You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@wicket.apache.org by lubosp <po...@gmail.com> on 2007/07/28 21:00:17 UTC
Problem configuring Acegi Spring security login page with Wicket
framework
Hi,
I am trying to port my application that uses Acegi Spring security to Wicket
framework, I have the application working with Wicket, but when I try to add
Acegi support as documented at:
http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html, I have
problem to use MyAppSignIn.html page. I define the login page in Acegi
configuration in authentication filter entry point like:
<bean id="exceptionTranslationFilter"
class="org.acegisecurity.ui.ExceptionTranslationFilter">
<property name="authenticationEntryPoint">
<bean
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl"
value="/app/MyAppSignIn.html"/>
<property name="forceHttps" value="false"/>
</bean>
</property>
<property name="accessDeniedHandler">
<bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
<property name="errorPage" value="/app/MyAppSignIn.html"/>
</bean>
</property>
</bean>
And I also set:
<bean id="filterInvocationInterceptor"
class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
<property name="objectDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/app/myappsignin.html=IS_AUTHENTICATED_ANONYMOUSLY
Tomcat tries to open /app/MyAppSignIn.html if I reference
http://localhost:8080/myapp/app, but it cannot find it.
My question is, how do I configure Acegi so it uses Wicket MyAppSignIn page
(same as YourAppSignIn extends WebPage from
http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html0.
Thanks, Lubos
--
View this message in context: http://www.nabble.com/Problem-configuring-Acegi-Spring-security-login-page-with-Wicket-framework-tf4163190.html#a11845555
Sent from the Wicket Users New mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Problem configuring Acegi Spring security login page with Wicket
framework
Posted by Erik van Oosten <e....@chello.nl>.
Hi Lubos,
> But how do I set the appropriate acegi configutration to specify the
> login and login error page in
As I wrote in the previous mail: You don't.
Regards,
Erik.
lubosp wrote:
> Erik,
>
> thanks for the answer. But how do I set the appropriate acegi configutration
> to specify the login and login error page in:
>
> org.acegisecurity.ui.logout.LogoutFilter
> org.acegisecurity.ui.webapp.AuthenticationProcessingFilter,
> authenticationFailureUrl property
> exceptionTranslationFilter, loginFormUrl property
> org.acegisecurity.ui.AccessDeniedHandlerImpl, errorPage property
>
> Thanks, Lubos
>
>
> Erik van Oosten wrote:
>
>> Hi Lubos,
>>
>> If you use wicket-auth-roles (as documented on
>> http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html), you
>> specify the login page in the application object (method
>> getSignInPageClass() in the class YourAppApplication).
>>
>> In the documented setup, Acegi is only used for keeping track of the
>> authenticated user and the actual lookup of a user. The rest is all done
>> by wicket-auth-roles. IMHO you should /not/ try to do front-end
>> authorization with Acegi if you are using Wicket.
>>
>> Regards,
>> Erik.
>>
>>
>> lubosp schreef:
>>
>>> Hi,
>>>
>>> I am trying to port my application that uses Acegi Spring security to
>>> Wicket
>>> framework, I have the application working with Wicket, but when I try to
>>> add
>>> Acegi support as documented at:
>>> http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html, I have
>>> problem to use MyAppSignIn.html page. I define the login page in Acegi
>>> configuration in authentication filter entry point like:
>>>
>>> <bean id="exceptionTranslationFilter"
>>> class="org.acegisecurity.ui.ExceptionTranslationFilter">
>>> <property name="authenticationEntryPoint">
>>> <bean
>>> class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
>>> <property name="loginFormUrl"
>>> value="/app/MyAppSignIn.html"/>
>>> <property name="forceHttps" value="false"/>
>>> </bean>
>>> </property>
>>> <property name="accessDeniedHandler">
>>> <bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
>>> <property name="errorPage"
>>> value="/app/MyAppSignIn.html"/>
>>> </bean>
>>> </property>
>>> </bean>
>>>
>>> And I also set:
>>>
>>> <bean id="filterInvocationInterceptor"
>>> class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
>>> <property name="objectDefinitionSource">
>>> <value>
>>>
>>> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
>>> PATTERN_TYPE_APACHE_ANT
>>>
>>> /app/myappsignin.html=IS_AUTHENTICATED_ANONYMOUSLY
>>>
>>> Tomcat tries to open /app/MyAppSignIn.html if I reference
>>> http://localhost:8080/myapp/app, but it cannot find it.
>>>
>>> My question is, how do I configure Acegi so it uses Wicket MyAppSignIn
>>> page
>>> (same as YourAppSignIn extends WebPage from
>>> http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html0.
>>>
>>> Thanks, Lubos
>>>
>>>
>>>
>> --
>> Erik van Oosten
>> http://2008.rubyenrails.nl/
>> http://www.day-to-day-stuff.blogspot.com/
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
>> For additional commands, e-mail: users-help@wicket.apache.org
>>
>>
>>
>>
>
>
--
Erik van Oosten
http://2008.rubyenrails.nl/
http://www.day-to-day-stuff.blogspot.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
RE: Problem configuring Acegi Spring security login page with Wicket framework
Posted by Laurent Brucher <la...@idelis.be>.
