lot. Asim On 5/3/07, William Keller <[EMAIL PROTECTED]> wrote: I forgot to mention that you will need to map your User and GrantedAuthority as per usual on Acegi. The stuff I gave you doesn't go in depth on setting up your models (your User needs to implement UserDetails). Once you set up yoru GrantedAuthority for your users your tapestry pages can now use the annotations like mine: @Secured(value = { "ROLE_AGENT", "ROLE_ADMIN" }) Hope it works!
Re: tapestry-acegi
I forgot to mention that you will need to map your User and GrantedAuthority as per usual on Acegi. The stuff I gave you doesn't go in depth on setting up your models (your User needs to implement UserDetails). Once you set up yoru GrantedAuthority for your users your tapestry pages can now use the annotations like mine: @Secured(value = { "ROLE_AGENT", "ROLE_ADMIN" }) Hope it works!
Re: tapestry-acegi
I've got this working. Code supplied. Please customise for your purpose :) hivemodule.xml AuthoriserServiceImpl code: import org.acegisecurity.userdetails.UserDetails; import org.acegisecurity.userdetails.UsernameNotFoundException; import org.springframework.dao.DataAccessException; import org.springframework.transaction.annotation.Propagation; import org.springframework.transaction.annotation.Transactional; import com.ews.domain.core.User; import com.ews.domain.core.UserService; /** * Implementation of the authoriser service * * @author williamk * */ public class AuthoriserServiceImpl implements AuthoriserService { /** * Injected user service */ private UserService userService; /** * Constructor * * @param userService */ public AuthoriserServiceImpl(UserService userService) { this.userService = userService; } /** * [EMAIL PROTECTED] */ @Transactional(readOnly = true, propagation = Propagation.SUPPORTS) public UserDetails loadUserByUsername(String arg0) throws UsernameNotFoundException, DataAccessException { User user = userService.fetchByUsername(arg0); if (user == null) { throw new UsernameNotFoundException("Authentication failed"); } return user; } } Hopefully that will get you started! On 5/4/07, Asim Khaja <[EMAIL PROTECTED]> wrote: Is there a good tutorial on using the tapestry-acegi ( http://www.carmanconsulting.com/tapestry-acegi/) library? Thanks, Asim
tapestry-acegi
Is there a good tutorial on using the tapestry-acegi ( http://www.carmanconsulting.com/tapestry-acegi/) library? Thanks, Asim
Re: tapestry-acegi, how does SecurityUtilsImpl.accessDecisionManager get set?
No, you're looking at a different module entirely. The tapestry-acegi module relies upon the hivemind-acegi (usable in non-tapestry projects) module to set up the core Acegi stuff. On 3/21/07, Phillip C. Rhodes <[EMAIL PROTECTED]> wrote: Wow, it's evident in that version of hivemodule.xml For whatever reason, I must have a old copy of the tapestry-acegi project because the hivemodule.xml that I have been looking at is very different... Thanks. Phillip - Original Message - From: "James Carman" <[EMAIL PROTECTED]> To: "Tapestry users" Sent: Wednesday, March 21, 2007 4:05:41 PM (GMT-0500) America/New_York Subject: Re: tapestry-acegi, how does SecurityUtilsImpl.accessDecisionManager get set? Sorry, I hit "Send" too quickly. Here's the hivemodule (anonymous/anon to login of course): http://svn.javaforge.com/svn/hivemind/hivemind-acegi/trunk/src/main/resources/META-INF/hivemodule.xml On 3/21/07, James Carman <[EMAIL PROTECTED]> wrote: > > The AccessDecisionManager is defined by the hivemind-acegi module. > > On 3/21/07, Phillip Rhodes <[EMAIL PROTECTED] > wrote: > > > > I am implementing acegi/tapestry and pulling apart the wonderful work of > > James Carman (preserving the copyrights!) and re-implementing for my > > purposes. > > > > My @Secured annotation is erroring out in SecurityUtilsImpl when a call > > to the accessDecisionManager fails because it is null. How is the > > accessDecisionManager set in SecurityUtilsImpl? I reviewed the > > hivemodule.xml and do not see how it could be set... Could someone > > point out the magic in how the accessDecisionManager gets set? > > > > Thanks! > > > > > > > > > > > > It's for a project called authsum with is a security application that > > integrates with acegi. The cool part of it all is that it stores the > > authorizations in lucene and is available via xfire. Very enterprisy design > > (4 war files) I hope I to get some interest from the tapestry community. > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi, how does SecurityUtilsImpl.accessDecisionManager get set?
Wow, it's evident in that version of hivemodule.xml For whatever reason, I must have a old copy of the tapestry-acegi project because the hivemodule.xml that I have been looking at is very different... Thanks. Phillip - Original Message - From: "James Carman" <[EMAIL PROTECTED]> To: "Tapestry users" Sent: Wednesday, March 21, 2007 4:05:41 PM (GMT-0500) America/New_York Subject: Re: tapestry-acegi, how does SecurityUtilsImpl.accessDecisionManager get set? Sorry, I hit "Send" too quickly. Here's the hivemodule (anonymous/anon to login of course): http://svn.javaforge.com/svn/hivemind/hivemind-acegi/trunk/src/main/resources/META-INF/hivemodule.xml On 3/21/07, James Carman <[EMAIL PROTECTED]> wrote: > > The AccessDecisionManager is defined by the hivemind-acegi module. > > On 3/21/07, Phillip Rhodes <[EMAIL PROTECTED] > wrote: > > > > I am implementing acegi/tapestry and pulling apart the wonderful work of > > James Carman (preserving the copyrights!) and re-implementing for my > > purposes. > > > > My @Secured annotation is erroring out in SecurityUtilsImpl when a call > > to the accessDecisionManager fails because it is null. How is the > > accessDecisionManager set in SecurityUtilsImpl? I reviewed the > > hivemodule.xml and do not see how it could be set... Could someone > > point out the magic in how the accessDecisionManager gets set? > > > > Thanks! > > > > > > > > > > > > It's for a project called authsum with is a security application that > > integrates with acegi. The cool part of it all is that it stores the > > authorizations in lucene and is available via xfire. Very enterprisy design > > (4 war files) I hope I to get some interest from the tapestry community. > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi, how does SecurityUtilsImpl.accessDecisionManager get set?
Sorry, I hit "Send" too quickly. Here's the hivemodule (anonymous/anon to login of course): http://svn.javaforge.com/svn/hivemind/hivemind-acegi/trunk/src/main/resources/META-INF/hivemodule.xml On 3/21/07, James Carman <[EMAIL PROTECTED]> wrote: The AccessDecisionManager is defined by the hivemind-acegi module. On 3/21/07, Phillip Rhodes <[EMAIL PROTECTED] > wrote: > > I am implementing acegi/tapestry and pulling apart the wonderful work of > James Carman (preserving the copyrights!) and re-implementing for my > purposes. > > My @Secured annotation is erroring out in SecurityUtilsImpl when a call > to the accessDecisionManager fails because it is null. How is the > accessDecisionManager set in SecurityUtilsImpl? I reviewed the > hivemodule.xml and do not see how it could be set... Could someone > point out the magic in how the accessDecisionManager gets set? > > Thanks! > > > > > > It's for a project called authsum with is a security application that > integrates with acegi. The cool part of it all is that it stores the > authorizations in lucene and is available via xfire. Very enterprisy design > (4 war files) I hope I to get some interest from the tapestry community. > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
Re: tapestry-acegi, how does SecurityUtilsImpl.accessDecisionManager get set?
The AccessDecisionManager is defined by the hivemind-acegi module. On 3/21/07, Phillip Rhodes <[EMAIL PROTECTED]> wrote: I am implementing acegi/tapestry and pulling apart the wonderful work of James Carman (preserving the copyrights!) and re-implementing for my purposes. My @Secured annotation is erroring out in SecurityUtilsImpl when a call to the accessDecisionManager fails because it is null. How is the accessDecisionManager set in SecurityUtilsImpl? I reviewed the hivemodule.xml and do not see how it could be set... Could someone point out the magic in how the accessDecisionManager gets set? Thanks! It's for a project called authsum with is a security application that integrates with acegi. The cool part of it all is that it stores the authorizations in lucene and is available via xfire. Very enterprisy design (4 war files) I hope I to get some interest from the tapestry community. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
tapestry-acegi, how does SecurityUtilsImpl.accessDecisionManager get set?
I am implementing acegi/tapestry and pulling apart the wonderful work of James Carman (preserving the copyrights!) and re-implementing for my purposes. My @Secured annotation is erroring out in SecurityUtilsImpl when a call to the accessDecisionManager fails because it is null. How is the accessDecisionManager set in SecurityUtilsImpl? I reviewed the hivemodule.xml and do not see how it could be set... Could someone point out the magic in how the accessDecisionManager gets set? Thanks! It's for a project called authsum with is a security application that integrates with acegi. The cool part of it all is that it stores the authorizations in lucene and is available via xfire. Very enterprisy design (4 war files) I hope I to get some interest from the tapestry community. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi for basic auth only?
On 3/19/07, Phillip Rhodes <[EMAIL PROTECTED]> wrote: From my understanding of tapestry-acegi (http://www.carmanconsulting.com/tapestry-acegi/) , it appears to support basic authentication, not form-based or other types of authentication. Can someone confirm my view? Confirmed. Although I have form-based authentication working. James wanted to integrate this into tapestry-acegi but I haven't heard anything from him since. -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
tapestry-acegi for basic auth only?
