You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Borut Bolčina <bo...@gmail.com> on 2009/05/12 09:35:41 UTC
Re: t5: forwarding in index
Hi,
warming up this thread again...
So it is not AuthenticationProcessingFilter responsible for taking control
of the authentication because the form posts to j_spring_security_check url.
How does your "Check" page look like? Are you using the authenticate method
of the AbstractUserDetailsAuthenticationProvider?
Thanks,
Borut
2009/4/16 martijn.list <ma...@gmail.com>
> no I do not have any information, sadly. I had to ditch the concept of
>> having tapestry form together with tapestry-spring-security.
>>
>
> Perhaps I misunderstand what you are trying to do but I do have a Tapestry
> form that uses Spring security to authenticate the user.
>
> My form looks like:
>
> <form id="login" method="post" action="/check">
> <label for="j_username">Name
> <span class="small">Your user name</span>
> </label>
> <input type="text" name="j_username" id="j_username" />
>
> <label for="j_password">Password
> <span class="small">required</span>
> </label>
> <input type="password" name="j_password" id="j_password" />
>
> <button type="submit">Login</button>
> </form>
>
>
> in spring.xml
>
> <!-- Use always-use-default-target because it's safer -->
> <security:form-login
> login-page="/login"
> authentication-failure-url="/login/failed"
> login-processing-url="/check"
> always-use-default-target="true"/>
> <security:form-login />
> <security:logout />
> <security:remember-me />
>
> I'm not sure whether tapestry-spring-security supports this but using
> Spring security directly does.
>
> Regards,
>
> Martijn Brinkers
>
>
> --
> Djigzo open source email encryption www.djigzo.com
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
Re: t5: forwarding in index
Posted by "martijn.list" <ma...@gmail.com>.
Borut Bolčina wrote:
> So it is not AuthenticationProcessingFilter responsible for taking control
> of the authentication because the form posts to j_spring_security_check url.
I misunderstood your initial posting. Because I set action to the
AuthenticationProcessingFilter URL Spring handles my authentication but
that's not what you want.
I can think of two possible solutions.
1). Create a non-Tapestry form (like I do) but hidden and post this form
with javascript. This requires Javascript so I'm not sure if you want to
use this
2) Replicate AuthenticationProcessingFilter's behavior (See
org.springframework.security.ui.webapp.AuthenticationProcessingFilter).
You'll need to inject some Spring instances into your Tapestry components.
Martijn Brinkers
>
>
> How does your "Check" page look like? Are you using the authenticate method
> of the AbstractUserDetailsAuthenticationProvider?
>
> Thanks,
> Borut
>
> 2009/4/16 martijn.list <ma...@gmail.com>
>
>> no I do not have any information, sadly. I had to ditch the concept of
>>> having tapestry form together with tapestry-spring-security.
>>>
>> Perhaps I misunderstand what you are trying to do but I do have a Tapestry
>> form that uses Spring security to authenticate the user.
>>
>> My form looks like:
>>
>> <form id="login" method="post" action="/check">
>> <label for="j_username">Name
>> <span class="small">Your user name</span>
>> </label>
>> <input type="text" name="j_username" id="j_username" />
>>
>> <label for="j_password">Password
>> <span class="small">required</span>
>> </label>
>> <input type="password" name="j_password" id="j_password" />
>>
>> <button type="submit">Login</button>
>> </form>
>>
>>
>> in spring.xml
>>
>> <!-- Use always-use-default-target because it's safer -->
>> <security:form-login
>> login-page="/login"
>> authentication-failure-url="/login/failed"
>> login-processing-url="/check"
>> always-use-default-target="true"/>
>> <security:form-login />
>> <security:logout />
>> <security:remember-me />
>>
>> I'm not sure whether tapestry-spring-security supports this but using
>> Spring security directly does.
>>
>> Regards,
>>
>> Martijn Brinkers
>>
>>
>> --
>> Djigzo open source email encryption www.djigzo.com
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
>
--
Djigzo open source email encryption gateway www.djigzo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org