Re: [appfuse-user] get in the loop off j_security_check

Thu, 08 Apr 2010 01:29:31 -0700 

ok it seems to work.
don't forget to add:
                <property name="passwordEncoder" ref="passwordEncoder" />
to myAuthenticationProvider bean in the blow config file.


one other question in the login jsp i want to show the error message.

now this is used:
<c:if test="${param.error != null}">
    <li class="error">
<img src="${ctx}/images/iconWarning.gif" alt="<fmt:message key='icon.warning'/>" class="icon"/> 
        <fmt:message key="errors.password.mismatch"/>
        <%--${sessionScope.SPRING_SECURITY_LAST_EXCEPTION.message}--%>
    </li>
</c:if>

how can i diffirentiate between different errors?
(wrong credentials or no more attempts)


tibi





ok it works.

what i did:

in the applicationContext-struts.xml i added (changed) this:

<beans xmlns="http://www.springframework.org/schema/beans";
        xmlns:security="http://www.springframework.org/schema/security";
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
        xsi:schemaLocation="http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
        http://www.springframework.org/schema/security
        http://www.springframework.org/schema/security/spring-security-2.0.xsd";
        default-lazy-init="true">

        <bean id="adminInterceptor"
                
class="nl.rapidsugar.emailOpMaat.webapp.interceptor.UserRoleAuthorizationInterceptor">
                <property name="authorizedRoles" value="ROLE_ADMIN" />
        </bean>
        <bean id="authenticationManager"
class="org.springframework.security.providers.ProviderManager">
                <property name="providers">
                        <list>
                                <ref local="myAuthenticationProvider" />
                        </list>
                </property>
        </bean>

        <bean id="myAuthenticationProvider"
                
class="nl.rapidsugar.emailOpMaat.webapp.interceptor.MyAuthenticationProvider">
                <security:custom-authentication-provider />
                <property name="userDetailsService" ref="userDao" />
        </bean>
....

basicaly i'm adding a bean into the providers list.

than a java class:

package nl.rapidsugar.emailOpMaat.webapp.interceptor;

import org.springframework.security.AuthenticationException;
import
org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.providers.dao.DaoAuthenticationProvider;
import org.springframework.security.userdetails.UserDetails;

public class MyAuthenticationProvider extends DaoAuthenticationProvider {

        @Override
        protected void additionalAuthenticationChecks(UserDetails userDetails,
                        UsernamePasswordAuthenticationToken authentication)
                        throws AuthenticationException {
                // TODO Auto-generated method stub
                super.additionalAuthenticationChecks(userDetails, 
authentication);
        }
}
in debug mode i'm hitting this method... so now lets see what i can do here :D 

have fun!



i will look into this tomorrow:

http://forum.springsource.org/showthread.php?t=52377



Quoting t...@dds.nl:


:(


i will...




Quoting Matt Raible <m...@raibledesigns.com>:


Unfortunately, I don't know the answer to this. You might search Spring
Security's forums.

On Tue, Apr 6, 2010 at 12:25 PM, <t...@dds.nl> wrote:


some  investigation led me to the
postAuthenticationChecks

seems to do the trick. but how can i inject my own class there?

is it autowired?

thanks for any pointers,

tibi




hi list

hi matt,

i need to count the wrong logins (after 3 wrong logins block account).
how can i get in the loop of j_security_check?


thanks,

tibi


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net
For additional commands, e-mail: users-h...@appfuse.dev.java.net






---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net
For additional commands, e-mail: users-h...@appfuse.dev.java.net









---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net
For additional commands, e-mail: users-h...@appfuse.dev.java.net





---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net
For additional commands, e-mail: users-h...@appfuse.dev.java.net





---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net
For additional commands, e-mail: users-h...@appfuse.dev.java.net





---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net
For additional commands, e-mail: users-h...@appfuse.dev.java.net

Reply via email to