>From my understanding of tapestry-acegi >(http://www.carmanconsulting.com/tapestry-acegi/) , it appears to support >basic authentication, not form-based or other types of authentication. Can someone confirm my view? Thanks! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi and tapestry 4.1
Hello James, can you please update the tapestry-acegi pom. I have downloaded tapestry-acegi from svn, import it into Eclipse, modified the pom.xml and install tapestry-acegi snapshot into my local repo. I used this dependencies and first tests show that my T4.1.1 application which depends on my local tapestry-acegi works. Here are the deps: junit junit [3.8.1,) test easymock easymock 1.1 test commons-logging commons-logging [1.0.4,) hivemind hivemind 1.1.1 hivemind hivemind-lib 1.1.1 javassist javassist 3.0 oro oro 2.0.8 com.javaforge.hivemind hivemind-utils 0.1-SNAPSHOT log4j log4j [1.2.11,) true org.acegisecurity acegi-security [1.0.0,) org.acegisecurity acegi-security-tiger [1.0.0,) org.apache.tapestry tapestry-framework [4.1.1,) org.apache.tapestry tapestry-annotations [4.1.1,) javax.servlet servlet-api 2.4 provided Maybe it would be better if you make tapestry-acegi 1.0.0. Cheers, Borut On 26.12.2006 19:53, James Carman wrote: I haven't tried it, but it should work as far as I know. You can override the dependency in your own pom file On 12/26/06, Robert Binna <[EMAIL PROTECTED]> wrote: Hi I justed wanted to use tapestry-acegi on a project of mine that uses tapestry 4.1. Has someone get it working because the current pom file is for tapestry 4.0? Kind regards, Robert - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --
AW: [WARNING] AW: Problem with user logout (Tapestry-Acegi)
hi jake, i did not mean the html-header but the http-header. i think that you can have a look at your online-banking application. they are probably doing the same thing. i remember an older thread in this mailing list about this topic. perhaps you should aks google ;-) -Ursprüngliche Nachricht- Von: jake123 [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 16. Februar 2007 15:26 An: users@tapestry.apache.org Betreff: Re: [WARNING] AW: Problem with user logout (Tapestry-Acegi) Hi Peter, thanks for your response, I tried to add in the head tag in all my pages that contains a secured annotation and then tried to logout and hit the back button on my browser and I still get the same result... I end up in the secured page... so it seems to not have any effect at all. My logout function looks like this: public String onLogOut(IRequestCycle cycle) { getSessionUserInfo().setUserRoles(null); getSessionUserInfo().setUserName(null); getSessionUserInfo().setPassword(null); /* RESET ACEGI AUTHENTICATION TO NULL */ SecurityContextHolder.clearContext(); return HomeDispatcher.PAGE_NAME; } Any other suggestions? Thanks again, Jacob -- View this message in context: http://www.nabble.com/Problem-with-user-logout-%28Tapestry-Acegi%29-tf3236292.html#a9005154 Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [WARNING] AW: Problem with user logout (Tapestry-Acegi)
Hi Peter, thanks for your response, I tried to add in the head tag in all my pages that contains a secured annotation and then tried to logout and hit the back button on my browser and I still get the same result... I end up in the secured page... so it seems to not have any effect at all. My logout function looks like this: public String onLogOut(IRequestCycle cycle) { getSessionUserInfo().setUserRoles(null); getSessionUserInfo().setUserName(null); getSessionUserInfo().setPassword(null); /* RESET ACEGI AUTHENTICATION TO NULL */ SecurityContextHolder.clearContext(); return HomeDispatcher.PAGE_NAME; } Any other suggestions? Thanks again, Jacob -- View this message in context: http://www.nabble.com/Problem-with-user-logout-%28Tapestry-Acegi%29-tf3236292.html#a9005154 Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
AW: Problem with user logout (Tapestry-Acegi)
hi jacob, i think that this can be achieved by disabling the caching in the http response. Cache-Control: no-cache so that the browser tries to fetch a fresh version of this page. -Ursprüngliche Nachricht- Von: jake123 [mailto:[EMAIL PROTECTED] Gesendet: Donnerstag, 15. Februar 2007 22:47 An: users@tapestry.apache.org Betreff: Problem with user logout (Tapestry-Acegi) Hi all, I have a problem when a logged in user are about to logout. If I only empty my user information in session object and using SecurityContextHolder.getContext().setAuthentication(null); to empty the acegi part the user can still come back to the secured page using the browsers back button. I need to make this not possible. Does anybody know how to solve this? Thanks, Jacob -- View this message in context: http://www.nabble.com/Problem-with-user-logout-%28Tapestry-Acegi%29-tf3236292.html#a8994383 Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Problem with user logout (Tapestry-Acegi)
Hi all, I have a problem when a logged in user are about to logout. If I only empty my user information in session object and using SecurityContextHolder.getContext().setAuthentication(null); to empty the acegi part the user can still come back to the secured page using the browsers back button. I need to make this not possible. Does anybody know how to solve this? Thanks, Jacob -- View this message in context: http://www.nabble.com/Problem-with-user-logout-%28Tapestry-Acegi%29-tf3236292.html#a8994383 Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Still having some problem with Tapestry + Acegi
Hi, I am still trying to make tapestry + Acegi to work together and I have had some success... I have followed the AcegiSpringJave5 Wiki and some additional codes provided by Robin Ericsson. In my solution now I get authenticated but I dont get redirected to the right page... I end up back on the login page. I have put in some System.out in the onLogin mehtod and I got this output. 10:08:43,328 INFO [STDOUT] trying to authenticate... 10:08:43,343 INFO [STDOUT] authResult = [EMAIL PROTECTED]: Usern ame: [EMAIL PROTECTED]: Username: WILLS; Password: [PROTECTED]; Enabled: true; AccountNonExpired: tru e; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_REP_ADMIN, ROLE_USER; Password: [PROTE CTED]; Authenticated: true; Details: [EMAIL PROTECTED]: RemoteIpAddress: 127.0.0.1; Sessio nId: 1689E2C5A526D7C2E889C995E8A036B5; Granted Authorities: ROLE_REP_ADMIN, ROLE_USER 10:08:43,343 INFO [STDOUT] *** Validated true 10:08:43,343 INFO [STDOUT] auth name = WILLS 10:08:43,359 INFO [STDOUT] auth getCredentials = dunder 10:08:43,359 INFO [STDOUT] auth getDetails = [EMAIL PROTECTED]: RemoteIpAddress: 127.0.0. 1; SessionId: 1689E2C5A526D7C2E889C995E8A036B5 10:08:43,359 INFO [STDOUT] auth getPrincipal = [EMAIL PROTECTED]: Username: WILLS; Password: [PROTEC TED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_REP_ADMIN, ROLE_USER And on my page I am trying to get to I have this annotation: @Secured({"ROLE_REP_ADMIN", "ROLE_USER"}) My onLogin method looks like this: if( !getProcessingFilter().attemptAuthentication( getUserName(), getPassword() ) ) { System.out.println(" Invalid acegi login"); } else { System.out.println("*** Validated true"); Authentication auth = SecurityContextHolder.getContext().getAuthentication(); if( auth != null ) { System.out.println("auth name = " + auth.getName()); System.out.println("auth getCredentials = " + auth.getCredentials()); System.out.println("auth getDetails = " + auth.getDetails()); System.out.println("auth getPrincipal = " + auth.getPrincipal()); } log.info("Logged User : " + user.getUserName()); setUsernameAndPasswordToSession(username, password); getAppUserService().createNewLoginEventForUser(getUserName(), ipNumber, resolution, getBrowser(), null, false); throw new PageRedirectException(WebAdminTemplatePage.PAGE_NAME); } I also tried to use return PAGE_NAME instead of throw PageRedirectException but there is no difference. Does anybody know how to solve this? Thanks, Jacob -- View this message in context: http://www.nabble.com/Still-having-some-problem-with-Tapestry-%2B-Acegi-tf3214425.html#a8926446 Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tapestry-acegi auth
Sorry, but I haven't had time to reply to this thread, but have you looked at the Wiki page: http://wiki.apache.org/tapestry/AcegiSpringJava5 On 1/5/07, Firas Adiler <[EMAIL PROTECTED]> wrote: Hi Kevin, This exception is "thrown if an Authentication object does not hold a required authority". "ROLE_USER" is the authority you used to secure your pages. It seems that your Acegi configuration is not complete. I'm a beginner myself and found this page very helpful: http://www.tfo-eservices.eu/wb_tutorials/media/SpringAcegiTutorial/HTML/Spri ngAcegiTutorial-1_1-html.html Keep in mind, though, that the tutorial above uses spring-style configuration of acegi, i.e. using application context (xml) config file. Apparently, one could achieve the same result using tapestry-acegi and hivemind. I couldn't get it to work though. My current (working) acegi configuration is based on this guide: http://forum.springframework.org/showthread.php?t=24013&highlight=tapestry Hope this helps, -Original Message- From: Kevin Menard [mailto:[EMAIL PROTECTED] Sent: Thursday, January 04, 2007 7:21 PM To: Tapestry users Subject: Tapestry-acegi auth Hi, I'm having some difficulty using tapestry-acegi. I can secure a page fine, but I can't figure out how to allow a user to auth. Unfortunately, my experience with Acegi in general is practically non-existent, so I may just be doing something dumb there. I have a page marked @Secured("ROLE_USER"), but when I access it, all I get is org.acegisecurity.AccessDeniedException. My HiveMind registry contains the following: with the UserDetailsService implementation basically being a no-op. I've set a break point in the service and it never gets executed. I am using both tapestry-acegi and hivemind-acegi-dao, for what it's worth. Any help would be much appreciated. Thanks, Kevin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tapestry-acegi auth
Hi Kevin, This exception is "thrown if an Authentication object does not hold a required authority". "ROLE_USER" is the authority you used to secure your pages. It seems that your Acegi configuration is not complete. I'm a beginner myself and found this page very helpful: http://www.tfo-eservices.eu/wb_tutorials/media/SpringAcegiTutorial/HTML/Spri ngAcegiTutorial-1_1-html.html Keep in mind, though, that the tutorial above uses spring-style configuration of acegi, i.e. using application context (xml) config file. Apparently, one could achieve the same result using tapestry-acegi and hivemind. I couldn't get it to work though. My current (working) acegi configuration is based on this guide: http://forum.springframework.org/showthread.php?t=24013&highlight=tapestry Hope this helps, -Original Message- From: Kevin Menard [mailto:[EMAIL PROTECTED] Sent: Thursday, January 04, 2007 7:21 PM To: Tapestry users Subject: Tapestry-acegi auth Hi, I'm having some difficulty using tapestry-acegi. I can secure a page fine, but I can't figure out how to allow a user to auth. Unfortunately, my experience with Acegi in general is practically non-existent, so I may just be doing something dumb there. I have a page marked @Secured("ROLE_USER"), but when I access it, all I get is org.acegisecurity.AccessDeniedException. My HiveMind registry contains the following: with the UserDetailsService implementation basically being a no-op. I've set a break point in the service and it never gets executed. I am using both tapestry-acegi and hivemind-acegi-dao, for what it's worth. Any help would be much appreciated. Thanks, Kevin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tapestry-acegi auth
