Quick Question: How can we avoid the situation where a user tries to directly access the URL corresponding to the page named "Secure" in this case. I mean without going thru the login form.
Thanks -----Original Message----- From: Jacob Bergoo [mailto:[EMAIL PROTECTED] Sent: 28 March 2008 23:28 To: users@tapestry.apache.org Subject: T5: Problem with login form with Acegi Hi All, In my project I use the Tapestry5-Acegi project and made that work following the example and with some help from the forum, thanks... Now I'm trying to make a more realistic version of a login where I can control the validation on the login form and also based on user roles redirect the user to the right page. I have created a page like this: public class LoginPage { /* PRIVATE MEMBERS */ @Persist private String userName; private String password; @Component private Form form; /* INJECTED COMPONENTS, SERVICES ETC. */ @Component(id = "password") private PasswordField passwordField; @Inject private AuthenticationManager authenticationManager; /* GETTERS AND SETTERS */ public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } public String getUserName() { return userName; } public void setUserName(String userName) { this.userName = userName; } /* ACTION METHODS */ protected String onSuccess() { UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(userName, password); Authentication authResult; try { authResult = authenticationManager.authenticate(authRequest); if (!authResult.isAuthenticated()) { form.recordError(passwordField, "Invalid user name or password."); return null; } GrantedAuthority[] gratedAuthorityArray = authResult.getAuthorities(); Set<GrantedAuthority> grantedAuthoritySet = new HashSet<GrantedAuthority>(); for (int i = 0; i < gratedAuthorityArray.length; i++) { grantedAuthoritySet.add(gratedAuthorityArray[i]); System.out.println("Adding " + gratedAuthorityArray[i] + " to set"); } // DEBUGGING.... System.out.println("successful login for: " + userName); System.out.println("authResult.getCredentials() = " + authResult.getCredentials()); System.out.println("authResult.getPrincipal() = " + authResult.getPrincipal()); System.out.println("authResult.getAuthorities(): "); for (int i = 0; i < gratedAuthorityArray.length; i++) { System.out.println("Auth no " + (i + 1) + " = '" + gratedAuthorityArray[i] + "'"); } // END DEBUGGING... if (grantedAuthoritySet.contains("ROLE_ADMIN")) { System.out.println("Redirecting to Secure page..."); return "Secure"; } else if (grantedAuthoritySet.contains("ROLE_SOME_OTHER_ROLE")) { System.out.println("redirecting to some other page"); return "SOME_OTHER_PAGE"; } } catch (AuthenticationException authenticationException) { System.out.println("user with username = " + userName + "couldn't be authenticated with Acegi"); } return null; } } In my Jetty Console I can see that I get the Authetication: Adding ROLE_ADMIN to set Adding ROLE_MANAGER to set Adding ROLE_USER to set successful login for: jacob authResult.getCredentials() = jacob authResult.getPrincipal() = UserDetailsBean { username = jacob password = jacob accountNonExpired = true passwordaccountNonLocked = true credentialsNonExpired = true enabled = true grantedAuthorities { 'ROLE_ADMIN' 'ROLE_MANAGER' 'ROLE_USER' } } authResult.getAuthorities(): Auth no 1 = 'ROLE_ADMIN' Auth no 2 = 'ROLE_MANAGER' Auth no 3 = 'ROLE_USER' [INFO] TimingFilter Request time: 26 ms [INFO] TimingFilter Request time: 18 ms [INFO] TimingFilter Request time: 2 ms but the redirection to the pages doesn't work... and if I change the last return null; to return "Secure"; then I get this exception instead: [ERROR] Secure Render queue error in BeginRender[Secure]: Access is denied org.apache.tapestry.ioc.internal.util.TapestryException: Access is denied at org.apache.tapestry.internal.structure.ComponentPageElementImpl.invoke(C omponentPageElementImpl.java:884) at org.apache.tapestry.internal.structure.ComponentPageElementImpl.access$1 00(ComponentPageElementImpl.java:54) at org.apache.tapestry.internal.structure.ComponentPageElementImpl$11.rende r(ComponentPageElementImpl.java:342) at org.apache.tapestry.internal.services.RenderQueueImpl.run(RenderQueueImp l.java:63) at org.apache.tapestry.internal.services.PageRenderQueueImpl.render(PageRen derQueueImpl.java:84) at $PageRenderQueue_118f7af20ee.render($PageRenderQueue_118f7af20ee.java) at $PageRenderQueue_118f7af20e7.render($PageRenderQueue_118f7af20e7.java) at org.apache.tapestry.services.TapestryModule$19.renderMarkup(TapestryModu le.java:1293) at org.apache.tapestry.services.TapestryModule$23.renderMarkup(TapestryModu le.java:1402) at $MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.jav a) at org.apache.tapestry.services.TapestryModule$22.renderMarkup(TapestryModu le.java:1383) at $MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.jav a) at