I have always been particular with composition and case of roles, so
I'll put this as a question.
Do you have spaces in your role names and does it make a difference?
Does the difference in case (upper/lower) make a difference, because
you appear to have them mixed.
On Mon, Mar 12, 2012 at 12:39 AM, harishpatarla <harishpata...@gmail.com> wrote:
>
> Here is the full stack trace. I have integrated it with our organisation’s
> ldap server. I have given my username password in managerDn and
> managerPassword property of initialDirContextFactory bean.
> I am able to login.I have given the roles of the user as
> @secured({role1,role2,role3}).If you say the user trying to login does not
> have permissions for page then how do we provide that.
>
> 2012-03-08 12:26:36,826 DEBUG ["http-apr-8080"-exec-7]
> org.acegisecurity.providers.ProviderManager (ProviderManager.java:190) -
> Authentication attempt using
> org.acegisecurity.providers.ldap.LdapAuthenticationProvider
> 2012-03-08 12:26:36,826 DEBUG ["http-apr-8080"-exec-7]
> org.acegisecurity.providers.ldap.LdapAuthenticationProvider
> (LdapAuthenticationProvider.java:220) - Retrieving user dubeys
> 2012-03-08 12:26:36,827 DEBUG ["http-apr-8080"-exec-7]
> org.acegisecurity.ldap.search.FilterBasedLdapUserSearch
> (FilterBasedLdapUserSearch.java:110) - Searching for user 'dubeys', with
> user search [ searchFilter: 'sAMAccountName={0}', searchBase:
> 'ou=IGGroup,ou=IG Users', scope: subtreesearchTimeLimit: 0derefLinkFlag:
> false ]
> 2012-03-08 12:26:36,827 DEBUG ["http-apr-8080"-exec-7]
> org.acegisecurity.ldap.DefaultInitialDirContextFactory
> (DefaultInitialDirContextFactory.java:176) - Creating InitialDirContext with
> environment
> {java.naming.provider.url=ldap://igdc.igi.ig.local:389/dc=igi,dc=ig,dc=local,
> java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
> java.naming.security.principal=CN=Harish
> Patharla,OU=IGIndia,OU=IGGroup,OU=IG Users,DC=igi,DC=ig,DC=local,
> com.sun.jndi.ldap.connect.pool=true,
> java.naming.security.authentication=simple,
> java.naming.security.credentials=******}
> 2012-03-08 12:26:36,993 DEBUG ["http-apr-8080"-exec-7]
> org.acegisecurity.ldap.DefaultInitialDirContextFactory
> (DefaultInitialDirContextFactory.java:176) - Creating InitialDirContext with
> environment
> {java.naming.provider.url=ldap://igdc.igi.ig.local:389/dc=igi,dc=ig,dc=local,
> java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
> java.naming.security.principal=CN=Shubhang Dubey,OU=IGIndia,ou=IGGroup,ou=IG
> Users,dc=igi,dc=ig,dc=local, java.naming.security.authentication=simple,
> java.naming.security.credentials=******}
> 2012-03-08 12:26:37,476 DEBUG ["http-apr-8080"-exec-7]
> org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator
> (DefaultLdapAuthoritiesPopulator.java:178) - Getting authorities for user
> CN=Shubhang Dubey,OU=IGIndia,ou=IGGroup,ou=IG Users,dc=igi,dc=ig,dc=local
> 2012-03-08 12:26:37,478 DEBUG ["http-apr-8080"-exec-7]
> org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator
> (DefaultLdapAuthoritiesPopulator.java:224) - Searching for roles for user
> 'dubeys', DN = 'CN=Shubhang Dubey,OU=IGIndia,ou=IGGroup,ou=IG
> Users,dc=igi,dc=ig,dc=local', with filter (member={0}) in search base
> 'ou=Role,ou=Security Groups,ou=Administrative Area'
> 2012-03-08 12:26:37,479 DEBUG ["http-apr-8080"-exec-7]
> org.acegisecurity.ldap.DefaultInitialDirContextFactory
> (DefaultInitialDirContextFactory.java:176) - Creating InitialDirContext with
> environment
> {java.naming.provider.url=ldap://igdc.igi.ig.local:389/dc=igi,dc=ig,dc=local,
> java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
> java.naming.security.principal=CN=Harish
> Patharla,OU=IGIndia,OU=IGGroup,OU=IG Users,DC=igi,DC=ig,DC=local,