Hi, I'm having some difficulty using tapestry-acegi. I can secure a page fine, but I can't figure out how to allow a user to auth. Unfortunately, my experience with Acegi in general is practically non-existent, so I may just be doing something dumb there. I have a page marked @Secured("ROLE_USER"), but when I access it, all I get is org.acegisecurity.AccessDeniedException. My HiveMind registry contains the following: with the UserDetailsService implementation basically being a no-op. I've set a break point in the service and it never gets executed. I am using both tapestry-acegi and hivemind-acegi-dao, for what it's worth. Any help would be much appreciated. Thanks, Kevin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi and tapestry 4.1
I haven't tried it, but it should work as far as I know. You can override the dependency in your own pom file On 12/26/06, Robert Binna <[EMAIL PROTECTED]> wrote: Hi I justed wanted to use tapestry-acegi on a project of mine that uses tapestry 4.1. Has someone get it working because the current pom file is for tapestry 4.0? Kind regards, Robert - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
tapestry-acegi and tapestry 4.1
Hi I justed wanted to use tapestry-acegi on a project of mine that uses tapestry 4.1. Has someone get it working because the current pom file is for tapestry 4.0? Kind regards, Robert - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
tapestry-acegi question
I see there is a @Secure annotation that will secure a page/listener for a role. Is there an annotation that will secure a page/listener for just an authenticated user? I just want to make certain that someone is logged in, I don't need to protect it by role. Thanks. BTW, this is for a tapestry-based authorization/identity server that I am working on. hope it's cool. http://www.authsum.org (i.e. awesome! "sum of authorizations") Overview http://www.authsum.org/overview/index.html Phillip - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: @Secured from tapestry-acegi
Thanks a lot James. I did not know about hivemind-acegi-dao.jar. I'll try your tips soon. regards, cyrille James Carman a écrit : If you want to use a DAO-based (where you get auth information from a db or something) authentication manager, you can drop in the hivemind-acegi-dao.jar file into your classpath. Then, you have to provide an implementation for the hivemind.acegi.dao.UserDetailsService service point: There are some pre-defined implementations of UserDetailsService, but to get the idea working you can provide a dummy implementation just to make sure everything is pieced together correctly. On 11/29/06, Cyrille37 <[EMAIL PROTECTED]> wrote: James Carman a écrit : > Ahh yes. You do need to tell Acegi how you want to authenticate, so > you need to have an implementation defined for the > AuthenticationManager service point I define. Hello James, Could you please give me a little example, or write a little howto somewhere (tapestry's wiki ?). Thanks cyrille. > > > On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote: >> James Carman a écrit : >> > You don't need spring at all. You would use your own hivemodule.xml. >> > I believe you can just drop in the jar and the BASIC HTTP >> > authentication will work. There are customization points you can use >> > (like the name of your "realm" and stuff), but it should work "out of >> > the box." >> Hi James, >> >> I've remove all stuff about acegi form my project. >> Just added tapestry-acegi.jar in the Tomcat lib folder. >> >> When starting Tomcat, the following exception is throwed. It claims "An >> AuthenticationManager". >> >> ERROR [[Catalina].[localhost].[/Tapestry03].[tapestry03AppServlet]] >> "Servlet.service()" pour la servlet tapestry03AppServlet a généré une >> exception >> org.apache.hivemind.ApplicationRuntimeException: Unable to construct >> service tapestry.acegi.BasicProcessingFilter: Error building service >> tapestry.acegi.BasicProcessingFilter: Error at >> jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml, >> >> line 46, column 63: Unable to initialize service >> tapestry.acegi.BasicProcessingFilter (by invoking method >> afterPropertiesSet on >> org.acegisecurity.ui.basicauth.BasicProcessingFilter): An >> AuthenticationManager is required >> [jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml, >> >> line 44, column 25] >> at >> org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructNewServiceImplementation(AbstractServiceModelImpl.java:165) >> >> at >> org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructServiceImplementation(AbstractServiceModelImpl.java:139) >> >> at >> org.apache.hivemind.impl.servicemodel.SingletonServiceModel.getActualServiceImplementation(SingletonServiceModel.java:68) >> >> at $Filter_10f30d59ebf._service($Filter_10f30d59ebf.java) >> at $Filter_10f30d59ebf.doFilter($Filter_10f30d59ebf.java) >> at $Filter_10f30d59ebe.doFilter($Filter_10f30d59ebe.java) >> at >> com.javaforge.tapestry.acegi.filter.ServletRequestServicerFilterAdapter.service(ServletRequestServicerFilterAdapter.java:42) >> >> at >> $ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) >> >> at >> org.apache.tapestry.multipart.MultipartDecoderFilter.service(MultipartDecoderFilter.java:52) >> >> at >> $ServletRequestServicerFilter_10f30d59eb7.service($ServletRequestServicerFilter_10f30d59eb7.java) >> >> at >> $ServletRequestServicerFilter_10f30d59eb6.service($ServletRequestServicerFilter_10f30d59eb6.java) >> >> at >> $ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) >> >> at >> org.apache.tapestry.services.impl.SetupRequestEncoding.service(SetupRequestEncoding.java:53) >> >> at >> $ServletRequestServicerFilter_10f30d59ec5.service($ServletRequestServicerFilter_10f30d59ec5.java) >> >> at >> $ServletRequestServicerFilter_10f30d59ec4.service($ServletRequestServicerFilter_10f30d59ec4.java) >> >> at >> $ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) >> >> at >> com.javaforge.tapestry.acegi.filter.FilterChainAdapter.doFilter(FilterChainAdapter.java:43) >> >> > >> > >> > On 11/28/06, Cy
Re: @Secured from tapestry-acegi
If you want to use a DAO-based (where you get auth information from a db or something) authentication manager, you can drop in the hivemind-acegi-dao.jar file into your classpath. Then, you have to provide an implementation for the hivemind.acegi.dao.UserDetailsService service point: There are some pre-defined implementations of UserDetailsService, but to get the idea working you can provide a dummy implementation just to make sure everything is pieced together correctly. On 11/29/06, Cyrille37 <[EMAIL PROTECTED]> wrote: James Carman a écrit : > Ahh yes. You do need to tell Acegi how you want to authenticate, so > you need to have an implementation defined for the > AuthenticationManager service point I define. Hello James, Could you please give me a little example, or write a little howto somewhere (tapestry's wiki ?). Thanks cyrille. > > > On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote: >> James Carman a écrit : >> > You don't need spring at all. You would use your own hivemodule.xml. >> > I believe you can just drop in the jar and the BASIC HTTP >> > authentication will work. There are customization points you can use >> > (like the name of your "realm" and stuff), but it should work "out of >> > the box." >> Hi James, >> >> I've remove all stuff about acegi form my project. >> Just added tapestry-acegi.jar in the Tomcat lib folder. >> >> When starting Tomcat, the following exception is throwed. It claims "An >> AuthenticationManager". >> >> ERROR [[Catalina].[localhost].[/Tapestry03].[tapestry03AppServlet]] >> "Servlet.service()" pour la servlet tapestry03AppServlet a généré une >> exception >> org.apache.hivemind.ApplicationRuntimeException: Unable to construct >> service tapestry.acegi.BasicProcessingFilter: Error building service >> tapestry.acegi.BasicProcessingFilter: Error at >> jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml, >> >> line 46, column 63: Unable to initialize service >> tapestry.acegi.BasicProcessingFilter (by invoking method >> afterPropertiesSet on >> org.acegisecurity.ui.basicauth.BasicProcessingFilter): An >> AuthenticationManager is required >> [jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml, >> >> line 44, column 25] >> at >> org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructNewServiceImplementation(AbstractServiceModelImpl.java:165) >> >> at >> org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructServiceImplementation(AbstractServiceModelImpl.java:139) >> >> at >> org.apache.hivemind.impl.servicemodel.SingletonServiceModel.getActualServiceImplementation(SingletonServiceModel.java:68) >> >> at $Filter_10f30d59ebf._service($Filter_10f30d59ebf.java) >> at $Filter_10f30d59ebf.doFilter($Filter_10f30d59ebf.java) >> at $Filter_10f30d59ebe.doFilter($Filter_10f30d59ebe.java) >> at >> com.javaforge.tapestry.acegi.filter.ServletRequestServicerFilterAdapter.service(ServletRequestServicerFilterAdapter.java:42) >> >> at >> $ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) >> >> at >> org.apache.tapestry.multipart.MultipartDecoderFilter.service(MultipartDecoderFilter.java:52) >> >> at >> $ServletRequestServicerFilter_10f30d59eb7.service($ServletRequestServicerFilter_10f30d59eb7.java) >> >> at >> $ServletRequestServicerFilter_10f30d59eb6.service($ServletRequestServicerFilter_10f30d59eb6.java) >> >> at >> $ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) >> >> at >> org.apache.tapestry.services.impl.SetupRequestEncoding.service(SetupRequestEncoding.java:53) >> >> at >> $ServletRequestServicerFilter_10f30d59ec5.service($ServletRequestServicerFilter_10f30d59ec5.java) >> >> at >> $ServletRequestServicerFilter_10f30d59ec4.service($ServletRequestServicerFilter_10f30d59ec4.java) >> >> at >> $ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) >> >> at >> com.javaforge.tapestry.acegi.filter.FilterChainAdapter.doFilter(FilterChainAdapter.java:43) >> >> > >> > >> > On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote: >> >> James Carman a écrit : >> >> > The @Secured annotation is from the Acegi library (you have to >&g
Re: @Secured from tapestry-acegi
James Carman a écrit : Ahh yes. You do need to tell Acegi how you want to authenticate, so you need to have an implementation defined for the AuthenticationManager service point I define. Hello James, Could you please give me a little example, or write a little howto somewhere (tapestry's wiki ?). Thanks cyrille. On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote: James Carman a écrit : > You don't need spring at all. You would use your own hivemodule.xml. > I believe you can just drop in the jar and the BASIC HTTP > authentication will work. There are customization points you can use > (like the name of your "realm" and stuff), but it should work "out of > the box." Hi James, I've remove all stuff about acegi form my project. Just added tapestry-acegi.jar in the Tomcat lib folder. When starting Tomcat, the following exception is throwed. It claims "An AuthenticationManager". ERROR [[Catalina].[localhost].[/Tapestry03].