You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tapestry.apache.org by Borut Bolčina <bo...@gmail.com> on 2009/05/12 09:35:41 UTC

Re: t5: forwarding in index

Hi,

warming up this thread again...

So it is not AuthenticationProcessingFilter responsible for taking control
of the authentication because the form posts to j_spring_security_check url.


How does your "Check" page look like? Are you using the authenticate method
of the AbstractUserDetailsAuthenticationProvider?

Thanks,
Borut

2009/4/16 martijn.list <ma...@gmail.com>

> no I do not have any information, sadly. I had to ditch the concept of
>> having tapestry form together with tapestry-spring-security.
>>
>
> Perhaps I misunderstand what you are trying to do but I do have a Tapestry
> form that uses Spring security to authenticate the user.
>
> My form looks like:
>
> <form id="login" method="post" action="/check">
>    <label for="j_username">Name
>        <span class="small">Your user name</span>
>    </label>
>    <input type="text" name="j_username" id="j_username" />
>
>    <label for="j_password">Password
>        <span class="small">required</span>
>    </label>
>    <input type="password" name="j_password" id="j_password" />
>
>    <button type="submit">Login</button>
> </form>
>
>
> in spring.xml
>
> <!-- Use always-use-default-target because it's safer  -->
> <security:form-login
>                login-page="/login"
>                authentication-failure-url="/login/failed"
>                login-processing-url="/check"
>                always-use-default-target="true"/>
> <security:form-login />
> <security:logout />
> <security:remember-me />
>
> I'm not sure whether tapestry-spring-security supports this but using
> Spring security directly does.
>
> Regards,
>
> Martijn Brinkers
>
>
> --
> Djigzo open source email encryption www.djigzo.com
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>

Re: t5: forwarding in index

Posted by "martijn.list" <ma...@gmail.com>.

Borut Bolčina wrote:
> So it is not AuthenticationProcessingFilter responsible for taking control
> of the authentication because the form posts to j_spring_security_check url.

I misunderstood your initial posting. Because I set action to the 
AuthenticationProcessingFilter URL Spring handles my authentication but 
that's not what you want.

I can think of two possible solutions.

1). Create a non-Tapestry form (like I do) but hidden and post this form 
with javascript. This requires Javascript so I'm not sure if you want to 
use this

2) Replicate AuthenticationProcessingFilter's behavior (See 
org.springframework.security.ui.webapp.AuthenticationProcessingFilter). 
You'll need to inject some Spring instances into your Tapestry components.

Martijn Brinkers


> 
> 
> How does your "Check" page look like? Are you using the authenticate method
> of the AbstractUserDetailsAuthenticationProvider?
> 
> Thanks,
> Borut
> 
> 2009/4/16 martijn.list <ma...@gmail.com>
> 
>> no I do not have any information, sadly. I had to ditch the concept of
>>> having tapestry form together with tapestry-spring-security.
>>>
>> Perhaps I misunderstand what you are trying to do but I do have a Tapestry
>> form that uses Spring security to authenticate the user.
>>
>> My form looks like:
>>
>> <form id="login" method="post" action="/check">
>>    <label for="j_username">Name
>>        <span class="small">Your user name</span>
>>    </label>
>>    <input type="text" name="j_username" id="j_username" />
>>
>>    <label for="j_password">Password
>>        <span class="small">required</span>
>>    </label>
>>    <input type="password" name="j_password" id="j_password" />
>>
>>    <button type="submit">Login</button>
>> </form>
>>
>>
>> in spring.xml
>>
>> <!-- Use always-use-default-target because it's safer  -->
>> <security:form-login
>>                login-page="/login"
>>                authentication-failure-url="/login/failed"
>>                login-processing-url="/check"
>>                always-use-default-target="true"/>
>> <security:form-login />
>> <security:logout />
>> <security:remember-me />
>>
>> I'm not sure whether tapestry-spring-security supports this but using
>> Spring security directly does.
>>
>> Regards,
>>
>> Martijn Brinkers
>>
>>
>> --
>> Djigzo open source email encryption www.djigzo.com
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
> 


-- 
Djigzo open source email encryption gateway www.djigzo.com

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org