I have always been particular with composition and case of roles, so I'll put this as a question.
Do you have spaces in your role names and does it make a difference? Does the difference in case (upper/lower) make a difference, because you appear to have them mixed. On Mon, Mar 12, 2012 at 12:39 AM, harishpatarla <harishpata...@gmail.com> wrote: > > Here is the full stack trace. I have integrated it with our organisation’s > ldap server. I have given my username password in managerDn and > managerPassword property of initialDirContextFactory bean. > I am able to login.I have given the roles of the user as > @secured({role1,role2,role3}).If you say the user trying to login does not > have permissions for page then how do we provide that. > > 2012-03-08 12:26:36,826 DEBUG ["http-apr-8080"-exec-7] > org.acegisecurity.providers.ProviderManager (ProviderManager.java:190) - > Authentication attempt using > org.acegisecurity.providers.ldap.LdapAuthenticationProvider > 2012-03-08 12:26:36,826 DEBUG ["http-apr-8080"-exec-7] > org.acegisecurity.providers.ldap.LdapAuthenticationProvider > (LdapAuthenticationProvider.java:220) - Retrieving user dubeys > 2012-03-08 12:26:36,827 DEBUG ["http-apr-8080"-exec-7] > org.acegisecurity.ldap.search.FilterBasedLdapUserSearch > (FilterBasedLdapUserSearch.java:110) - Searching for user 'dubeys', with > user search [ searchFilter: 'sAMAccountName={0}', searchBase: > 'ou=IGGroup,ou=IG Users', scope: subtreesearchTimeLimit: 0derefLinkFlag: > false ] > 2012-03-08 12:26:36,827 DEBUG ["http-apr-8080"-exec-7] > org.acegisecurity.ldap.DefaultInitialDirContextFactory > (DefaultInitialDirContextFactory.java:176) - Creating InitialDirContext with > environment > {java.naming.provider.url=ldap://igdc.igi.ig.local:389/dc=igi,dc=ig,dc=local, > java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, > java.naming.security.principal=CN=Harish > Patharla,OU=IGIndia,OU=IGGroup,OU=IG Users,DC=igi,DC=ig,DC=local, > com.sun.jndi.ldap.connect.pool=true, > java.naming.security.authentication=simple, > java.naming.security.credentials=******} > 2012-03-08 12:26:36,993 DEBUG ["http-apr-8080"-exec-7] > org.acegisecurity.ldap.DefaultInitialDirContextFactory > (DefaultInitialDirContextFactory.java:176) - Creating InitialDirContext with > environment > {java.naming.provider.url=ldap://igdc.igi.ig.local:389/dc=igi,dc=ig,dc=local, > java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, > java.naming.security.principal=CN=Shubhang Dubey,OU=IGIndia,ou=IGGroup,ou=IG > Users,dc=igi,dc=ig,dc=local, java.naming.security.authentication=simple, > java.naming.security.credentials=******} > 2012-03-08 12:26:37,476 DEBUG ["http-apr-8080"-exec-7] > org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator > (DefaultLdapAuthoritiesPopulator.java:178) - Getting authorities for user > CN=Shubhang Dubey,OU=IGIndia,ou=IGGroup,ou=IG Users,dc=igi,dc=ig,dc=local > 2012-03-08 12:26:37,478 DEBUG ["http-apr-8080"-exec-7] > org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator > (DefaultLdapAuthoritiesPopulator.java:224) - Searching for roles for user > 'dubeys', DN = 'CN=Shubhang Dubey,OU=IGIndia,ou=IGGroup,ou=IG > Users,dc=igi,dc=ig,dc=local', with filter (member={0}) in search base > 'ou=Role,ou=Security Groups,ou=Administrative Area' > 2012-03-08 12:26:37,479 DEBUG ["http-apr-8080"-exec-7] > org.acegisecurity.ldap.DefaultInitialDirContextFactory > (DefaultInitialDirContextFactory.java:176) - Creating InitialDirContext with > environment > {java.naming.provider.url=ldap://igdc.igi.ig.local:389/dc=igi,dc=ig,dc=local, > java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, > java.naming.security.principal=CN=Harish > Patharla,OU=IGIndia,OU=IGGroup,OU=IG