[tapestry03AppServlet]] "Servlet.service()" pour la servlet tapestry03AppServlet a généré une exception org.apache.hivemind.ApplicationRuntimeException: Unable to construct service tapestry.acegi.BasicProcessingFilter: Error building service tapestry.acegi.BasicProcessingFilter: Error at jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml, line 46, column 63: Unable to initialize service tapestry.acegi.BasicProcessingFilter (by invoking method afterPropertiesSet on org.acegisecurity.ui.basicauth.BasicProcessingFilter): An AuthenticationManager is required [jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml, line 44, column 25] at org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructNewServiceImplementation(AbstractServiceModelImpl.java:165) at org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructServiceImplementation(AbstractServiceModelImpl.java:139) at org.apache.hivemind.impl.servicemodel.SingletonServiceModel.getActualServiceImplementation(SingletonServiceModel.java:68) at $Filter_10f30d59ebf._service($Filter_10f30d59ebf.java) at $Filter_10f30d59ebf.doFilter($Filter_10f30d59ebf.java) at $Filter_10f30d59ebe.doFilter($Filter_10f30d59ebe.java) at com.javaforge.tapestry.acegi.filter.ServletRequestServicerFilterAdapter.service(ServletRequestServicerFilterAdapter.java:42) at $ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) at org.apache.tapestry.multipart.MultipartDecoderFilter.service(MultipartDecoderFilter.java:52) at $ServletRequestServicerFilter_10f30d59eb7.service($ServletRequestServicerFilter_10f30d59eb7.java) at $ServletRequestServicerFilter_10f30d59eb6.service($ServletRequestServicerFilter_10f30d59eb6.java) at $ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) at org.apache.tapestry.services.impl.SetupRequestEncoding.service(SetupRequestEncoding.java:53) at $ServletRequestServicerFilter_10f30d59ec5.service($ServletRequestServicerFilter_10f30d59ec5.java) at $ServletRequestServicerFilter_10f30d59ec4.service($ServletRequestServicerFilter_10f30d59ec4.java) at $ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) at com.javaforge.tapestry.acegi.filter.FilterChainAdapter.doFilter(FilterChainAdapter.java:43) > > > On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote: >> James Carman a écrit : >> > The @Secured annotation is from the Acegi library (you have to get the >> > "tiger" jar). >> Thanks a lot. I'm a beginner ... >> >> Are directives in the hivemodule.xml from tapestry-acegi.jar are >> sufficients, or we need to put some more directives in web.xml or spring >> 's applicationContext-security.xml ? >> >> Cyrille >> > >> > On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote: >> >> Hello, >> >> >> >> I'm trying to integrate Acegi by using tapestry-acegi from >> >> carmanconsulting.com. >> >> >> >> I've imported com.javaforge.tapestry.acegi.enhance.* but Java do not >> >> recognize the @Secured decoration. >> >> >> >> import com.javaforge.tapestry.acegi.*; >> >> import com.javaforge.tapestry.acegi.enhance.*; >> >> @Secured("ROLE_USER") >> >> public abstract class UserForm extends BasePage implements >> >> PageBeginRenderListener >> >> { >> >> ... >> >> >> >> Have you got an idea ? >> >> Thanks >> >> cyrille >> - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: @Secured from tapestry-acegi
Ahh yes. You do need to tell Acegi how you want to authenticate, so you need to have an implementation defined for the AuthenticationManager service point I define. On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote: James Carman a écrit : > You don't need spring at all. You would use your own hivemodule.xml. > I believe you can just drop in the jar and the BASIC HTTP > authentication will work. There are customization points you can use > (like the name of your "realm" and stuff), but it should work "out of > the box." Hi James, I've remove all stuff about acegi form my project. Just added tapestry-acegi.jar in the Tomcat lib folder. When starting Tomcat, the following exception is throwed. It claims "An AuthenticationManager". ERROR [[Catalina].[localhost].[/Tapestry03].[tapestry03AppServlet]] "Servlet.service()" pour la servlet tapestry03AppServlet a généré une exception org.apache.hivemind.ApplicationRuntimeException: Unable to construct service tapestry.acegi.BasicProcessingFilter: Error building service tapestry.acegi.BasicProcessingFilter: Error at jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml, line 46, column 63: Unable to initialize service tapestry.acegi.BasicProcessingFilter (by invoking method afterPropertiesSet on org.acegisecurity.ui.basicauth.BasicProcessingFilter): An AuthenticationManager is required [jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml, line 44, column 25] at org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructNewServiceImplementation(AbstractServiceModelImpl.java:165) at org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructServiceImplementation(AbstractServiceModelImpl.java:139) at org.apache.hivemind.impl.servicemodel.SingletonServiceModel.getActualServiceImplementation(SingletonServiceModel.java:68) at $Filter_10f30d59ebf._service($Filter_10f30d59ebf.java) at $Filter_10f30d59ebf.doFilter($Filter_10f30d59ebf.java) at $Filter_10f30d59ebe.doFilter($Filter_10f30d59ebe.java) at com.javaforge.tapestry.acegi.filter.ServletRequestServicerFilterAdapter.service(ServletRequestServicerFilterAdapter.java:42) at $ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) at org.apache.tapestry.multipart.MultipartDecoderFilter.service(MultipartDecoderFilter.java:52) at $ServletRequestServicerFilter_10f30d59eb7.service($ServletRequestServicerFilter_10f30d59eb7.java) at $ServletRequestServicerFilter_10f30d59eb6.service($ServletRequestServicerFilter_10f30d59eb6.java) at $ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) at org.apache.tapestry.services.impl.SetupRequestEncoding.service(SetupRequestEncoding.java:53) at $ServletRequestServicerFilter_10f30d59ec5.service($ServletRequestServicerFilter_10f30d59ec5.java) at $ServletRequestServicerFilter_10f30d59ec4.service($ServletRequestServicerFilter_10f30d59ec4.java) at $ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) at com.javaforge.tapestry.acegi.filter.FilterChainAdapter.doFilter(FilterChainAdapter.java:43) > > > On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote: >> James Carman a écrit : >> > The @Secured annotation is from the Acegi library (you have to get the >> > "tiger" jar). >> Thanks a lot. I'm a beginner ... >> >> Are directives in the hivemodule.xml from tapestry-acegi.jar are >> sufficients, or we need to put some more directives in web.xml or spring >> 's applicationContext-security.xml ? >> >> Cyrille >> > >> > On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote: >> >> Hello, >> >> >> >> I'm trying to integrate Acegi by using tapestry-acegi from >> >> carmanconsulting.com. >> >> >> >> I've imported com.javaforge.tapestry.acegi.enhance.* but Java do not >> >> recognize the @Secured decoration. >> >> >> >> import com.javaforge.tapestry.acegi.*; >> >> import com.javaforge.tapestry.acegi.enhance.*; >> >> @Secured("ROLE_USER") >> >> public abstract class UserForm extends BasePage implements >> >> PageBeginRenderListener >> >> { >> >> ... >> >> >> >> Have you got an idea ? >> >> Thanks >> >> cyrille >> - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: @Secured from tapestry-acegi
James Carman a écrit : You don't need spring at all. You would use your own hivemodule.xml. I believe you can just drop in the jar and the BASIC HTTP authentication will work. There are customization points you can use (like the name of your "realm" and stuff), but it should work "out of the box." Hi James, I've remove all stuff about acegi form my project. Just added tapestry-acegi.jar in the Tomcat lib folder. When starting Tomcat, the following exception is throwed. It claims "An AuthenticationManager". ERROR [[Catalina].[localhost].[/Tapestry03].[tapestry03AppServlet]] "Servlet.service()" pour la servlet tapestry03AppServlet a généré une exception org.apache.hivemind.ApplicationRuntimeException: Unable to construct service tapestry.acegi.BasicProcessingFilter: Error building service tapestry.acegi.BasicProcessingFilter: Error at jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml, line 46, column 63: Unable to initialize service tapestry.acegi.BasicProcessingFilter (by invoking method afterPropertiesSet on org.acegisecurity.ui.basicauth.BasicProcessingFilter): An AuthenticationManager is required [jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml, line 44, column 25] at org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructNewServiceImplementation(AbstractServiceModelImpl.java:165) at org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructServiceImplementation(AbstractServiceModelImpl.java:139) at org.apache.hivemind.impl.servicemodel.SingletonServiceModel.getActualServiceImplementation(SingletonServiceModel.java:68) at $Filter_10f30d59ebf._service($Filter_10f30d59ebf.java) at $Filter_10f30d59ebf.doFilter($Filter_10f30d59ebf.java) at $Filter_10f30d59ebe.doFilter($Filter_10f30d59ebe.java) at com.javaforge.tapestry.acegi.filter.ServletRequestServicerFilterAdapter.service(ServletRequestServicerFilterAdapter.java:42) at $ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) at org.apache.tapestry.multipart.MultipartDecoderFilter.service(MultipartDecoderFilter.java:52) at $ServletRequestServicerFilter_10f30d59eb7.service($ServletRequestServicerFilter_10f30d59eb7.java) at $ServletRequestServicerFilter_10f30d59eb6.service($ServletRequestServicerFilter_10f30d59eb6.java) at $ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) at org.apache.tapestry.services.impl.SetupRequestEncoding.service(SetupRequestEncoding.java:53) at $ServletRequestServicerFilter_10f30d59ec5.service($ServletRequestServicerFilter_10f30d59ec5.java) at $ServletRequestServicerFilter_10f30d59ec4.service($ServletRequestServicerFilter_10f30d59ec4.java) at $ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) at com.javaforge.tapestry.acegi.filter.FilterChainAdapter.doFilter(FilterChainAdapter.java:43) On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote: James Carman a écrit : > The @Secured annotation is from the Acegi library (you have to get the > "tiger" jar). Thanks a lot. I'm a beginner ... Are directives in the hivemodule.xml from tapestry-acegi.jar are sufficients, or we need to put some more directives in web.xml or spring 's applicationContext-security.xml ? Cyrille > > On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote: >> Hello, >> >> I'm trying to integrate Acegi by using tapestry-acegi from >> carmanconsulting.com. >> >> I've imported com.javaforge.tapestry.acegi.enhance.* but Java do not >> recognize the @Secured decoration. >> >> import com.javaforge.tapestry.acegi.*; >> import com.javaforge.tapestry.acegi.enhance.*; >> @Secured("ROLE_USER") >> public abstract class UserForm extends BasePage implements >> PageBeginRenderListener >> { >> ... >> >> Have you got an idea ? >> Thanks >> cyrille - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: @Secured from tapestry-acegi
You don't need spring at all. You would use your own hivemodule.xml. I believe you can just drop in the jar and the BASIC HTTP authentication will work. There are customization points you can use (like the name of your "realm" and stuff), but it should work "out of the box." On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote: James Carman a écrit : > The @Secured annotation is from the Acegi library (you have to get the > "tiger" jar). Thanks a lot. I'm a beginner ... Are directives in the hivemodule.xml from tapestry-acegi.jar are sufficients, or we need to put some more directives in web.xml or spring 's applicationContext-security.xml ? Cyrille > > On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote: >> Hello, >> >> I'm trying to integrate Acegi by using tapestry-acegi from >> carmanconsulting.com. >> >> I've imported com.javaforge.tapestry.acegi.enhance.* but Java do not >> recognize the @Secured decoration. >> >> import com.javaforge.tapestry.acegi.*; >> import com.javaforge.tapestry.acegi.enhance.*; >> @Secured("ROLE_USER") >> public abstract class UserForm extends BasePage implements >> PageBeginRenderListener >> { >> ... >> >> Have you got an idea ? >> Thanks >> cyrille - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: @Secured from tapestry-acegi