Hi Lubos,
As Erik said, you don't.
As an example, here's the Acegi configuration I use in my project (piece of
the Spring's application context XML):
<bean id="filterChain"
class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/app/**=httpSessionContextIntegrationFilter
</value>
</property>
</bean>
<bean id="httpSessionContextIntegrationFilter"
class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">
<property name="forceEagerSessionCreation" value="true"/>
</bean>
<bean id="authenticationManager"
class="org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref local="myAuthenticationProvider"/>
</list>
</property>
</bean>
<bean id="myAuthenticationProvider"
class="xxxx.MyAuthenticationProvider">
<property name="accountService"
ref="accountService" />
<property name="hideUserNotFoundExceptions" value="true"
/>
<property name="forcePrincipalAsString"
value="false" />
</bean>
Where the wicket servlet is mapped to /app/* in web.xml.
As for the logout, I just have a Logout class that can be called from
anywhere you want, like an onclick handler to a "SignOut" button:
public class Logout extends WebPage
{
public Logout()
{
getSession().invalidate();
RequestCycle.get().setResponsePage(
MyApplication.get().getHomePage() );
setRedirect(true);
}
}
Laurent.
-----Original Message-----
From: lubosp [mailto:pochmans@gmail.com]
Sent: mardi 31 juillet 2007 1:11
To: users@wicket.apache.org
Subject: Re: Problem configuring Acegi Spring security login page with
Wicket framework
Erik,
thanks for the answer. But how do I set the appropriate acegi configutration
to specify the login and login error page in:
org.acegisecurity.ui.logout.LogoutFilter
org.acegisecurity.ui.webapp.AuthenticationProcessingFilter,
authenticationFailureUrl property
exceptionTranslationFilter, loginFormUrl property
org.acegisecurity.ui.AccessDeniedHandlerImpl, errorPage property
Thanks, Lubos
Erik van Oosten wrote:
>
> Hi Lubos,
>
> If you use wicket-auth-roles (as documented on
> http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html), you
> specify the login page in the application object (method
> getSignInPageClass() in the class YourAppApplication).
>
> In the documented setup, Acegi is only used for keeping track of the
> authenticated user and the actual lookup of a user. The rest is all
> done by wicket-auth-roles. IMHO you should /not/ try to do front-end
> authorization with Acegi if you are using Wicket.
>
> Regards,
> Erik.
>
>
> lubosp schreef:
>> Hi,
>>
>> I am trying to port my application that uses Acegi Spring security to
>> Wicket framework, I have the application working with Wicket, but
>> when I try to add Acegi support as documented at:
>> http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html, I
>> have problem to use MyAppSignIn.html page. I define the login page in
>> Acegi configuration in authentication filter entry point like:
>>
>> <bean id="exceptionTranslationFilter"
>> class="org.acegisecurity.ui.ExceptionTranslationFilter">
>> <property name="authenticationEntryPoint">
>> <bean
>>
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"
>
>> <property name="loginFormUrl"
>> value="/app/MyAppSignIn.html"/>
>> <property name="forceHttps" value="false"/>
>> </bean>
>> </property>
>> <property name="accessDeniedHandler">
>> <bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
>> <property name="errorPage"
>> value="/app/MyAppSignIn.html"/>
>> </bean>
>> </property>
>> </bean>
>>
>> And I also set:
>>
>> <bean id="filterInvocationInterceptor"
>> class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
>> <property name="objectDefinitionSource">
>> <value>
>>
>> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
>> PATTERN_TYPE_APACHE_ANT
>>
>> /app/myappsignin.html=IS_AUTHENTICATED_ANONYMOUSLY
>>
>> Tomcat tries to open /app/MyAppSignIn.html if I reference
>> http://localhost:8080/myapp/app, but it cannot find it.
>>
>> My question is, how do I configure Acegi so it uses Wicket
>> MyAppSignIn page (same as YourAppSignIn extends WebPage from
>> http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html0.
>>
>> Thanks, Lubos
>>
>>
>
> --
> Erik van Oosten
> http://2008.rubyenrails.nl/
> http://www.day-to-day-stuff.blogspot.com/
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> For additional commands, e-mail: users-help@wicket.apache.org
>
>
>
--
View this message in context:
http://www.nabble.com/Problem-configuring-Acegi-Spring-security-login-page-w
ith-Wicket-framework-tf4163190.html#a11885765
Sent from the Wicket Users New mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Problem configuring Acegi Spring security login page with
Wicket framework
Posted by lubosp <po...@gmail.com>.