> com.sun.jndi.ldap.connect.pool=true,
> java.naming.security.authentication=simple,
> java.naming.security.credentials=******}
> 2012-03-08 12:26:37,634 DEBUG ["http-apr-8080"-exec-7]
> org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator
> (DefaultLdapAuthoritiesPopulator.java:232) - Roles from search:
> [RLE-BLR-DEV-QA Engineer 4-staff]
> 2012-03-08 12:26:37,635 INFO ["http-apr-8080"-exec-7]
> uk.co.igindex.regression.web.pages.Login (Login.java:79) - authResult is :
> org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc:
> Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1;
> Password: [PROTECTED]; Authenticated: true; Details: null; Granted
> Authorities: ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF
> 2012-03-08 12:26:37,641 DEBUG ["http-apr-8080"-exec-7]
> org.slf4j.helpers.MarkerIgnoringBase (MarkerIgnoringBase.java:74) - Dispatch
> event: ComponentEvent[passivate from (self)]
> 2012-03-08 12:26:37,642 DEBUG ["http-apr-8080"-exec-7]
> org.acegisecurity.context.HttpSessionContextIntegrationFilter
> (HttpSessionContextIntegrationFilter.java:411) - SecurityContext stored to
> HttpSession: 'org.acegisecurity.context.SecurityContextImpl@415cd0cc:
> Authentication:
> org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc:
> Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1;
> Password: [PROTECTED]; Authenticated: true; Details: null; Granted
> Authorities: ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF'
> 2012-03-08 12:26:37,643 DEBUG ["http-apr-8080"-exec-7]
> nu.localhost.tapestry.acegi.services.internal.AcegiExceptionTranslationFilter
> (AcegiExceptionTranslationFilter.java:70) - Chain processed normally
> 2012-03-08 12:26:37,644 DEBUG ["http-apr-8080"-exec-7]
> org.acegisecurity.context.HttpSessionContextIntegrationFilter
> (HttpSessionContextIntegrationFilter.java:269) - SecurityContextHolder now
> cleared, as request processing completed
> 2012-03-08 12:26:37,647 DEBUG ["http-apr-8080"-exec-8]
> org.acegisecurity.context.HttpSessionContextIntegrationFilter
> (HttpSessionContextIntegrationFilter.java:227) - Obtained a valid
> SecurityContext from ACEGI_SECURITY_CONTEXT to associate with
> SecurityContextHolder:
> 'org.acegisecurity.context.SecurityContextImpl@415cd0cc: Authentication:
> org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc:
> Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1;
> Password: [PROTECTED]; Authenticated: true; Details: null; Granted
> Authorities: ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF'
> 2012-03-08 12:26:37,648 DEBUG ["http-apr-8080"-exec-8]
> org.acegisecurity.ui.rememberme.RememberMeProcessingFilter
> (RememberMeProcessingFilter.java:138) - SecurityContextHolder not populated
> with remember-me token, as it already contained:
> 'org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc:
> Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1;
> Password: [PROTECTED]; Authenticated: true; Details: null; Granted
> Authorities: ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF'
> 2012-03-08 12:26:37,649 DEBUG ["http-apr-8080"-exec-8]
> org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:314) -
> pathInfo: both null (property equals)
> 2012-03-08 12:26:37,650 DEBUG ["http-apr-8080"-exec-8]
> org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:314) -
> queryString: both null (property equals)
> 2012-03-08 12:26:37,650 DEBUG ["http-apr-8080"-exec-8]
> org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
> requestURI: arg1=/regression-test-framework-web/start;
> arg2=/regression-test-framework-web/start (property equals)
> 2012-03-08 12:26:37,651 DEBUG ["http-apr-8080"-exec-8]