James Carman a écrit : The @Secured annotation is from the Acegi library (you have to get the "tiger" jar). Thanks a lot. I'm a beginner ... Are directives in the hivemodule.xml from tapestry-acegi.jar are sufficients, or we need to put some more directives in web.xml or spring 's applicationContext-security.xml ? Cyrille On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote: Hello, I'm trying to integrate Acegi by using tapestry-acegi from carmanconsulting.com. I've imported com.javaforge.tapestry.acegi.enhance.* but Java do not recognize the @Secured decoration. import com.javaforge.tapestry.acegi.*; import com.javaforge.tapestry.acegi.enhance.*; @Secured("ROLE_USER") public abstract class UserForm extends BasePage implements PageBeginRenderListener { ... Have you got an idea ? Thanks cyrille - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: @Secured from tapestry-acegi
The @Secured annotation is from the Acegi library (you have to get the "tiger" jar). On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote: Hello, I'm trying to integrate Acegi by using tapestry-acegi from carmanconsulting.com. I've imported com.javaforge.tapestry.acegi.enhance.* but Java do not recognize the @Secured decoration. import com.javaforge.tapestry.acegi.*; import com.javaforge.tapestry.acegi.enhance.*; @Secured("ROLE_USER") public abstract class UserForm extends BasePage implements PageBeginRenderListener { ... Have you got an idea ? Thanks cyrille - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
@Secured from tapestry-acegi
Hello, I'm trying to integrate Acegi by using tapestry-acegi from carmanconsulting.com. I've imported com.javaforge.tapestry.acegi.enhance.* but Java do not recognize the @Secured decoration. import com.javaforge.tapestry.acegi.*; import com.javaforge.tapestry.acegi.enhance.*; @Secured("ROLE_USER") public abstract class UserForm extends BasePage implements PageBeginRenderListener { ... Have you got an idea ? Thanks cyrille - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re: Re: tapestry-acegi questions
On 11/14/06, Robin Ericsson <[EMAIL PROTECTED]> wrote: Hmm, no, never though of that, might be a good idea though. I'll see if I have time to try this today. Ok, debugged and problem found. Safari seems to like to cache the result of the first query to the protected page. I was using a proxy called Charles (really good app btw) and when disable caching the result to the browser contained header "Expires: 0". Probably it's just that easy to add that header manually when redirecting from protected page to login page, I'll try that another time. -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re: tapestry-acegi questions
On 11/14/06, James Carman <[EMAIL PROTECTED]> wrote: Oh, sorry, Robin. I read your last email, but only through the "thanks, I've got it working" part. :-) I didn't see the questions at the bottom. Do you have something that will let you debug the HTTP traffic? That might help you see what's going on for sure. Hmm, no, never though of that, might be a good idea though. I'll see if I have time to try this today. -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re: tapestry-acegi questions
Oh, sorry, Robin. I read your last email, but only through the "thanks, I've got it working" part. :-) I didn't see the questions at the bottom. Do you have something that will let you debug the HTTP traffic? That might help you see what's going on for sure. On 11/14/06, Robin Ericsson <[EMAIL PROTECTED]> wrote: On 11/12/06, Robin Ericsson <[EMAIL PROTECTED]> wrote: > Thanks to James again :), I have a working solution that redirects > after successful login. However, on Firefox it works like a charm, but > on Safari it doesn't work as it seems it doesn't process cookies or > something the same way. Maybe I should take this to Acegi directly instead? -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re: tapestry-acegi questions
On 11/12/06, Robin Ericsson <[EMAIL PROTECTED]> wrote: Thanks to James again :), I have a working solution that redirects after successful login. However, on Firefox it works like a charm, but on Safari it doesn't work as it seems it doesn't process cookies or something the same way. Maybe I should take this to Acegi directly instead? -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re: tapestry-acegi questions
On 11/10/06, James Carman <[EMAIL PROTECTED]> wrote: You could use a callback somehow to do that, I would think. But, you would probably have to implement the auto-redirect-to-login-page logic yourself, so that you could save the callback into the session or set it on the login page as a property or something. Thanks to James again :), I have a working solution that redirects after successful login. However, on Firefox it works like a charm, but on Safari it doesn't work as it seems it doesn't process cookies or something the same way. Firefox: anon: securedpage -> login redirect anon: login successful -> securepage redirect loggedin: securepage Safari anon: securedpage -> login redirect anon: login successful -> securepage redirect still anon: securepage -> login redirect loggedin: when landing on login page My authenticationProcessingFilter looks like this. http://pastebin.com/822425 The attemptAuthentication(String, String) is called from my tapestry listener. Maybe I need to flush the http response or something? Or maybe I need to tell tapestry to step processing? -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi questions
You could use a callback somehow to do that, I would think. But, you would probably have to implement the auto-redirect-to-login-page logic yourself, so that you could save the callback into the session or set it on the login page as a property or something. On 11/10/06, Robin Ericsson <[EMAIL PROTECTED]> wrote: On 11/3/06, James Carman <[EMAIL PROTECTED]> wrote: > Maybe you could just create your own Tapestry form (just like you do > for any other page) and submit it. Within the form's processing, you > could use the Acegi API > (SecurityContextHolder.getContext().setAuthentication() maybe?) to set > up the security context, authenticating however you want. The > HttpSessionContextIntegrationFilter will take care of storing it in > the session for you so that each subsequent request will be > authenticated. I should maybe look at integrating the "remember me" > stuff into the pipeline. I could create a special module called > tapestry-acegi-rememberme or something so that you could just drop in > a jar to allow "remember me" services. I came around to the same thing after looking at the Acegi basic auth code. I'm doing something like this. @InjectObject("service:hivemind.acegi.AuthenticationManager") public abstract AuthenticationManager getAuthenticationManager(); public void doLogin() { UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken( getEmail(), getPassword() ); Authentication authResult; try { authResult = getAuthenticationMananger().authenticate( authRequest ); } catch( AuthenticationException failed ) { SecurityContextHolder.getContext().setAuthentication( null ); return; } SecurityContextHolder.getContext().setAuthentication( authResult ); } The only think I have left is to figure out how to redirect back to the original page where the user was at the time the authentication was wanted. Is that saved somewhere or do I need to find out that for my self? -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi questions
On 11/3/06, James Carman <[EMAIL PROTECTED]> wrote: Maybe you could just create your own Tapestry form (just like you do for any other page) and submit it. Within the form's processing, you could use the Acegi API (SecurityContextHolder.getContext().setAuthentication() maybe?) to set up the security context, authenticating however you want. The HttpSessionContextIntegrationFilter will take care of storing it in the session for you so that each subsequent request will be authenticated. I should maybe look at integrating the "remember me" stuff into the pipeline. I could create a special module called tapestry-acegi-rememberme or something so that you could just drop in a jar to allow "remember me" services. I came around to the same thing after looking at the Acegi basic auth code. I'm doing something like this. @InjectObject("service:hivemind.acegi.AuthenticationManager") public abstract AuthenticationManager getAuthenticationManager(); public void doLogin() { UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken( getEmail(), getPassword() ); Authentication authResult; try { authResult = getAuthenticationMananger().authenticate( authRequest ); } catch( AuthenticationException failed ) { SecurityContextHolder.getContext().setAuthentication( null ); return; } SecurityContextHolder.getContext().setAuthentication( authResult ); } The only think I have left is to figure out how to redirect back to the original page where the user was at the time the authentication was wanted. Is that saved somewhere or do I need to find out that for my self? -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi questions
Maybe you could just create your own Tapestry form (just like you do for any other page) and submit it. Within the form's processing, you could use the Acegi API (SecurityContextHolder.getContext().setAuthentication() maybe?) to set up the security context, authenticating however you want. The HttpSessionContextIntegrationFilter will take care of storing it in the session for you so that each subsequent request will be authenticated. I should maybe look at integrating the "remember me" stuff into the pipeline. I could create a special module called tapestry-acegi-rememberme or something so that you could just drop in a jar to allow "remember me" services. On 11/3/06, James Carman <[EMAIL PROTECTED]> wrote: Maybe the form-based security should declare its own dummy engine service? That might be the way to go. I don't know. I'd have to play around with it some. On 11/3/06, Jesper Zedlitz <[EMAIL PROTECTED]> wrote: > James Carman wrote: > > What URL mapping are you using for your Tapestry application servlet? > > > This is my mapping without my Acegi experiments: > > redirect > org.apache.tapestry.RedirectFilter > > > tapestry-acegi > org.apache.tapestry.ApplicationServlet > 0 > > > redirect > / > > > tapestry-acegi > /app > > > For Acegi I have added this mapping: > > AcegiFilter > org.acegisecurity.util.FilterToBeanProxy > > targetClass > org.acegisecurity.ui.webapp.AuthenticationProcessingFilter > > > > Acegi Filter Chain Proxy > /j_acegi_security_check > > > Jesper > > -- > Jesper Zedlitz E-Mail : [EMAIL PROTECTED] > Homepage : http://www.zedlitz.de > ICQ# : 23890711 > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi questions
Maybe the form-based security should declare its own dummy engine service? That might be the way to go. I don't know. I'd have to play around with it some. On 11/3/06, Jesper Zedlitz <[EMAIL PROTECTED]> wrote: James Carman wrote: > What URL mapping are you using for your Tapestry application servlet? > This is my mapping without my Acegi experiments: redirect org.apache.tapestry.RedirectFilter tapestry-acegi org.apache.tapestry.ApplicationServlet 0 redirect / tapestry-acegi /app For Acegi I have added this mapping: AcegiFilter org.acegisecurity.util.FilterToBeanProxy targetClass org.acegisecurity.ui.webapp.AuthenticationProcessingFilter Acegi Filter Chain Proxy /j_acegi_security_check Jesper -- Jesper Zedlitz E-Mail : [EMAIL PROTECTED] Homepage : http://www.zedlitz.de ICQ# : 23890711 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi questions
James Carman wrote: > What URL mapping are you using for your Tapestry application servlet? > This is my mapping without my Acegi experiments: redirect org.apache.tapestry.RedirectFilter tapestry-acegi org.apache.tapestry.ApplicationServlet 0 redirect / tapestry-acegi /app For Acegi I have added this mapping: AcegiFilter org.acegisecurity.util.FilterToBeanProxy targetClass org.acegisecurity.ui.webapp.AuthenticationProcessingFilter Acegi Filter Chain Proxy /j_acegi_security_check Jesper -- Jesper Zedlitz E-Mail : [EMAIL PROTECTED] Homepage : http://www.zedlitz.de ICQ# : 23890711 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi questions
