Here is the full stack trace. I have integrated it with our organisation’s
ldap server. I have given my username password in managerDn and
managerPassword property of initialDirContextFactory bean.
I am able to login.I have given the roles of the user as
@secured({role1,role2,role3}).If you say the user trying to login does not
have permissions for page then how do we provide that.
2012-03-08 12:26:36,826 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.providers.ProviderManager (ProviderManager.java:190) -
Authentication attempt using
org.acegisecurity.providers.ldap.LdapAuthenticationProvider
2012-03-08 12:26:36,826 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.providers.ldap.LdapAuthenticationProvider
(LdapAuthenticationProvider.java:220) - Retrieving user dubeys
2012-03-08 12:26:36,827 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.ldap.search.FilterBasedLdapUserSearch
(FilterBasedLdapUserSearch.java:110) - Searching for user 'dubeys', with
user search [ searchFilter: 'sAMAccountName={0}', searchBase:
'ou=IGGroup,ou=IG Users', scope: subtreesearchTimeLimit: 0derefLinkFlag:
false ]
2012-03-08 12:26:36,827 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.ldap.DefaultInitialDirContextFactory
(DefaultInitialDirContextFactory.java:176) - Creating InitialDirContext with
environment
{java.naming.provider.url=ldap://igdc.igi.ig.local:389/dc=igi,dc=ig,dc=local,
java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
java.naming.security.principal=CN=Harish
Patharla,OU=IGIndia,OU=IGGroup,OU=IG Users,DC=igi,DC=ig,DC=local,
com.sun.jndi.ldap.connect.pool=true,
java.naming.security.authentication=simple,
java.naming.security.credentials=******}
2012-03-08 12:26:36,993 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.ldap.DefaultInitialDirContextFactory
(DefaultInitialDirContextFactory.java:176) - Creating InitialDirContext with
environment
{java.naming.provider.url=ldap://igdc.igi.ig.local:389/dc=igi,dc=ig,dc=local,
java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
java.naming.security.principal=CN=Shubhang Dubey,OU=IGIndia,ou=IGGroup,ou=IG
Users,dc=igi,dc=ig,dc=local, java.naming.security.authentication=simple,
java.naming.security.credentials=******}
2012-03-08 12:26:37,476 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator
(DefaultLdapAuthoritiesPopulator.java:178) - Getting authorities for user
CN=Shubhang Dubey,OU=IGIndia,ou=IGGroup,ou=IG Users,dc=igi,dc=ig,dc=local
2012-03-08 12:26:37,478 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator
(DefaultLdapAuthoritiesPopulator.java:224) - Searching for roles for user
'dubeys', DN = 'CN=Shubhang Dubey,OU=IGIndia,ou=IGGroup,ou=IG
Users,dc=igi,dc=ig,dc=local', with filter (member={0}) in search base
'ou=Role,ou=Security Groups,ou=Administrative Area'
2012-03-08 12:26:37,479 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.ldap.DefaultInitialDirContextFactory
(DefaultInitialDirContextFactory.java:176) - Creating InitialDirContext with
environment
{java.naming.provider.url=ldap://igdc.igi.ig.local:389/dc=igi,dc=ig,dc=local,
java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
java.naming.security.principal=CN=Harish
Patharla,OU=IGIndia,OU=IGGroup,OU=IG Users,DC=igi,DC=ig,DC=local,
com.sun.jndi.ldap.connect.pool=true,
java.naming.security.authentication=simple,
java.naming.security.credentials=******}
2012-03-08 12:26:37,634 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator
(DefaultLdapAuthoritiesPopulator.java:232) - Roles from search:
[RLE-BLR-DEV-QA Engineer 4-staff]
2012-03-08 12:26:37,635 INFO ["http-apr-8080"-exec-7]
uk.co.igindex.regression.web.pages.Login (Login.java:79) - authResult is :
org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc:
Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1;
Password: [PROTECTED]; Authenticated: true; Details: null; Granted
Authorities: ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF
2012-03-08 12:26:37,641 DEBUG ["http-apr-8080"-exec-7]
org.slf4j.helpers.MarkerIgnoringBase (MarkerIgnoringBase.java:74) - Dispatch
event: ComponentEvent[passivate from (self)]
2012-03-08 12:26:37,642 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.context.HttpSessionContextIntegrationFilter
(HttpSessionContextIntegrationFilter.java:411) - SecurityContext stored to
HttpSession: 'org.acegisecurity.context.SecurityContextImpl@415cd0cc:
Authentication:
org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc:
Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1;
Password: [PROTECTED]; Authenticated: true; Details: null; Granted
Authorities: ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF'
2012-03-08 12:26:37,643 DEBUG ["http-apr-8080"-exec-7]
nu.localhost.tapestry.acegi.services.internal.AcegiExceptionTranslationFilter
(AcegiExceptionTranslationFilter.java:70) - Chain processed normally
2012-03-08 12:26:37,644 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.context.HttpSessionContextIntegrationFilter
