Hi James, Thanks for the example.
I actually already have it running but was just wondering if there is any other reason than securing static resources, to still configure the org.springframework.web.filter.DelegatingFilterProxy in the web.xml. As far as I can reason by using the wicket-auth-roles Wicket is responsible to check whether or not someone is signed and not Spring Security. (The check is implemented in the AuthenticatedWebSession.authenticate(..) that delegates is to Spring Securities AuthenticationManager. ). I removed the filter and all still works, but I might be overlooking something... Any thoughts? About the example: Beware that in your SpringSecuritySession ( http://svn.carmanconsulting.com/public/wicket-advanced/trunk/src/main/java/com/carmanconsulting/wicket/advanced/web/common/session/SpringSecuritySession.java) you'll need to catch AuthenticationException. According to the contract the AuthenticationManager.authenticate throws an AuthenticationException when login fails (see javadoc of AuthenticationManager.authenticate). Lars On Wed, Jan 21, 2009 at 1:35 PM, James Carman <jcar...@carmanconsulting.com>wrote: > Lars, > > My wicket-advanced example code uses Spring security and > wicket-auth-roles. You can download it here: > > http://svn.carmanconsulting.com/public/wicket-advanced/trunk/ > > Hope that helps. > > James > > On Wed, Jan 21, 2009 at 5:07 AM, Lars Vonk <lars.v...@gmail.com> wrote: > > Hi, > > > > I am currently configuring my project to use spring-security 2.x with > > wicket-auth-roles and noticed that the > > http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html page is > > slightly out-of-date. Is it okay is I add a wicket 1.3.5 and spring > security > > 2.x example? > > > > Another thing I noticed is that in the example ( > > http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html) the > Spring > > Security Filter is added to the web.xml. But I think this is only > necessary > > if you also want to protect static resources right? Or is there another > > reason to add the Spring Security Filter? > > > > Thanks in advance, > > > > Lars > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org > For additional commands, e-mail: users-h...@wicket.apache.org > >