What URL mapping are you using for your Tapestry application servlet? On 11/3/06, Jesper Zedlitz <[EMAIL PROTECTED]> wrote: James Carman wrote: > Then you're not really using tapestry-acegi. You don't need Spring at > all to use tapestry-acegi. > But how do I wire "/j_acegi_security_check" to Acegi? Here is a short summary what I tried until now: * Login page forwards to "/j_acegi_security_check?...". * add a filter that maps "/j_acegi_security_check" to Acegi => need Spring to create a AuthenticationProcessingFilter bean * After creating a couple of Spring beans Acegi will authenticate the user. But somehow the content of ACEGI_SECURITY_CONTEXT (in the session) gets lost. Jesper -- Jesper Zedlitz E-Mail : [EMAIL PROTECTED] Homepage : http://www.zedlitz.de ICQ# : 23890711 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi questions
James Carman wrote: > Then you're not really using tapestry-acegi. You don't need Spring at > all to use tapestry-acegi. > But how do I wire "/j_acegi_security_check" to Acegi? Here is a short summary what I tried until now: * Login page forwards to "/j_acegi_security_check?...". * add a filter that maps "/j_acegi_security_check" to Acegi => need Spring to create a AuthenticationProcessingFilter bean * After creating a couple of Spring beans Acegi will authenticate the user. But somehow the content of ACEGI_SECURITY_CONTEXT (in the session) gets lost. Jesper -- Jesper Zedlitz E-Mail : [EMAIL PROTECTED] Homepage : http://www.zedlitz.de ICQ# : 23890711 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi questions
Then you're not really using tapestry-acegi. You don't need Spring at all to use tapestry-acegi. On 11/2/06, Jesper Zedlitz <[EMAIL PROTECTED]> wrote: > You're switching to using Spring instead of HiveMind? > The web application does not start if I do not create a Spring bean: Bean context must contain at least one bean of type org.acegisecurity.ui.webapp.AuthenticationProcessingFilter Jesper -- Jesper Zedlitz E-Mail : [EMAIL PROTECTED] Homepage : http://www.zedlitz.de ICQ# : 23890711 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi questions
> You're switching to using Spring instead of HiveMind? > The web application does not start if I do not create a Spring bean: Bean context must contain at least one bean of type org.acegisecurity.ui.webapp.AuthenticationProcessingFilter Jesper -- Jesper Zedlitz E-Mail : [EMAIL PROTECTED] Homepage : http://www.zedlitz.de ICQ# : 23890711 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi questions
You're switching to using Spring instead of HiveMind? On 11/2/06, Jesper Zedlitz <[EMAIL PROTECTED]> wrote: Jesper Zedlitz wrote: > When I try to access a secured page it works fine and I get to the login > page. After submitting the login form I will be redirected > to /j_acegi_security_check > But how do I wire this URL to Acegi? > I suppose I need a filter that processes the URL starting with "/j_acegi_security_check". So I added this filter and filter-mapping to the web.xml: AcegiFilter org.acegisecurity.util.FilterToBeanProxy targetClass org.acegisecurity.ui.webapp.AuthenticationProcessingFilter AcegiFilter /j_acegi_security_check To create an instance of AuthenticationProcessingFilter I declared this bean in Spring's applicationContext.xml: But there is still something missing: the AuthenticationProcessingFilter needs an AuthenticationManager. Any ideas how to configure that? Or is an AuthenticationProcessingFilter the wrong filter? Jesper -- Jesper Zedlitz E-Mail : [EMAIL PROTECTED] Homepage : http://www.zedlitz.de ICQ# : 23890711 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi questions
Jesper Zedlitz wrote: > When I try to access a secured page it works fine and I get to the login > page. After submitting the login form I will be redirected > to /j_acegi_security_check > But how do I wire this URL to Acegi? > I suppose I need a filter that processes the URL starting with "/j_acegi_security_check". So I added this filter and filter-mapping to the web.xml: AcegiFilter org.acegisecurity.util.FilterToBeanProxy targetClass org.acegisecurity.ui.webapp.AuthenticationProcessingFilter AcegiFilter /j_acegi_security_check To create an instance of AuthenticationProcessingFilter I declared this bean in Spring's applicationContext.xml: But there is still something missing: the AuthenticationProcessingFilter needs an AuthenticationManager. Any ideas how to configure that? Or is an AuthenticationProcessingFilter the wrong filter? Jesper -- Jesper Zedlitz E-Mail : [EMAIL PROTECTED] Homepage : http://www.zedlitz.de ICQ# : 23890711 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi questions
The value you gave for the symbol "de.zedlitz.tapestry.acegi.FormProcessingFilter", is that a service id or a class name (I guess it could be both)? It definitely needs to be a service id, though. On 11/1/06, Jesper Zedlitz <[EMAIL PROTECTED]> wrote: James Carman wrote: > I haven't implemented form-based authentication in > tapestry-acegi, yet. But, I don't think it's that difficult, really. > Your need to use the AuthenticationProcessingFilter (I don't define it > in my hivemodule.xml, but it would be easy to do so in yours) and your > form has to have two fields named "j_username" and "j_password" and it > should post to "j_acegi_security_check." The filter will pick up that > request and handle it. You would override the symbol > "tapestry.acegi.authenticationProcessingFilter" to point to your > authentication filter > I have added these entries to my hivemodule.xml: and created Login.html and Login.java according to the tutorial http://wiki.javascud.org/display/hsa/Acegi+and+Tapestry--A+Step-by-Step+Guide When I try to access a secured page it works fine and I get to the login page. After submitting the login form I will be redirected to /j_acegi_security_check But how do I wire this URL to Acegi? Jesper - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi questions
On 11/1/06, Jesper Zedlitz <[EMAIL PROTECTED]> wrote: When I try to access a secured page it works fine and I get to the login page. After submitting the login form I will be redirected to /j_acegi_security_check But how do I wire this URL to Acegi? This is where I am too. I was thinking of inject the AuthenticationManager (defined in hivemind-acege) and plug it directly into that. -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Re: tapestry-acegi questions
Ohhh...sorry 'bout that. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of James Carman Sent: Wednesday, November 01, 2006 9:08 AM To: Tapestry users Subject: Re: Re: tapestry-acegi questions With Tapestry-Acegi, we're not using the Acegi servlet filter. On 11/1/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Acegi's AuthenticationProcessingFilter is, by default, coded to > intercept any web request to j_acegi_security_check. You can override > the actual name of the servlet with the filterProcessesUrl parameter of > that class. > > So all you need to do to "link" Tapestry and Acegi is just throw a > RedirectException in your Login.java Tapestry page to the > j_acegi_security_check url and the Acegi filter pipeline should pick it > up, parse out the username & password, hand it off to the > authenticationManager, etc. etc. > > If you're not getting that behavior, make sure your web.xml has this > filter and filter-mapping section: > > > Acegi Filter Chain Proxy > > org.acegisecurity.util.FilterToBeanProxy > > targetClass > > org.acegisecurity.util.FilterChainProxy > > > > > > Acegi Filter Chain Proxy > /* > > > > === > > FYI, here's some Login.java code that backs my Tapestry page (the > username and password params are abstract getters a la Tapestry form > bindings, abnd the cipherText method just encodes the password using a > non-salted MD5 hash): > > public void login(IRequestCycle cycle) throws RedirectException { > String ciphertext = getCipherText(getPassword()); > > LOG.debug("User " + getUsername() + " is attempting login."); > String acegiUrl = cycle.getAbsoluteURL( > "/j_acegi_security_check?j_username=" + > getUsername() + > "&j_password=" + > ciphertext); > > > throw new RedirectException(acegiUrl); > } > > === > > Tom > > -Original Message- > From: news [mailto:[EMAIL PROTECTED] On Behalf Of Jesper Zedlitz > Sent: Wednesday, November 01, 2006 8:52 AM > To: users@tapestry.apache.org > Subject: Re: tapestry-acegi questions > > James Carman wrote: > > I haven't implemented form-based authentication in > > tapestry-acegi, yet. But, I don't think it's that difficult, really. > > Your need to use the AuthenticationProcessingFilter (I don't define it > > in my hivemodule.xml, but it would be easy to do so in yours) and your > > form has to have two fields named "j_username" and "j_password" and it > > should post to "j_acegi_security_check." The filter will pick up that > > request and handle it. You would override the symbol > > "tapestry.acegi.authenticationProcessingFilter" to point to your > > authentication filter > > > I have added these entries to my hivemodule.xml: > > > value="de.zedlitz.tapestry.acegi.FormProcessingFilter"/> > > value="de.zedlitz.tapestry.acegi.FormAuthenticationEntryPoint"/> > > > > interface="javax.servlet.Filter"> > > class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter" > initialize-method="afterPropertiesSet"> >value="/LoginFailed.html"/> > >value="/j_acegi_security_check"/> > > > > > > interface="org.acegisecurity.ui.AuthenticationEntryPoint"> > > class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPo > int"> > value="/app?page=Login&service=page"/> > > > > > > and created Login.html and Login.java according to the tutorial > http://wiki.javascud.org/display/hsa/Acegi+and+Tapestry--A+Step-by-Step+ > Guide > > When I try to access a secured page it works fine and I get to the login > page. After submitting the login form I will be redirected > to /j_acegi_security_check > But how do I wire this URL to Acegi? > > > Jesper > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re: tapestry-acegi questions
With Tapestry-Acegi, we're not using the Acegi servlet filter. On 11/1/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: Acegi's AuthenticationProcessingFilter is, by default, coded to intercept any web request to j_acegi_security_check. You can override the actual name of the servlet with the filterProcessesUrl parameter of that class. So all you need to do to "link" Tapestry and Acegi is just throw a RedirectException in your Login.java Tapestry page to the j_acegi_security_check url and the Acegi filter pipeline should pick it up, parse out the username & password, hand it off to the authenticationManager, etc. etc. If you're not getting that behavior, make sure your web.xml has this filter and filter-mapping section: Acegi Filter Chain Proxy org.acegisecurity.util.FilterToBeanProxy targetClass org.acegisecurity.util.FilterChainProxy Acegi Filter Chain Proxy /* === FYI, here's some Login.java code that backs my Tapestry page (the username and password params are abstract getters a la Tapestry form bindings, abnd the cipherText method just encodes the password using a non-salted MD5 hash): public void login(IRequestCycle cycle) throws RedirectException { String ciphertext = getCipherText(getPassword()); LOG.debug("User " + getUsername() + " is attempting login."); String acegiUrl = cycle.getAbsoluteURL( "/j_acegi_security_check?j_username=" + getUsername() + "&j_password=" + ciphertext); throw new RedirectException(acegiUrl); } === Tom -Original Message- From: news [mailto:[EMAIL PROTECTED] On Behalf Of Jesper Zedlitz Sent: Wednesday, November 01, 2006 8:52 AM To: users@tapestry.apache.org Subject: Re: tapestry-acegi questions James Carman wrote: > I haven't implemented form-based authentication in > tapestry-acegi, yet. But, I don't think it's that difficult, really. > Your need to use the AuthenticationProcessingFilter (I don't define it > in my hivemodule.xml, but it would be easy to do so in yours) and your > form has to have two fields named "j_username" and "j_password" and it > should post to "j_acegi_security_check." The filter will pick up that > request and handle it. You would override the symbol > "tapestry.acegi.authenticationProcessingFilter" to point to your > authentication filter > I have added these entries to my hivemodule.xml: and created Login.html and Login.java according to the tutorial http://wiki.javascud.org/display/hsa/Acegi+and+Tapestry--A+Step-by-Step+ Guide When I try to access a secured page it works fine and I get to the login page. After submitting the login form I will be redirected to /j_acegi_security_check But how do I wire this URL to Acegi? Jesper - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Re: tapestry-acegi questions