Erik,
thanks for the answer. But how do I set the appropriate acegi configutration
to specify the login and login error page in:
org.acegisecurity.ui.logout.LogoutFilter
org.acegisecurity.ui.webapp.AuthenticationProcessingFilter,
authenticationFailureUrl property
exceptionTranslationFilter, loginFormUrl property
org.acegisecurity.ui.AccessDeniedHandlerImpl, errorPage property
Thanks, Lubos
Erik van Oosten wrote:
>
> Hi Lubos,
>
> If you use wicket-auth-roles (as documented on
> http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html), you
> specify the login page in the application object (method
> getSignInPageClass() in the class YourAppApplication).
>
> In the documented setup, Acegi is only used for keeping track of the
> authenticated user and the actual lookup of a user. The rest is all done
> by wicket-auth-roles. IMHO you should /not/ try to do front-end
> authorization with Acegi if you are using Wicket.
>
> Regards,
> Erik.
>
>
> lubosp schreef:
>> Hi,
>>
>> I am trying to port my application that uses Acegi Spring security to
>> Wicket
>> framework, I have the application working with Wicket, but when I try to
>> add
>> Acegi support as documented at:
>> http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html, I have
>> problem to use MyAppSignIn.html page. I define the login page in Acegi
>> configuration in authentication filter entry point like:
>>
>> <bean id="exceptionTranslationFilter"
>> class="org.acegisecurity.ui.ExceptionTranslationFilter">
>> <property name="authenticationEntryPoint">
>> <bean
>> class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
>> <property name="loginFormUrl"
>> value="/app/MyAppSignIn.html"/>
>> <property name="forceHttps" value="false"/>
>> </bean>
>> </property>
>> <property name="accessDeniedHandler">
>> <bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
>> <property name="errorPage"
>> value="/app/MyAppSignIn.html"/>
>> </bean>
>> </property>
>> </bean>
>>
>> And I also set:
>>
>> <bean id="filterInvocationInterceptor"
>> class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
>> <property name="objectDefinitionSource">
>> <value>
>>
>> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
>> PATTERN_TYPE_APACHE_ANT
>>
>> /app/myappsignin.html=IS_AUTHENTICATED_ANONYMOUSLY
>>
>> Tomcat tries to open /app/MyAppSignIn.html if I reference
>> http://localhost:8080/myapp/app, but it cannot find it.
>>
>> My question is, how do I configure Acegi so it uses Wicket MyAppSignIn
>> page
>> (same as YourAppSignIn extends WebPage from
>> http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html0.
>>
>> Thanks, Lubos
>>
>>
>
> --
> Erik van Oosten
> http://2008.rubyenrails.nl/
> http://www.day-to-day-stuff.blogspot.com/
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> For additional commands, e-mail: users-help@wicket.apache.org
>
>
>
--
View this message in context: http://www.nabble.com/Problem-configuring-Acegi-Spring-security-login-page-with-Wicket-framework-tf4163190.html#a11885765
Sent from the Wicket Users New mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Problem configuring Acegi Spring security login page with Wicket
framework
Posted by Erik van Oosten <e....@chello.nl>.
Hi Lubos,
If you use wicket-auth-roles (as documented on
http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html), you
specify the login page in the application object (method
getSignInPageClass() in the class YourAppApplication).
In the documented setup, Acegi is only used for keeping track of the
authenticated user and the actual lookup of a user. The rest is all done
by wicket-auth-roles. IMHO you should /not/ try to do front-end
authorization with Acegi if you are using Wicket.
Regards,
Erik.
lubosp schreef:
> Hi,
>
> I am trying to port my application that uses Acegi Spring security to Wicket
> framework, I have the application working with Wicket, but when I try to add
> Acegi support as documented at:
> http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html, I have
> problem to use MyAppSignIn.html page. I define the login page in Acegi
> configuration in authentication filter entry point like:
>
> <bean id="exceptionTranslationFilter"
> class="org.acegisecurity.ui.ExceptionTranslationFilter">
> <property name="authenticationEntryPoint">
> <bean
> class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
> <property name="loginFormUrl"
> value="/app/MyAppSignIn.html"/>
> <property name="forceHttps" value="false"/>
> </bean>
> </property>
> <property name="accessDeniedHandler">
> <bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
> <property name="errorPage" value="/app/MyAppSignIn.html"/>
> </bean>
> </property>
> </bean>
>
> And I also set:
>
> <bean id="filterInvocationInterceptor"
> class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
> <property name="objectDefinitionSource">
> <value>
> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
> PATTERN_TYPE_APACHE_ANT
>
> /app/myappsignin.html=IS_AUTHENTICATED_ANONYMOUSLY
>
> Tomcat tries to open /app/MyAppSignIn.html if I reference
> http://localhost:8080/myapp/app, but it cannot find it.
>
> My question is, how do I configure Acegi so it uses Wicket MyAppSignIn page
> (same as YourAppSignIn extends WebPage from
> http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html0.
>
> Thanks, Lubos
>
>
--
Erik van Oosten
http://2008.rubyenrails.nl/
http://www.day-to-day-stuff.blogspot.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org