You are quite right... I just threw that key in there when I was re-writing the other parts and I did not yet know how to deal with the errors.
So, just ignore that key, and put a try-catch block around the authenticationManager.authenticate() call, and catch a BadCredentialsException (for things like missing login/passwords) and an AuthorizationException (for things like locked or disabled accounts). Then you can get the error messages from the exceptions, and do what you like with them. Jim Michael Waluk wrote: > > Hi, > I'm new to using Acegi with Tapestry-Acegi. At the end of > http://wiki.apache.org/tapestry/AcegiSpringJava5FormBased there is the > Q&A: > > How do we retrieve the errors from Acegi and display them in the > Login > page? > ( Using > AbstractProcessingFilter<http://wiki.apache.org/tapestry/AbstractProcessingFilter>.ACEGI_SECURITY_LAST_EXCEPTION_KEY > ) > > But I haven't found it to be there. There isn't any code storing it there > as there would be in a normal Acegi/Spring app. I could be wrong, but > wouldn't we have to configure the AuthenticationProcessingFilter (which > does > this for us) rather than the default (from tapestry-acegi) > BasicProcessingFilter? Or to be ugly store it in Login.java's catch block > so it may be displayed. > > Am I missing something or should I set the AuthenticationProcessingFilter > in > hivemodule.xml to override the default? > > Thanks for any help, > Michael > > > > On 2/6/07, Jim Roycroft <[EMAIL PROTECTED]> wrote: >> >> >> Wiki pages updated. >> >> >> Jim Roycroft wrote: >> > >> > I'd like to hang on for a bit to let Jesper update the wiki with any >> new >> > things he has figured out. If I don't see any changes in another few >> days, >> > I'll update it. >> > >> > Now, more new stuff for: AcegiSpringJava5Part2! (refactoring) >> > >> > 1. As specified in the Acegi javadocs, the getContext() method will >> never >> > return null, so there is no need to check it. >> > 2. The userName variable can be set to "" at the start, avoiding the >> need >> > for the "if" statement at the end. Actually, we don't need the variable >> at >> > all. >> > 3. Since the Authentication object implements the Principal interface, >> we >> > can actually call getName() on it. This avoids the need for a lot of >> the >> > checking and casting code on the page. >> > >> > Here is the new code: >> > >> > public abstract class UserPage extends >> org.apache.tapestry.html.BasePage{ >> > >> > public String getUserName() { >> > >> > Authentication auth = >> > SecurityContextHolder.getContext().getAuthentication(); >> > if( auth != null ) { >> > return auth.getName(); >> > } >> > >> > return ""; >> > } >> > } >> > >> > >> > Regards, >> > Jim >> > >> > >> > >> > andyhot wrote: >> >> >> >> Yea, i've noticed some of those too, esp. the basic authentication >> >> 'issue' >> >> >> >> As for loging out, there's a wiki page that describes this and other >> >> ways... >> >> >> >> But anyway, you can go ahead and edit the wiki page yourself and add >> >> these findings. >> >> They should prove useful and time-saving >> >> >> >> >> >> Jimr wrote: >> >>> It's great to see this howto up on the wiki! I have been playing >> around >> >>> with >> >>> the example and I have a couple of suggestions to make. >> >>> >> >>> 1. The FormProcessingFilter service point is most likely not >> required. >> >>> Since >> >>> the actual authentication is done programatically through the Acegi >> API, >> >>> it >> >>> does not appear to use the FormProcessingFilter at all. When I take >> this >> >>> code out, there is no change whatsoever to the behaviour of the app. >> >>> >> >>> 2. If a user navigates directly to the login page and logs in >> >>> successfully, >> >>> the savedRequest object will be null, resulting in a >> >>> NullPointerException. I >> >>> don't have a generic solution for this one yet. It depends on how the >> >>> pages >> >>> are set up. >> >>> >> >>> 3. Here is a snippet that could be added to the end of the page for >> >>> people >> >>> wondering how to Logout: >> >>> Add the following code to any html page where you want a logout link >> to >> >>> appear: >> >>> >> >>> <span jwcid="@ServiceLink" >> >>> service="ognl:@org.apache.tapestry.Tapestry >> @RESTART_SERVICE">Logout</span> >> >>> >> >>> FYI this only works when using form based authentication through >> >>> Tapestry. >> >>> If you use Basic authentication, it will not. The root cause of this >> >>> appears >> >>> to be that Acegi maintains a session independently of Tapestry with >> >>> Basic >> >>> auth, because Tapestry is bypassed. When using Form based >> >>> authentication, >> >>> the ContextHolder's context gets tied to the Tapestry session, and is >> >>> discarded when that session is destroyed. >> >>> >> >> >> >> >> >> -- >> >> Andreas Andreou - [EMAIL PROTECTED] - http://andyhot.di.uoa.gr >> >> Tapestry / Tacos developer >> >> Open Source / J2EE Consulting >> >> >> >> >> >> --------------------------------------------------------------------- >> >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> >> >> >> > >> > >> >> -- >> View this message in context: >> http://www.nabble.com/Feedback-for-the-AcegiSpringJava5FormBased-wiki-page-tf3143789.html#a8831753 >> Sent from the Tapestry - User mailing list archive at Nabble.com. >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > -- View this message in context: http://www.nabble.com/Feedback-for-the-AcegiSpringJava5FormBased-wiki-page-tf3143789.html#a9014361 Sent from the Tapestry - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