Acegi's AuthenticationProcessingFilter is, by default, coded to intercept any web request to j_acegi_security_check. You can override the actual name of the servlet with the filterProcessesUrl parameter of that class. So all you need to do to "link" Tapestry and Acegi is just throw a RedirectException in your Login.java Tapestry page to the j_acegi_security_check url and the Acegi filter pipeline should pick it up, parse out the username & password, hand it off to the authenticationManager, etc. etc. If you're not getting that behavior, make sure your web.xml has this filter and filter-mapping section: Acegi Filter Chain Proxy org.acegisecurity.util.FilterToBeanProxy targetClass org.acegisecurity.util.FilterChainProxy Acegi Filter Chain Proxy /* === FYI, here's some Login.java code that backs my Tapestry page (the username and password params are abstract getters a la Tapestry form bindings, abnd the cipherText method just encodes the password using a non-salted MD5 hash): public void login(IRequestCycle cycle) throws RedirectException { String ciphertext = getCipherText(getPassword()); LOG.debug("User " + getUsername() + " is attempting login."); String acegiUrl = cycle.getAbsoluteURL( "/j_acegi_security_check?j_username=" + getUsername() + "&j_password=" + ciphertext); throw new RedirectException(acegiUrl); } === Tom -Original Message- From: news [mailto:[EMAIL PROTECTED] On Behalf Of Jesper Zedlitz Sent: Wednesday, November 01, 2006 8:52 AM To: users@tapestry.apache.org Subject: Re: tapestry-acegi questions James Carman wrote: > I haven't implemented form-based authentication in > tapestry-acegi, yet. But, I don't think it's that difficult, really. > Your need to use the AuthenticationProcessingFilter (I don't define it > in my hivemodule.xml, but it would be easy to do so in yours) and your > form has to have two fields named "j_username" and "j_password" and it > should post to "j_acegi_security_check." The filter will pick up that > request and handle it. You would override the symbol > "tapestry.acegi.authenticationProcessingFilter" to point to your > authentication filter > I have added these entries to my hivemodule.xml: and created Login.html and Login.java according to the tutorial http://wiki.javascud.org/display/hsa/Acegi+and+Tapestry--A+Step-by-Step+ Guide When I try to access a secured page it works fine and I get to the login page. After submitting the login form I will be redirected to /j_acegi_security_check But how do I wire this URL to Acegi? Jesper - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi questions
James Carman wrote: > I haven't implemented form-based authentication in > tapestry-acegi, yet. But, I don't think it's that difficult, really. > Your need to use the AuthenticationProcessingFilter (I don't define it > in my hivemodule.xml, but it would be easy to do so in yours) and your > form has to have two fields named "j_username" and "j_password" and it > should post to "j_acegi_security_check." The filter will pick up that > request and handle it. You would override the symbol > "tapestry.acegi.authenticationProcessingFilter" to point to your > authentication filter > I have added these entries to my hivemodule.xml: and created Login.html and Login.java according to the tutorial http://wiki.javascud.org/display/hsa/Acegi+and+Tapestry--A+Step-by-Step+Guide When I try to access a secured page it works fine and I get to the login page. After submitting the login form I will be redirected to /j_acegi_security_check But how do I wire this URL to Acegi? Jesper - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re: tapestry-acegi questions
On 10/30/06, Gareth <[EMAIL PROTECTED]> wrote: hi, I'm using the TableView component on what can be visulised as a search page. Hi, Please don't steal other threads with a new question. -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re: tapestry-acegi questions
hi, I'm using the TableView component on what can be visulised as a search page. The whole page is wrapped in a form (so that the paging buttons etc submit the search criteria), and the Form version of TableRow and TablePages are used. Everything appears to work except... I have 2 gripes that I can't seem to get around. 1. The entire page is wrapped in a form from within my Border component, which I didn't want to do because I had a seperate Login form at the top of my page, however failure to do so causes a rewind exception on the table because it cant create the same table model I guess - any suggestions as to how I can essentially prevent the table rewinding in this circumstance (I hide it on the next page render). 2. When I click on search, the search crieria are used to populate the table with its table model, working just fine, however, if I move to say page 3 of the table, then search again, the paging defaults to page 3 of the new search results... how do I reset the paging component to page 1 in this scenario? Many Thanks Gareth Send instant messages to your online friends http://uk.messenger.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re: tapestry-acegi questions
Step C at the following might help. http://wiki.javascud.org/display/hsa/Acegi+and+Tapestry--A+Step-by-Step+Guide shing --- Robin Ericsson <[EMAIL PROTECTED]> wrote: > On 10/29/06, James Carman > <[EMAIL PROTECTED]> wrote: > > Hi, Robin. I haven't implemented form-based > authentication in > > tapestry-acegi, yet. But, I don't think it's that > difficult, really. > > Your need to use the > AuthenticationProcessingFilter (I don't define it > > in my hivemodule.xml, but it would be easy to do > so in yours) and your > > form has to have two fields named "j_username" and > "j_password" and it > > should post to "j_acegi_security_check." The > filter will pick up that > > request and handle it. You would override the > symbol > > "tapestry.acegi.authenticationProcessingFilter" to > point to your > > authentication filter (like it does by default > with the HTTP BASIC > > filter). If you get it working, feel free to > email me snippets from > > your hivemodule.xml and I'll make sure I include > it in the default one > > so that everyone can benefit. If I were going to > do it, I'd make sure > > that the URL (j_acegi_security_check) is > configurable as a symbol, > > also. We'd want a cool way to set up the URLs and > stuff, too. Good > > luck and keep us posted! > > Ok, seems fine. Another easy question though, how do > I post to > j_acegi_security_check, tapestry overrides action > field? > > -- > regards, > Robin > > - > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > Home page : http://uk.geocities.com/matmsh/index.html Send instant messages to your online friends http://uk.messenger.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re: tapestry-acegi questions
On 10/29/06, James Carman <[EMAIL PROTECTED]> wrote: Hi, Robin. I haven't implemented form-based authentication in tapestry-acegi, yet. But, I don't think it's that difficult, really. Your need to use the AuthenticationProcessingFilter (I don't define it in my hivemodule.xml, but it would be easy to do so in yours) and your form has to have two fields named "j_username" and "j_password" and it should post to "j_acegi_security_check." The filter will pick up that request and handle it. You would override the symbol "tapestry.acegi.authenticationProcessingFilter" to point to your authentication filter (like it does by default with the HTTP BASIC filter). If you get it working, feel free to email me snippets from your hivemodule.xml and I'll make sure I include it in the default one so that everyone can benefit. If I were going to do it, I'd make sure that the URL (j_acegi_security_check) is configurable as a symbol, also. We'd want a cool way to set up the URLs and stuff, too. Good luck and keep us posted! Ok, seems fine. Another easy question though, how do I post to j_acegi_security_check, tapestry overrides action field? -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi questions
Hi, Robin. I haven't implemented form-based authentication in tapestry-acegi, yet. But, I don't think it's that difficult, really. Your need to use the AuthenticationProcessingFilter (I don't define it in my hivemodule.xml, but it would be easy to do so in yours) and your form has to have two fields named "j_username" and "j_password" and it should post to "j_acegi_security_check." The filter will pick up that request and handle it. You would override the symbol "tapestry.acegi.authenticationProcessingFilter" to point to your authentication filter (like it does by default with the HTTP BASIC filter). If you get it working, feel free to email me snippets from your hivemodule.xml and I'll make sure I include it in the default one so that everyone can benefit. If I were going to do it, I'd make sure that the URL (j_acegi_security_check) is configurable as a symbol, also. We'd want a cool way to set up the URLs and stuff, too. Good luck and keep us posted! On 10/29/06, Robin Ericsson <[EMAIL PROTECTED]> wrote: Hi, There still isn't any tapestry-acegi specific list is there? What I like is to have is to use a webpage for login instead of http basic auth. However, after checking the source of tapestry-acegi it seems like a monster to accomplish based on that I know practially not much at all about acegi :) The other question might be easier though? I'd like to be able to specific a webpage where to be directed to, when pressing cancel on the basic auth dialog. Currently this just stays as the previous page. I can certainly try to do this on my own, but I probably need a few hinters on the way :) -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
tapestry-acegi questions
Hi, There still isn't any tapestry-acegi specific list is there? What I like is to have is to use a webpage for login instead of http basic auth. However, after checking the source of tapestry-acegi it seems like a monster to accomplish based on that I know practially not much at all about acegi :) The other question might be easier though? I'd like to be able to specific a webpage where to be directed to, when pressing cancel on the basic auth dialog. Currently this just stays as the previous page. I can certainly try to do this on my own, but I probably need a few hinters on the way :) -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi anon svn
On 9/20/06, Robin Ericsson <[EMAIL PROTECTED]> wrote: Hi, Couldn't find a specific list for tapestry-acegi so I post this here. I can't seem to access the anonymous svn repository. All I can find is that I should use anonymous/anon, but that doesn't seem to work. I just want to give notice that anon svn now works on tapestry javaforge. -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: tapestry-acegi form based login