(HttpSessionContextIntegrationFilter.java:269) - SecurityContextHolder now
cleared, as request processing completed
2012-03-08 12:26:37,647 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.context.HttpSessionContextIntegrationFilter
(HttpSessionContextIntegrationFilter.java:227) - Obtained a valid
SecurityContext from ACEGI_SECURITY_CONTEXT to associate with
SecurityContextHolder:
'org.acegisecurity.context.SecurityContextImpl@415cd0cc: Authentication:
org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc:
Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1;
Password: [PROTECTED]; Authenticated: true; Details: null; Granted
Authorities: ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF'
2012-03-08 12:26:37,648 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.rememberme.RememberMeProcessingFilter
(RememberMeProcessingFilter.java:138) - SecurityContextHolder not populated
with remember-me token, as it already contained:
'org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc:
Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1;
Password: [PROTECTED]; Authenticated: true; Details: null; Granted
Authorities: ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF'
2012-03-08 12:26:37,649 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:314) -
pathInfo: both null (property equals)
2012-03-08 12:26:37,650 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:314) -
queryString: both null (property equals)
2012-03-08 12:26:37,650 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
requestURI: arg1=/regression-test-framework-web/start;
arg2=/regression-test-framework-web/start (property equals)
2012-03-08 12:26:37,651 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
serverPort: arg1=8080; arg2=8080 (property equals)
2012-03-08 12:26:37,651 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
requestURL: arg1=http://localhost:8080/regression-test-framework-web/start;
arg2=http://localhost:8080/regression-test-framework-web/start (property
equals)
2012-03-08 12:26:37,652 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
scheme: arg1=http; arg2=http (property equals)
2012-03-08 12:26:37,653 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
serverName: arg1=localhost; arg2=localhost (property equals)
2012-03-08 12:26:37,654 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
contextPath: arg1=/regression-test-framework-web;
arg2=/regression-test-framework-web (property equals)
2012-03-08 12:26:37,654 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
servletPath: arg1=/start; arg2=/start (property equals)
2012-03-08 12:26:37,655 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.wrapper.SavedRequestAwareWrapper
(SavedRequestAwareWrapper.java:92) - Wrapper replaced; SavedRequest was:
SavedRequest[http://localhost:8080/regression-test-framework-web/start]
2012-03-08 12:26:37,656 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.providers.anonymous.AnonymousProcessingFilter
(AnonymousProcessingFilter.java:118) - SecurityContextHolder not populated
with anonymous token, as it already contained:
'org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc:
Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1;
Password: [PROTECTED]; Authenticated: true; Details: null; Granted
Authorities: ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF'
2012-03-08 12:26:37,658 DEBUG ["http-apr-8080"-exec-8]
org.slf4j.helpers.MarkerIgnoringBase (MarkerIgnoringBase.java:74) - Dispatch
event: ComponentEvent[activate from (self)]
2012-03-08 12:26:37,659 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.intercept.AbstractSecurityInterceptor
(AbstractSecurityInterceptor.java:284) - Secure object:
[ROLE_RLE-BLR-DEV-JUNIOR AUTOMATION DEVELOPER-STAFF,
ROLE_RLE-BLR-DEV-AUTOMATION QA TEAM LEADER, ROLE_RLE-BLR-DEV-QA Engineer
4-staff]; ConfigAttributes: [ROLE_RLE-BLR-DEV-JUNIOR AUTOMATION
DEVELOPER-STAFF, ROLE_RLE-BLR-DEV-AUTOMATION QA TEAM LEADER,
ROLE_RLE-BLR-DEV-QA Engineer 4-staff]
2012-03-08 12:26:37,660 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.intercept.AbstractSecurityInterceptor
(AbstractSecurityInterceptor.java:317) - Previously Authenticated:
org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc:
Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1;
Password: [PROTECTED]; Authenticated: true; Details: null; Granted
Authorities: ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF
2012-03-08 12:26:37,661 ERROR ["http-apr-8080"-exec-8]
org.apache.tapestry5.internal.services.RenderQueueImpl
(RenderQueueImpl.java:82) - Render queue error in BeginRender[Start]: Access
is denied
org.apache.tapestry5.ioc.internal.util.TapestryException: Access is denied
at
org.apache.tapestry5.internal.structure.ComponentPageElementImpl.invoke(ComponentPageElementImpl.java:922)
--
View this message in context:
http://tapestry.1045711.n5.nabble.com/problem-logging-into-webapp-using-acegi-tp5551844p5556605.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
