itself, we'll probably also have ot split things out there for the same
reason.
Colin
--
Colin Sampaleanu
Interface21 Principal Consultant
Spring Training, Consulting and Support - "From the Source"
http://www.springframework.com
-
Interesting... Good to see this SSO and identity management code will be
available as open source:
http://www.techworld.com/security/news/index.cfm?NewsID=4030&Page=1&pagePos=11
---
SF.Net email is sponsored by: Discover Easy Linux Migration
Colin Sampaleanu wrote:
Ben Alex wrote:
Pursuant to Juergen's recommendation
(http://article.gmane.org/gmane.comp.java.springframework.devel/8290),
Acegi Security CVS has now had its ContextHolder and related classes
removed. This functionality has been replaced by SecurityContext,
which
t is managed clearly by
Acegi.
What does everybody think?
--
Colin Sampaleanu
Interface21 Principal Consultant
Spring Training, Consulting and Support - "From the Source"
http://www.springframework.com
---
This SF.Net email is sponsore
I noticed that on SF (unless I'm missing it), there's actually no source
archive for v0.70. It'd probably be a good idea to have one, so people
can sync this up when stepping through code and the like...
---
This SF.Net email is sponsored by:
The maven build worked fine for me.
Ben Alex wrote:
Hi everyone
I am happy to report that Ant has now been officially removed from CVS
(along with /lib/*.jar). The Maven build is now performing well, and
the web site at http://acegisecurity.sourceforge.net has been expanded
to include Maven-spec
Ben Alex wrote:
Ben Alex wrote:
I should emphasize that typical Acegi Security users will not be
impacted at all from these changes, except perhaps defining the
correct substitute for AutoIntegrationFilter in web.xml. Users
already need to build the samples using Ant, so the need to build the
s
I stumbled across JOSSO (Java Open Single Sign-On) and thought it would
be interesting to Acegi Security System developers and users.
---
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business?
Ben Alex wrote:
Scott McCrory wrote:
No objections - "release early and release often..." But are you
sure it's just a 0.61 release? I'd recommend 0.7, as most
non-programmers (and some bit twiddlers too) consider anything prior
to 1.0 not mature enough for production, and I think Acegi is a l
Ben Alex wrote:
Colin Sampaleanu wrote:
I was taking a look at the LoginInteceptor in AppFuse,
http://static.raibledesigns.com/downloads/struts-resume/api/org/appfuse/webapp/filter/LoginFilter.java.html
which uses a cookie to remember the user for auto-login purposes, and
was thinking that
I was taking a look at the LoginInteceptor in AppFuse,
http://static.raibledesigns.com/downloads/struts-resume/api/org/appfuse/webapp/filter/LoginFilter.java.html
which uses a cookie to remember the user for auto-login purposes, and
was thinking that it's probably worth adding some cookie based
Ray Krueger wrote:
Colin Sampaleanu wrote:
Ray Krueger wrote:
I just wanted to take a moment to introduce myself. My name is Ray
Krueger, and after some off-list discussions with Ben Alex, I will
be working on integrating JAAS into the Acegi framework.
I have already written the base
Ray Krueger wrote:
I just wanted to take a moment to introduce myself. My name is Ray
Krueger, and after some off-list discussions with Ben Alex, I will be
working on integrating JAAS into the Acegi framework.
I have already written the base implementation for a JAAS based
AuthenticationProvide
http://www.theserverside.com/news/thread.tss?thread_id=27371
---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=
ntials(), user.getAuthorities());
Same change that I did :)
Any idea when you and Ben are doing another release? or when there will be
a final release?
Or if and when Acegi will be integrated as "the" security component for
Spring?
Thanks
Mark
|-+----
Mark,
You need to be running a CVS version post the last 0.51 official
release. This is a bug that was introduced around the 28th or 29th of
May if I remember, and fixed about the 6th or so of June...
Colin
Mark St Godard wrote:
Hi Ben, Colin et al
Configuring the JdbcDaoImpl and am having prob
Randy,
While it used to be true that HIbernate needed public getters and
setters, that is actually no longer the case (since 2.1 I believe). So
if it does not make sense for your objects to have these getters and
setters be public, you don't have to do it any longer...
Randy Thornton wrote:
I a
Greg,
(I'm cc'ing Greg directly also since I am not a jetty mailing list
member, and don't know if this will get to Greg otherwise).
It seems to me that this is not actually so clear-cut. The filter in
question is not mapped to the request via a
in the element, but rather a
/*
url mapping.
Ben, I've been very very busy the last while so I only had a chance
today to try the 0.51 release. I was previously using the CVS HEAD
version from around May 27th, which is a couple of days before you
reworked the user caching code.
There seems to be a problem when digest passwords are used. B
I think that should generally work...
I'm short of time right now (basically for the last 3-4 weeks actually),
so didn't look too much, but I presume you would change the usage in
FilterInvocation.getRequestUrl()
?
That's the only place I can see outside of tests that's using
getServletPath()..
There is to some extent the question of what is the servlet path
supposed to be to a filter, since the filter executes outside the
context of one particular servlet or another. So I think this is where
the problem stems from. At the time the filter is invoked, the actual
servlet which will hand
Karel,
One way to handle this is to have your Tapestry app accessible under two
prefixes (just register it twice in web.xml), for example both
/app
and
/auth
Your login page would be accesed under /app and would not trigger the
/auth interceptor. Tapestry is quite fine with this. Now you do h
Colin Sampaleanu wrote:
Ben Alex wrote:
I have been considering the DaoAuthenticationProvider caching
approach and
think we should change it. At present the cache depends on a
DaoAuthenticationToken being present in a user session. The problem with
this is BASIC authentication is stateless
Ben Alex wrote:
I have been considering the DaoAuthenticationProvider caching approach and
think we should change it. At present the cache depends on a
DaoAuthenticationToken being present in a user session. The problem with
this is BASIC authentication is stateless, meaning the
DaoAuthenticationTo
Ben,
I think we need to change the existing code which does something like:
response.sendRedirct(x)
to
response.sendRedirect(response.encodeRedirectURL())
The existing code is not going to work properly for people who have
turned off cookies, or environments (like some Mobile phones) whi
Ben Alex wrote:
Documentation generation is about the only thing I can think
of. Just to put it up on iBiblio requires only the jar file
produced by the ant build, you don't need Maven for that...
OK, will we be uploading as per
http://maven.apache.org/repository-upload.html? In that case, w
Ben Alex wrote:
is it possible to upload 0.51, once released, to ibiblio for
maven builds.
I looked at Maven integration a few months back, but put it off due to a
lack of time. Is anyone out there willing to write a Maven build file for
Acegi Security?
Ben
It's not too hard to write a Mav
ssful
attempts. Does this make sense?
Steve
-Original Message-----
From: Colin Sampaleanu [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 12, 2004 9:13 AM
To: [EMAIL PROTECTED]
Subject: Re: [Acegisecurity-developer] DaoAuthenticationProvider
Steve,
I'm not sure exactly what you're
Adnaan,
You want to trap
/userManagement.do
but if you look at your regex, you are specifying
/secure/
as a prefix. Did you just explain what you meant wrongly, or did you
miss the fact that the regex leads off with 'secure'?
Adnaan Sikandar wrote:
Sorry to bother about this trivial question
Steve,
I'm not sure exactly what you're asking? The existing code will catch an
invalid login attempt without any problems.
Can you describe your use case a bit better?
Regards,
Colin
Steve Bendiola wrote:
I want to use the dao providers, but was wondering, what is the
recommended way of catc
30 matches
Mail list logo