My approach predates tapestry-acegi, but I'm sure it could be adapted. I use a bit of a hybrid approach, where the authentication part is handled as described in the EWDT e-book and all of my protected pages extend a BaseProtectedPage class. My Login page has a UserValidator ASO injected, which in turn has an Acegi AuthenticationManager wired in by a UserValidatorFactory. My UserValidator ASO has validateUser(String username, String password) method that returns a UserProfile object (that implements Acegi's UserDetails). It invokes the AutheticationManager's authenticate method and stores the Authentication object into the SecurityContext. This replaces the pure-Acegi login form handling and allows me to use the EWDT style. There is also a convenience method checkPermission(String ifAnyGranted, String ifAllGranted, String ifNotGranted) that behaves like the Acegi's JSP taglib Authorize tag so I can make fine-grained decisions within a page. Jonathan > -Original Message- > From: news [mailto:[EMAIL PROTECTED] On Behalf Of Jesper Zedlitz > Sent: Thursday, September 21, 2006 8:30 AM > To: users@tapestry.apache.org > Subject: tapestry-acegi form based login > > Is it possible to use a html form for login with tapestry-acegi instead of > HTTP basic authentication? > > I would like to write a third part for my tutorial > http://wiki.apache.org/tapestry/AcegiSpringJava5 about that topic. > > Jesper > > -- > Jesper Zedlitz E-Mail : [EMAIL PROTECTED] > Homepage : http://www.zedlitz.de > ICQ# : 23890711 > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi form based login
On 9/21/06, Jesper Zedlitz <[EMAIL PROTECTED]> wrote: Is it possible to use a html form for login with tapestry-acegi instead of HTTP basic authentication? I'd like to know that too. I would like to write a third part for my tutorial http://wiki.apache.org/tapestry/AcegiSpringJava5 about that topic. Nice tutorial. I can answer your other wiki question about realm name. -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
tapestry-acegi form based login
Is it possible to use a html form for login with tapestry-acegi instead of HTTP basic authentication? I would like to write a third part for my tutorial http://wiki.apache.org/tapestry/AcegiSpringJava5 about that topic. Jesper -- Jesper Zedlitz E-Mail : [EMAIL PROTECTED] Homepage : http://www.zedlitz.de ICQ# : 23890711 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi anon svn
I think it is [EMAIL PROTECTED] James Carman wrote: > I would, but I have no idea how to go about raising the issue with them. > Does anyone know of a support email address or something like that for > JavaForge? > > -Original Message- > From: Robin Ericsson [mailto:[EMAIL PROTECTED] > Sent: Wednesday, September 20, 2006 9:20 AM > To: Tapestry users > Subject: Re: tapestry-acegi anon svn > > On 9/20/06, Karthik N <[EMAIL PROTECTED]> wrote: > >> I have the same issues with tapernate SVN. >> >> It's been more than a month but no luck!! :-( >> > > Has anyone raised this to Javaforge? > > -- Andreas Andreou - [EMAIL PROTECTED] - http://andyhot.di.uoa.gr Tapestry / Tacos developer Open Source / J2EE Consulting - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: tapestry-acegi anon svn
I would, but I have no idea how to go about raising the issue with them. Does anyone know of a support email address or something like that for JavaForge? -Original Message- From: Robin Ericsson [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 20, 2006 9:20 AM To: Tapestry users Subject: Re: tapestry-acegi anon svn On 9/20/06, Karthik N <[EMAIL PROTECTED]> wrote: > I have the same issues with tapernate SVN. > > It's been more than a month but no luck!! :-( Has anyone raised this to Javaforge? -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi anon svn
On 9/20/06, Karthik N <[EMAIL PROTECTED]> wrote: I have the same issues with tapernate SVN. It's been more than a month but no luck!! :-( Has anyone raised this to Javaforge? -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tapestry-acegi anon svn
I have the same issues with tapernate SVN. It's been more than a month but no luck!! :-( On 9/20/06, Robin Ericsson <[EMAIL PROTECTED]> wrote: Hi, Couldn't find a specific list for tapestry-acegi so I post this here. I can't seem to access the anonymous svn repository. All I can find is that I should use anonymous/anon, but that doesn't seem to work. Any ideas/news on this? Searches on google indicates it's been a problem earlier as well. -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Thanks, Karthik
tapestry-acegi anon svn
Hi, Couldn't find a specific list for tapestry-acegi so I post this here. I can't seem to access the anonymous svn repository. All I can find is that I should use anonymous/anon, but that doesn't seem to work. Any ideas/news on this? Searches on google indicates it's been a problem earlier as well. -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tapestry-acegi pom.xml
A little bit of cavaet emptor on using version ranges in maven2 dependencies. This is a feature that I hope all library writers start using! (including hivemind and tapestry) There is an issue with several projects in the repositories having bad maven-metadata.xml files. Also mvn install:install-file does really play well yet with this feature. I have filed bugs on this issue for people to watch and vote for so that we can start pressuring library writers to use version ranges in their pom's http://jira.codehaus.org/browse/MEV-441 http://jira.codehaus.org/browse/MEV-443 http://jira.codehaus.org/browse/MINSTALL-33 -Pat --- Patrick Moore <[EMAIL PROTECTED]> wrote: > Hi James -- > > I think you said when you get a chance you are going to update the > tapestry-acegi package. When you do you might wish to use this pom.xml. I > discovered this neat feature of maven2 that allows you to specify the minimum > version of a dependency. This allows users to upgrade their version of > tapestry, spring, etc. without having tapestry-acegi look for older versions. > > I think I got this right: > > > > 4.0.0 > com.javaforge.tapestry > tapestry-acegi > Tapestry Acegi Integration > 0.1-20060609.153634-9 > 2006 > > > JC > James Carman > [EMAIL PROTECTED] > > > > > Apache License, Version 2.0 > http://apache.org/licenses/LICENSE-2.0 > repo > > > > > scm:svn:http://svn.javaforge.com/svn/tapestry/tapestry-autowire/trunk > http://svn.javaforge.com/svn/tapestry/tapestry-autowire/trunk > > > javaforge > http://javaforge.com > > > > > maven-compiler-plugin > > 1.5 > 1.5 > > > > > > > cc-repo > Carman Consulting > http://www.carmanconsulting.com/mvn > > > > > junit > junit > [3.8.1,) > test > > > easymock > easymock > [1.1,) > test > > > commons-logging > commons-logging > [1.0.4,) > > > hivemind > hivemind > [1.1.1,) > > > hivemind > hivemind-lib > [1.1.1,) > > > javassist > javassist > [3.0,) > > > oro > oro > [2.0.8,) > > > com.javaforge.hivemind > hivemind-utils > [0.1-SNAPSHOT,) > > > log4j > log4j > [1.2.11,) > > > org.acegisecurity > acegi-security > [1.0.0,) > > > org.acegisecurity > acegi-security-tiger > [1.0.0,) > > > tapestry > tapestry > [4.0.1,) > > > tapestry > tapestry-annotations > [4.0.1,) > > > javax.servlet > servlet-api > [2.4,) > provided > > > > > cc-repo > > scpexe://www.carmanconsulting.com/var/www/carmanconsulting/mvn > > > cc-site > > scp://carmanconsulting.com/var/www/carmanconsulting/tapestry-acegi/ > > deployed > > > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tapestry-acegi pom.xml
Hi James -- I think you said when you get a chance you are going to update the tapestry-acegi package. When you do you might wish to use this pom.xml. I discovered this neat feature of maven2 that allows you to specify the minimum version of a dependency. This allows users to upgrade their version of tapestry, spring, etc. without having tapestry-acegi look for older versions. I think I got this right: 4.0.0 com.javaforge.tapestry tapestry-acegi Tapestry Acegi Integration 0.1-20060609.153634-9 2006 JC James Carman [EMAIL PROTECTED] Apache License, Version 2.0 http://apache.org/licenses/LICENSE-2.0 repo scm:svn:http://svn.javaforge.com/svn/tapestry/tapestry-autowire/trunk http://svn.javaforge.com/svn/tapestry/tapestry-autowire/trunk javaforge http://javaforge.com maven-compiler-plugin 1.5 1.5 cc-repo Carman Consulting http://www.carmanconsulting.com/mvn junit junit [3.8.1,) test easymock easymock [1.1,) test commons-logging commons-logging [1.0.4,) hivemind hivemind [1.1.1,) hivemind hivemind-lib [1.1.1,) javassist javassist [3.0,) oro oro [2.0.8,) com.javaforge.hivemind hivemind-utils [0.1-SNAPSHOT,) log4j log4j [1.2.11,) org.acegisecurity acegi-security [1.0.0,) org.acegisecurity acegi-security-tiger [1.0.0,) tapestry tapestry [4.0.1,) tapestry tapestry-annotations [4.0.1,) javax.servlet servlet-api [2.4,) provided cc-repo scpexe://www.carmanconsulting.com/var/www/carmanconsulting/mvn cc-site scp://carmanconsulting.com/var/www/carmanconsulting/tapestry-acegi/ deployed - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Specifying a map of values in Hivemind? (Tapestry-Acegi related)
users cc Please respond to "Tapestry users" Subject Re: Specifying a map of values in Hivemind? (Tapest
Re: Specifying a map of values in Hivemind? (Tapestry-Acegi related)
You might like to check out example 7 on http://lombok.demon.co.uk/hiveMind/welcome Shing --- Robert Cole <[EMAIL PROTECTED]> wrote: > > Hi all. > > I'm trying to pass a map of values into a Hivemind > service and I'm hitting problems. I'm coming from > Spring, so the Spring version looks like this: > > class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl"> > > > [EMAIL PROTECTED],ROLE_SUPERUSER > [EMAIL PROTECTED],ROLE_DATA_ADMINISTRATOR > fred,ROLE_SUPPORT > > > > > Spring translates the "value" attribute into a > Properties object with the specified values. Now > that I'm in Hivemind, how do I represent the map > (its treated as a Properties object within the > InMemoryDaoImpl) in Hivemind? I've tried the code > below but I get an error that the value attribute is > not being set. I can't find any Hivemind > documentation about how to specify that the value is > a Properties object (or a map) > >service-id="hivemind.acegi.dao.UserDetailsService"> > > class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl"> > > > [EMAIL PROTECTED] > > [EMAIL PROTECTED] > fred=ROLE_SUPPORT > > > > > > > I'm suspecting that I need to use a Property Editor > to translate some text into a Properties object but > I'm in the dark here. Any help would be appreciated. > > Thanks, > > Rob Cole > > --- > > This e-mail may contain confidential and/or > privileged information. If you > are not the intended recipient (or have received > this e-mail in error) > please notify the sender immediately and destroy > this e-mail. Any > unauthorized copying, disclosure or distribution of > the material in this > e-mail is strictly forbidden. > > > - > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > Home page : http://uk.geocities.com/matmsh/index.html ___ Inbox full of spam? Get leading spam protection and 1GB storage with All New Yahoo! Mail. http://uk.docs.yahoo.com/nowyoucan.html - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Specifying a map of values in Hivemind? (Tapestry-Acegi related)
Hi all. I'm trying to pass a map of values into a Hivemind service and I'm hitting problems. I'm coming from Spring, so the Spring version looks like this: [EMAIL PROTECTED],ROLE_SUPERUSER [EMAIL PROTECTED],ROLE_DATA_ADMINISTRATOR fred,ROLE_SUPPORT Spring translates the "value" attribute into a Properties object with the specified values. Now that I'm in Hivemind, how do I represent the map (its treated as a Properties object within the InMemoryDaoImpl) in Hivemind? I've tried the code below but I get an error that the value attribute is not being set. I can't find any Hivemind documentation about how to specify that the value is a Properties object (or a map) [EMAIL PROTECTED] [EMAIL PROTECTED] fred=ROLE_SUPPORT I'm suspecting that I need to use a Property Editor to translate some text into a Properties object but I'm in the dark here. Any help would be appreciated. Thanks, Rob Cole --- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tapestry Acegi
"Tapestry users" cc Please respond to "Tapestry users" Subject