org.apache.tapestry.services.TapestryModule$21.renderMarkup(TapestryModu le.java:1365) at $MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.jav a) at org.apache.tapestry.services.TapestryModule$20.renderMarkup(TapestryModu le.java:1347) at $MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.jav a) at $MarkupRenderer_118f7af20ec.renderMarkup($MarkupRenderer_118f7af20ec.jav a) at org.apache.tapestry.internal.services.PageMarkupRendererImpl.renderPageM arkup(PageMarkupRendererImpl.java:55) at $PageMarkupRenderer_118f7af20ea.renderPageMarkup($PageMarkupRenderer_118 f7af20ea.java) at org.apache.tapestry.internal.services.PageResponseRendererImpl.renderPag eResponse(PageResponseRendererImpl.java:57) at $PageResponseRenderer_118f7af20bb.renderPageResponse($PageResponseRender er_118f7af20bb.java) at org.apache.tapestry.internal.services.PageRenderRequestHandlerImpl.handl e(PageRenderRequestHandlerImpl.java:59) at org.apache.tapestry.services.TapestryModule$29.handle(TapestryModule.jav a:1607) at $PageRenderRequestHandler_118f7af20bc.handle($PageRenderRequestHandler_1 18f7af20bc.java) at $PageRenderRequestHandler_118f7af20b1.handle($PageRenderRequestHandler_1 18f7af20b1.java) at org.apache.tapestry.internal.services.PageRenderDispatcher.process(PageR enderDispatcher.java:97) at org.apache.tapestry.internal.services.PageRenderDispatcher.dispatch(Page RenderDispatcher.java:73) at $Dispatcher_118f7af20b8.dispatch($Dispatcher_118f7af20b8.java) at $Dispatcher_118f7af20a9.dispatch($Dispatcher_118f7af20a9.java) at org.apache.tapestry.services.TapestryModule$13.service(TapestryModule.ja va:944) at com.bergoo.webshop.services.AppModule$1.service(AppModule.java:94) at $RequestFilter_118f7af20a8.service($RequestFilter_118f7af20a8.java) at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java) at org.apache.tapestry.internal.services.LocalizationFilter.service(Localiz ationFilter.java:42) at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java) at org.apache.tapestry.services.TapestryModule$3.service(TapestryModule.jav a:553) at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java) at org.apache.tapestry.internal.services.StaticFilesFilter.service(StaticFi lesFilter.java:79) at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java) at nu.localhost.tapestry.acegi.services.internal.RequestFilterWrapper$1.doF ilter(RequestFilterWrapper.java:60) at nu.localhost.tapestry.acegi.services.internal.AcegiExceptionTranslationF ilter.doFilter(AcegiExceptionTranslationFilter.java:67) at nu.localhost.tapestry.acegi.services.internal.RequestFilterWrapper.servi ce(RequestFilterWrapper.java:54) at $RequestFilter_118f7af20a4.service($RequestFilter_118f7af20a4.java) at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java) at org.apache.tapestry.services.TapestryModule$2.service(TapestryModule.jav a:520) at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java) at org.apache.tapestry.internal.services.CheckForUpdatesFilter$2.invoke(Che ckForUpdatesFilter.java:93) at org.apache.tapestry.internal.services.CheckForUpdatesFilter$2.invoke(Che ckForUpdatesFilter.java:84) at org.apache.tapestry.ioc.internal.util.ConcurrentBarrier.withRead(Concurr entBarrier.java:77) at org.apache.tapestry.internal.services.CheckForUpdatesFilter.service(Chec kForUpdatesFilter.java:106) at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java) at $RequestHandler_118f7af209e.service($RequestHandler_118f7af209e.java) at org.apache.tapestry.services.TapestryModule$12.service(TapestryModule.ja va:924) at org.apache.tapestry.internal.services.IgnoredPathsFilter.service(Ignored PathsFilter.java:62) at $HttpServletRequestFilter_118f7af209d.service($HttpServletRequestFilter_ 118f7af209d.java) at $HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle r_118f7af209f.java) at nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr apper$1.doFilter(HttpServletRequestFilterWrapper.java:57) at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter (AnonymousProcessingFilter.java:125) at nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr apper.service(HttpServletRequestFilterWrapper.java:52) at $HttpServletRequestFilter_118f7af209c.service($HttpServletRequestFilter_ 118f7af209c.java) at $HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle r_118f7af209f.java) at nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr apper$1.doFilter(HttpServletRequestFilterWrapper.java:57) at org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter.doFilt er(SecurityContextHolderAwareRequestFilter.java:81) at nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr apper.service(HttpServletRequestFilterWrapper.java:52) at $HttpServletRequestFilter_118f7af209b.service($HttpServletRequestFilter_ 118f7af209b.java) at $HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle r_118f7af209f.java) at nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr apper$1.doFilter(HttpServletRequestFilterWrapper.java:57) at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(Reme mberMeProcessingFilter.java:135) at nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr apper.service(HttpServletRequestFilterWrapper.java:52) at $HttpServletRequestFilter_118f7af209a.service($HttpServletRequestFilter_ 118f7af209a.java) at $HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle r_118f7af209f.java) at nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr apper$1.doFilter(HttpServletRequestFilterWrapper.java:57) at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessin gFilter.java:271) at nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr apper.service(HttpServletRequestFilterWrapper.java:52) at $HttpServletRequestFilter_118f7af2099.service($HttpServletRequestFilter_ 118f7af2099.java) at $HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle r_118f7af209f.java) at nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr apper$1.doFilter(HttpServletRequestFilterWrapper.java:57) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(H ttpSessionContextIntegrationFilter.java:249) at nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr apper.service(HttpServletRequestFilterWrapper.java:52) at $HttpServletRequestFilter_118f7af2098.service($HttpServletRequestFilter_ 118f7af2098.java) at $HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle r_118f7af209f.java) at $HttpServletRequestHandler_118f7af2097.service($HttpServletRequestHandle r_118f7af2097.java) at org.apache.tapestry.TapestryFilter.doFilter(TapestryFilter.java:168) at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(Web ApplicationHandler.java:821) at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFil terInternal(OpenSessionInViewFilter.java:198) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequ estFilter.java:75) at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(Web ApplicationHandler.java:821) at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationH andler.java:471) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568) at org.mortbay.http.HttpContext.handle(HttpContext.java:1530) at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationCon text.java:633) at org.mortbay.http.HttpContext.handle(HttpContext.java:1482) at org.mortbay.http.HttpServer.service(HttpServer.java:909) at org.mortbay.http.HttpConnection.service(HttpConnection.java:820) at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:986) at org.mortbay.http.HttpConnection.handle(HttpConnection.java:837) at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:245 ) at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357) at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534) Caused by: org.acegisecurity.AccessDeniedException: Access is denied at org.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:68) at $AccessDecisionManager_118f7af2115.decide($AccessDecisionManager_118f7af 2115.java) at org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation (AbstractSecurityInterceptor.java:323) at nu.localhost.tapestry.acegi.services.internal.StaticSecurityChecker.chec kBefore(StaticSecurityChecker.java:43) at $SecurityChecker_118f7af20ce.checkBefore($SecurityChecker_118f7af20ce.ja va) at com.bergoo.webshop.pages.Secure.beginRender(Secure.java) at org.apache.tapestry.internal.structure.ComponentPageElementImpl$11$1.run (ComponentPageElementImpl.java:338) at org.apache.tapestry.internal.structure.ComponentPageElementImpl.invoke(C omponentPageElementImpl.java:874) ... 98 more The Secure.java has a @Secured("ROLE_ADMIN") annotation and therefor I should be granted access to this page. Anyone have any Idears? Thanks in advance, Jacob -- View this message in context: http://www.nabble.com/T5%3A-Problem-with-login-form-with-Acegi-tp1636429 5p16364295.html Sent from the Tapestry - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] The information contained in this email is strictly confidential and for the use of the addressee only, unless otherwise indicated. If you are not the intended recipient, please do not read, copy, use or disclose to others this message or any attachment. Please also notify the sender by replying to this email or by telephone (+44 (0)20 7896 0011) and then delete the email and any copies of it. Opinions, conclusions (etc.) that do not relate to the official business of this company shall be understood as neither given nor endorsed by it. IG Index plc is a company registered in England and Wales under number 01190902. VAT registration number 761 2978 07. Registered Office: Friars House, 157-168 Blackfriars Road, London SE1 8EZ. Authorised and regulated by the Financial Services Authority. FSA Register number 114059. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]