> org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
> serverPort: arg1=8080; arg2=8080 (property equals)
> 2012-03-08 12:26:37,651 DEBUG ["http-apr-8080"-exec-8]
> org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
> requestURL: arg1=http://localhost:8080/regression-test-framework-web/start;
> arg2=http://localhost:8080/regression-test-framework-web/start (property
> equals)
> 2012-03-08 12:26:37,652 DEBUG ["http-apr-8080"-exec-8]
> org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
> scheme: arg1=http; arg2=http (property equals)
> 2012-03-08 12:26:37,653 DEBUG ["http-apr-8080"-exec-8]
> org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
> serverName: arg1=localhost; arg2=localhost (property equals)
> 2012-03-08 12:26:37,654 DEBUG ["http-apr-8080"-exec-8]
> org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
> contextPath: arg1=/regression-test-framework-web;
> arg2=/regression-test-framework-web (property equals)
> 2012-03-08 12:26:37,654 DEBUG ["http-apr-8080"-exec-8]
> org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
> servletPath: arg1=/start; arg2=/start (property equals)
> 2012-03-08 12:26:37,655 DEBUG ["http-apr-8080"-exec-8]
> org.acegisecurity.wrapper.SavedRequestAwareWrapper
> (SavedRequestAwareWrapper.java:92) - Wrapper replaced; SavedRequest was:
> SavedRequest[http://localhost:8080/regression-test-framework-web/start]
> 2012-03-08 12:26:37,656 DEBUG ["http-apr-8080"-exec-8]
> org.acegisecurity.providers.anonymous.AnonymousProcessingFilter
> (AnonymousProcessingFilter.java:118) - SecurityContextHolder not populated
> with anonymous token, as it already contained:
> 'org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc:
> Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1;
> Password: [PROTECTED]; Authenticated: true; Details: null; Granted
> Authorities: ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF'
> 2012-03-08 12:26:37,658 DEBUG ["http-apr-8080"-exec-8]
> org.slf4j.helpers.MarkerIgnoringBase (MarkerIgnoringBase.java:74) - Dispatch
> event: ComponentEvent[activate from (self)]
> 2012-03-08 12:26:37,659 DEBUG ["http-apr-8080"-exec-8]
> org.acegisecurity.intercept.AbstractSecurityInterceptor
> (AbstractSecurityInterceptor.java:284) - Secure object:
> [ROLE_RLE-BLR-DEV-JUNIOR AUTOMATION DEVELOPER-STAFF,
> ROLE_RLE-BLR-DEV-AUTOMATION QA TEAM LEADER, ROLE_RLE-BLR-DEV-QA Engineer
> 4-staff]; ConfigAttributes: [ROLE_RLE-BLR-DEV-JUNIOR AUTOMATION
> DEVELOPER-STAFF, ROLE_RLE-BLR-DEV-AUTOMATION QA TEAM LEADER,
> ROLE_RLE-BLR-DEV-QA Engineer 4-staff]
> 2012-03-08 12:26:37,660 DEBUG ["http-apr-8080"-exec-8]
> org.acegisecurity.intercept.AbstractSecurityInterceptor
> (AbstractSecurityInterceptor.java:317) - Previously Authenticated:
> org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc:
> Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1;
> Password: [PROTECTED]; Authenticated: true; Details: null; Granted
> Authorities: ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF
> 2012-03-08 12:26:37,661 ERROR ["http-apr-8080"-exec-8]
> org.apache.tapestry5.internal.services.RenderQueueImpl
> (RenderQueueImpl.java:82) - Render queue error in BeginRender[Start]: Access
> is denied
> org.apache.tapestry5.ioc.internal.util.TapestryException: Access is denied
> at
> org.apache.tapestry5.internal.structure.ComponentPageElementImpl.invoke(ComponentPageElementImpl.java:922)
>
>
> --
> View this message in context:
> http://tapestry.1045711.n5.nabble.com/problem-logging-into-webapp-using-acegi-tp5551844p5556605.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
> For additional commands, e-mail: users-h...@tapestry.apache.org
>
--
Jonathan Barker
ITStrategic
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