Users,DC=igi,DC=ig,DC=local, > com.sun.jndi.ldap.connect.pool=true, > java.naming.security.authentication=simple, > java.naming.security.credentials=******} > 2012-03-08 12:26:37,634 DEBUG ["http-apr-8080"-exec-7] > org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator > (DefaultLdapAuthoritiesPopulator.java:232) - Roles from search: > [RLE-BLR-DEV-QA Engineer 4-staff] > 2012-03-08 12:26:37,635 INFO ["http-apr-8080"-exec-7] > uk.co.igindex.regression.web.pages.Login (Login.java:79) - authResult is : > org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc: > Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1; > Password: [PROTECTED]; Authenticated: true; Details: null; Granted > Authorities: ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF > 2012-03-08 12:26:37,641 DEBUG ["http-apr-8080"-exec-7] > org.slf4j.helpers.MarkerIgnoringBase (MarkerIgnoringBase.java:74) - Dispatch > event: ComponentEvent[passivate from (self)] > 2012-03-08 12:26:37,642 DEBUG ["http-apr-8080"-exec-7] > org.acegisecurity.context.HttpSessionContextIntegrationFilter > (HttpSessionContextIntegrationFilter.java:411) - SecurityContext stored to > HttpSession: 'org.acegisecurity.context.SecurityContextImpl@415cd0cc: > Authentication: > org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc: > Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1; > Password: [PROTECTED]; Authenticated: true; Details: null; Granted > Authorities: ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF' > 2012-03-08 12:26:37,643 DEBUG ["http-apr-8080"-exec-7] > nu.localhost.tapestry.acegi.services.internal.AcegiExceptionTranslationFilter > (AcegiExceptionTranslationFilter.java:70) - Chain processed normally > 2012-03-08 12:26:37,644 DEBUG ["http-apr-8080"-exec-7] > org.acegisecurity.context.HttpSessionContextIntegrationFilter > (HttpSessionContextIntegrationFilter.java:269) - SecurityContextHolder now > cleared, as request processing completed > 2012-03-08 12:26:37,647 DEBUG ["http-apr-8080"-exec-8] > org.acegisecurity.context.HttpSessionContextIntegrationFilter > (HttpSessionContextIntegrationFilter.java:227) - Obtained a valid > SecurityContext from ACEGI_SECURITY_CONTEXT to associate with > SecurityContextHolder: > 'org.acegisecurity.context.SecurityContextImpl@415cd0cc: Authentication: > org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc: > Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1; > Password: [PROTECTED]; Authenticated: true; Details: null; Granted > Authorities: ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF' > 2012-03-08 12:26:37,648 DEBUG ["http-apr-8080"-exec-8] > org.acegisecurity.ui.rememberme.RememberMeProcessingFilter > (RememberMeProcessingFilter.java:138) - SecurityContextHolder not populated > with remember-me token, as it already contained: > 'org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc: > Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1; > Password: [PROTECTED]; Authenticated: true; Details: null; Granted > Authorities: ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF' > 2012-03-08 12:26:37,649 DEBUG ["http-apr-8080"-exec-8] > org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:314) - > pathInfo: both null (property equals) > 2012-03-08 12:26:37,650 DEBUG ["http-apr-8080"-exec-8] > org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:314) - > queryString: both null (property equals) > 2012-03-08 12:26:37,650 DEBUG ["http-apr-8080"-exec-8] > org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) - > requestURI: arg1=/regression-test-framework-web/start; > arg2=/regression-test-framework-web/start (property equals) > 2012-03-08 12:26:37,651 DEBUG ["http-apr-8080"-exec-8] > org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) - > serverPort: arg1=8080; arg2=8080 (property equals) > 2012-03-08 12:26:37,651 DEBUG ["http-apr-8080"-exec-8] > org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) - > requestURL: arg1=http://localhost:8080/regression-test-framework-web/start; > arg2=http://localhost:8080/regression-test-framework-web/start (property > equals) > 2012-03-08 12:26:37,652 DEBUG ["http-apr-8080"-exec-8] > org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) - > scheme: arg1=http; arg2=http (property equals) > 2012-03-08 12:26:37,653 DEBUG ["http-apr-8080"-exec-8] > org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) - > serverName: arg1=localhost; arg2=localhost (property equals) > 2012-03-08 12:26:37,654 DEBUG ["http-apr-8080"-exec-8] > org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) - > contextPath: arg1=/regression-test-framework-web; > arg2=/regression-test-framework-web (property equals) > 2012-03-08 12:26:37,654 DEBUG ["http-apr-8080"-exec-8] > org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) - > servletPath: arg1=/start; arg2=/start (property equals) > 2012-03-08 12:26:37,655 DEBUG ["http-apr-8080"-exec-8] > org.acegisecurity.wrapper.SavedRequestAwareWrapper > (SavedRequestAwareWrapper.java:92) - Wrapper replaced; SavedRequest was: > SavedRequest[http://localhost:8080/regression-test-framework-web/start] > 2012-03-08 12:26:37,656 DEBUG ["http-apr-8080"-exec-8] > org.acegisecurity.providers.anonymous.AnonymousProcessingFilter > (AnonymousProcessingFilter.java:118) - SecurityContextHolder not populated > with anonymous token, as it already contained: > 'org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc: > Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1; > Password: [PROTECTED]; Authenticated: true; Details: null; Granted > Authorities: ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF' > 2012-03-08 12:26:37,658 DEBUG ["http-apr-8080"-exec-8] > org.slf4j.helpers.MarkerIgnoringBase (MarkerIgnoringBase.java:74) - Dispatch > event: ComponentEvent[activate from (self)] > 2012-03-08 12:26:37,659 DEBUG ["http-apr-8080"-exec-8] > org.acegisecurity.intercept.AbstractSecurityInterceptor > (AbstractSecurityInterceptor.java:284) - Secure object: > [ROLE_RLE-BLR-DEV-JUNIOR AUTOMATION DEVELOPER-STAFF, > ROLE_RLE-BLR-DEV-AUTOMATION QA TEAM LEADER, ROLE_RLE-BLR-DEV-QA Engineer > 4-staff]; ConfigAttributes: [ROLE_RLE-BLR-DEV-JUNIOR AUTOMATION > DEVELOPER-STAFF, ROLE_RLE-BLR-DEV-AUTOMATION QA TEAM LEADER, > ROLE_RLE-BLR-DEV-QA Engineer 4-staff] > 2012-03-08 12:26:37,660 DEBUG ["http-apr-8080"-exec-8] > org.acegisecurity.intercept.AbstractSecurityInterceptor > (AbstractSecurityInterceptor.java:317) - Previously Authenticated: > org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc: > Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1; > Password: [PROTECTED]; Authenticated: true; Details: null; Granted > Authorities: ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF > 2012-03-08 12:26:37,661 ERROR ["http-apr-8080"-exec-8] > org.apache.tapestry5.internal.services.RenderQueueImpl > (RenderQueueImpl.java:82) - Render queue error in BeginRender[Start]: Access > is denied > org.apache.tapestry5.ioc.internal.util.TapestryException: Access is denied > at > org.apache.tapestry5.internal.structure.ComponentPageElementImpl.invoke(ComponentPageElementImpl.java:922) > > > -- > View this message in context: > http://tapestry.1045711.n5.nabble.com/problem-logging-into-webapp-using-acegi-tp5551844p5556605.html > Sent from the Tapestry - User mailing list archive at Nabble.com. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > -- Jonathan Barker ITStrategic --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org