Dear List, I'm sorry, I think I found my problem, and it was a stupid one. It took a 3rd cup of coffee to make it appear.
I wasn't prefixing my Authority strings with "ROLE_" i.e. my DB had "ADMIN" stored in a field instead of "ROLE_ADMIN" This still doesn't explain why I wasn't redirected properly to the LoginFailure page. When I type in the URL for the LoginFailure manually, it works of course. Daniel On 7/2/07, Daniel Jue <[EMAIL PROTECTED]> wrote:
I am beating my head against a brick wall. I am trying to get Acegi working (using Spring to configure it). I have it working to the point where a secured page (secured in the xml files, not using any annotations for securing classes) redirects me to a login page. If I type in a login/password that is wrong, I get sent to my "Access Denied" page like I want. However with a good login, I'm getting unsuccessfully forwarded to my "Access Denied" page. The url at the top displays the secure url I was trying to go to, but the browser displays a 404 error indicating it can't find the AccessDenied page. It seems like there are sooo many things that can go wrong with an Acegi configuration. I only want form authentication, so the Basic authentication filter can probably be deleted. It would be nice to see a complete T5 Acegi application this on the T5 Wiki, first with Spring configuration, since Tapestry-Acegi is not ported to T5 yet. <sigh> Here is my configuration: <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy"> <property name="filterInvocationDefinitionSource"> <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,basicProcessingFilter,rememberMeProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor </value> </property> </bean> <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"> <property name="authenticationManager"><ref bean="authenticationManager"/></property> <property name="accessDecisionManager"><ref bean="httpRequestAccessDecisionManager"/></property> <property name="objectDefinitionSource"> <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /start=ROLE_ADMIN /loginsuccess=ROLE_ADMIN /tests/gridpage=ROLE_ADMIN /tests/guess=ROLE_ADMIN /tests/hilo=ROLE_ADMIN /tests/imagepage=ROLE_ADMIN /postlogin=ROLE_ANONYMOUS,ROLE_ADMIN </value> </property> </bean> <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"> </bean> <bean id="httpRequestAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased"> <property name="allowIfAllAbstainDecisions"><value>true</value></property> <property name="decisionVoters"> <list> <ref bean="roleVoter"/> </list> </property> </bean> <bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter"> <constructor-arg value="/LogoutSuccess"/> <!-- URL redirected to after logout --> <constructor-arg> <list> <ref bean="rememberMeServices"/> <bean class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler"/> </list> </constructor-arg> </bean> <bean id="rememberMeAuthenticationProvider" class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider"> <property name="key"><value>springRocks</value></property> </bean> <bean id="rememberMeProcessingFilter" class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter"> <property name="authenticationManager" ref="authenticationManager" /> <property name="rememberMeServices"><ref bean="rememberMeServices"/></property> </bean> <bean id="rememberMeServices" class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices"> <property name="userDetailsService"><ref bean="userDetailsService"/></property> <property name="key"><value>springRocks</value></property> </bean> <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"> <property name="rolePrefix"> <value>ROLE_</value> </property> </bean> <bean id="userDetailsService" class="myapp.security.AuthenticationJdbcDaoImpl"> <property name="dataSource"> <ref bean="dataSource"/> </property> <property name="userInfoObjectTypes"> <list> <value>Admin</value> <value>Standard</value> </list> </property> </bean> <bean id="dataSource" class="org.springframework.jndi.JndiObjectFactoryBean"> <property name="resourceRef"> <value>true</value> </property> <property name="jndiName"> <value>java:comp/env/jdbc/MyUserDatabase</value> </property> </bean> <bean id="accessDecisionManager" class="org.acegisecurity.vote.UnanimousBased"> <property name="decisionVoters"> <list> <ref bean="roleVoter" /> </list> </property> </bean> <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> <property name="providers"> <list> <ref bean="daoAuthenticationProvider"/> <!--<ref local="anonymousAuthenticationProvider"/>--> <ref bean="rememberMeAuthenticationProvider"/> </list> </property> </bean> <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"> <property name="filterProcessesUrl" value="/j_acegi_security_check" /> <property name="authenticationFailureUrl" value="/AccessDenied" /> <property name="defaultTargetUrl" value="/" /> <property name="authenticationManager" ref="authenticationManager" /> <property name="rememberMeServices" ref="rememberMeServices" /> </bean> <bean id="formAuthenticationEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <property name="loginFormUrl" value="/tests/comcypozpetroslogin" /> <property name="forceHttps" value="false" /> </bean> <bean id="basicProcessingFilter" class="org.acegisecurity.ui.basicauth.BasicProcessingFilter"> <property name="authenticationManager"><ref bean="authenticationManager"/></property> <property name="authenticationEntryPoint"><ref bean="basicProcessingFilterEntryPoint"/></property> </bean> <bean id="basicProcessingFilterEntryPoint" class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint"> <property name="realmName"><value>Contacts Realm</value></property> </bean> <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService"> <ref bean="userDetailsService" /> </property> </bean> <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter"> <property name="authenticationEntryPoint"> <ref bean="formAuthenticationEntryPoint"/> </property> <property name="accessDeniedHandler"> <bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl"> <property name="errorPage" value="/AccessDenied"/> </bean> </property> </bean>
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]