Are you using Spring Security directly or are you using the
tapestry5-acegi library?
I use Sprint Security without using tapestry5-acegi and my Login page is
a fully functional tapestry page (ie it allows you to set ASO's etc.).
The trick is to disable Spring security filtering for the login page (in
de spring config file). In my case:
<security:intercept-url pattern="/login/**" filters="none"/>
If you are using tapestry5-acegi you should somehow make the filter not
filter you login page:
Martijn Brinkers
On Fri, 2008-12-05 at 17:58 -0800, rs1050 wrote:
> Hi,
>
> I would like to create and set ASO on successful login. Without using
> tapestry-spring-security my Login page looked like this:
>
> public class Login {
>
> Object onSuccess() {
> boolean authResult = authenticate();
> if (authResult) {
> // create and set ASO 'myState'
> }
> }
>
> @ApplicationState(create=false)
> private MyState myState;
> }
>
> after integrating with tapestry-spring-security, spring security intercepts
> submits from the login form, and my Index java page in never called. I was
> thinking about providing my own AuthenticationProcessingFilter and there
> setting new instance of ASO in http session manually, but it is very ugly
> because I will have to invoke this method from
> SessionApplicationStatePersistenceStrategy (which is private, so I will need
> to use reflection tricks to overcome, and you get the picture - it becomes
> really ugly):
> private <T> String buildKey(Class<T> asoClass)
> {
> return PREFIX + asoClass.getName();
> }
>
> Any help is appreciated.
> R.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
