Hi Lubos,
As Erik said, you don't.
As an example, here's the Acegi configuration I use in my project (piece of
the Spring's application context XML):
<bean id="filterChain"
class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/app/**=httpSessionContextIntegrationFilter
</value>
</property>
</bean>
<bean id="httpSessionContextIntegrationFilter"
class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">
<property name="forceEagerSessionCreation" value="true"/>
</bean>
<bean id="authenticationManager"
class="org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref local="myAuthenticationProvider"/>
</list>
</property>
</bean>
<bean id="myAuthenticationProvider"
class="xxxx.MyAuthenticationProvider">
<property name="accountService"
ref="accountService" />
<property name="hideUserNotFoundExceptions" value="true"
/>
<property name="forcePrincipalAsString"
value="false" />
</bean>
Where the wicket servlet is mapped to /app/* in web.xml.
As for the logout, I just have a Logout class that can be called from
anywhere you want, like an onclick handler to a "SignOut" button:
public class Logout extends WebPage
{
public Logout()
{
getSession().invalidate();
RequestCycle.get().setResponsePage(
MyApplication.get().getHomePage() );
setRedirect(true);
}
}
Laurent.
-----Original Message-----
From: lubosp [mailto:[EMAIL PROTECTED]
Sent: mardi 31 juillet 2007 1:11
To: users@wicket.apache.org
Subject: Re: Problem configuring Acegi Spring security login page with
Wicket framework
Erik,
thanks for the answer. But how do I set the appropriate acegi configutration
to specify the login and login error page in:
org.acegisecurity.ui.logout.LogoutFilter
org.acegisecurity.ui.webapp.AuthenticationProcessingFilter,
authenticationFailureUrl property
exceptionTranslationFilter, loginFormUrl property
org.acegisecurity.ui.AccessDeniedHandlerImpl, errorPage property
Thanks, Lubos
Erik van Oosten wrote:
>
> Hi Lubos,
>
> If you use wicket-auth-roles (as documented on
> http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html), you
> specify the login page in the application object (method
> getSignInPageClass() in the class YourAppApplication).
>
> In the documented setup, Acegi is only used for keeping track of the
> authenticated user and the actual lookup of a user. The rest is all
> done by wicket-auth-roles. IMHO you should /not/ try to do front-end
> authorization with Acegi if you are using Wicket.
>
> Regards,
> Erik.
>
>
> lubosp schreef:
>> Hi,
>>
>> I am trying to port my application that uses Acegi Spring security to
>> Wicket framework, I have the application working with Wicket, but
>> when I try to add Acegi support as documented at:
>> http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html, I
>> have problem to use MyAppSignIn.html page. I define the login page in
>> Acegi configuration in authentication filter entry point like:
>>
>> <bean id="exceptionTranslationFilter"
>> class="org.acegisecurity.ui.ExceptionTranslationFilter">
>> <property name="authenticationEntryPoint">
>> <bean
>>
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"
>
>> <property name="loginFormUrl"
>> value="/app/MyAppSignIn.html"/>
>> <property name="forceHttps" value="false"/>
>> </bean>
>> </property>
>> <property name="accessDeniedHandler">
>> <bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
>> <property name="errorPage"
>> value="/app/MyAppSignIn.html"/>
>> </bean>
>> </property>
>> </bean>
>>
>> And I also set:
>>
>> <bean id="filterInvocationInterceptor"
>> class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
>> <property name="objectDefinitionSource">
>> <value>
>>
>> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
>> PATTERN_TYPE_APACHE_ANT
>>
>> /app/myappsignin.html=IS_AUTHENTICATED_ANONYMOUSLY
>>
>> Tomcat tries to open /app/MyAppSignIn.html if I reference
>> http://localhost:8080/myapp/app, but it cannot find it.
>>
>> My question is, how do I configure Acegi so it uses Wicket
>> MyAppSignIn page (same as YourAppSignIn extends WebPage from
>> http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html0.
>>
>> Thanks, Lubos
>>
>>
>
> --
> Erik van Oosten
> http://2008.rubyenrails.nl/
> http://www.day-to-day-stuff.blogspot.com/
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
--
View this message in context:
http://www.nabble.com/Problem-configuring-Acegi-Spring-security-login-page-w
ith-Wicket-framework-tf4163190.html#a11885765
Sent from the Wicket Users New mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
