You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Jacob Bergoo <ja...@gmail.com> on 2008/03/29 00:28:26 UTC
T5: Problem with login form with Acegi
Hi All,
In my project I use the Tapestry5-Acegi project and made that work following
the example and with some help from the forum, thanks...
Now I'm trying to make a more realistic version of a login where I can
control the validation on the login form and also based on user roles
redirect the user to the right page.
I have created a page like this:
public class LoginPage {
/* PRIVATE MEMBERS */
@Persist
private String userName;
private String password;
@Component
private Form form;
/* INJECTED COMPONENTS, SERVICES ETC. */
@Component(id = "password")
private PasswordField passwordField;
@Inject
private AuthenticationManager authenticationManager;
/* GETTERS AND SETTERS */
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getUserName() {
return userName;
}
public void setUserName(String userName) {
this.userName = userName;
}
/* ACTION METHODS */
protected String onSuccess() {
UsernamePasswordAuthenticationToken authRequest = new
UsernamePasswordAuthenticationToken(userName, password);
Authentication authResult;
try {
authResult = authenticationManager.authenticate(authRequest);
if (!authResult.isAuthenticated()) {
form.recordError(passwordField,
"Invalid user name or password.");
return null;
}
GrantedAuthority[] gratedAuthorityArray = authResult.getAuthorities();
Set<GrantedAuthority> grantedAuthoritySet = new
HashSet<GrantedAuthority>();
for (int i = 0; i < gratedAuthorityArray.length; i++) {
grantedAuthoritySet.add(gratedAuthorityArray[i]);
System.out.println("Adding " + gratedAuthorityArray[i] + " to set");
}
// DEBUGGING....
System.out.println("successful login for: " + userName);
System.out.println("authResult.getCredentials() = " +
authResult.getCredentials());
System.out.println("authResult.getPrincipal() = " +
authResult.getPrincipal());
System.out.println("authResult.getAuthorities(): ");
for (int i = 0; i < gratedAuthorityArray.length; i++) {
System.out.println("Auth no " + (i + 1) + " = '" +
gratedAuthorityArray[i] + "'");
}
// END DEBUGGING...
if (grantedAuthoritySet.contains("ROLE_ADMIN")) {
System.out.println("Redirecting to Secure page...");
return "Secure";
} else if (grantedAuthoritySet.contains("ROLE_SOME_OTHER_ROLE")) {
System.out.println("redirecting to some other page");
return "SOME_OTHER_PAGE";
}
} catch (AuthenticationException authenticationException) {
System.out.println("user with username = " + userName
+ "couldn't be authenticated with Acegi");
}
return null;
}
}
In my Jetty Console I can see that I get the Authetication:
Adding ROLE_ADMIN to set
Adding ROLE_MANAGER to set
Adding ROLE_USER to set
successful login for: jacob
authResult.getCredentials() = jacob
authResult.getPrincipal() = UserDetailsBean {
username = jacob
password = jacob
accountNonExpired = true
passwordaccountNonLocked = true
credentialsNonExpired = true
enabled = true
grantedAuthorities {
'ROLE_ADMIN'
'ROLE_MANAGER'
'ROLE_USER'
}
}
authResult.getAuthorities():
Auth no 1 = 'ROLE_ADMIN'
Auth no 2 = 'ROLE_MANAGER'
Auth no 3 = 'ROLE_USER'
[INFO] TimingFilter Request time: 26 ms
[INFO] TimingFilter Request time: 18 ms
[INFO] TimingFilter Request time: 2 ms
but the redirection to the pages doesn't work... and if I change the last
return null; to return "Secure"; then I get this exception instead:
[ERROR] Secure Render queue error in BeginRender[Secure]: Access is denied
org.apache.tapestry.ioc.internal.util.TapestryException: Access is denied
at
org.apache.tapestry.internal.structure.ComponentPageElementImpl.invoke(ComponentPageElementImpl.java:884)
at
org.apache.tapestry.internal.structure.ComponentPageElementImpl.access$100(ComponentPageElementImpl.java:54)
at
org.apache.tapestry.internal.structure.ComponentPageElementImpl$11.render(ComponentPageElementImpl.java:342)
at
org.apache.tapestry.internal.services.RenderQueueImpl.run(RenderQueueImpl.java:63)
at
org.apache.tapestry.internal.services.PageRenderQueueImpl.render(PageRenderQueueImpl.java:84)
at $PageRenderQueue_118f7af20ee.render($PageRenderQueue_118f7af20ee.java)
at $PageRenderQueue_118f7af20e7.render($PageRenderQueue_118f7af20e7.java)
at
org.apache.tapestry.services.TapestryModule$19.renderMarkup(TapestryModule.java:1293)
at
org.apache.tapestry.services.TapestryModule$23.renderMarkup(TapestryModule.java:1402)
at
$MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.java)
at
org.apache.tapestry.services.TapestryModule$22.renderMarkup(TapestryModule.java:1383)
at
$MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.java)
at
org.apache.tapestry.services.TapestryModule$21.renderMarkup(TapestryModule.java:1365)
at
$MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.java)
at
org.apache.tapestry.services.TapestryModule$20.renderMarkup(TapestryModule.java:1347)
at
$MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.java)
at
$MarkupRenderer_118f7af20ec.renderMarkup($MarkupRenderer_118f7af20ec.java)
at
org.apache.tapestry.internal.services.PageMarkupRendererImpl.renderPageMarkup(PageMarkupRendererImpl.java:55)
at
$PageMarkupRenderer_118f7af20ea.renderPageMarkup($PageMarkupRenderer_118f7af20ea.java)
at
org.apache.tapestry.internal.services.PageResponseRendererImpl.renderPageResponse(PageResponseRendererImpl.java:57)
at
$PageResponseRenderer_118f7af20bb.renderPageResponse($PageResponseRenderer_118f7af20bb.java)
at
org.apache.tapestry.internal.services.PageRenderRequestHandlerImpl.handle(PageRenderRequestHandlerImpl.java:59)
at
org.apache.tapestry.services.TapestryModule$29.handle(TapestryModule.java:1607)
at
$PageRenderRequestHandler_118f7af20bc.handle($PageRenderRequestHandler_118f7af20bc.java)
at
$PageRenderRequestHandler_118f7af20b1.handle($PageRenderRequestHandler_118f7af20b1.java)
at
org.apache.tapestry.internal.services.PageRenderDispatcher.process(PageRenderDispatcher.java:97)
at
org.apache.tapestry.internal.services.PageRenderDispatcher.dispatch(PageRenderDispatcher.java:73)
at $Dispatcher_118f7af20b8.dispatch($Dispatcher_118f7af20b8.java)
at $Dispatcher_118f7af20a9.dispatch($Dispatcher_118f7af20a9.java)
at
org.apache.tapestry.services.TapestryModule$13.service(TapestryModule.java:944)
at com.bergoo.webshop.services.AppModule$1.service(AppModule.java:94)
at $RequestFilter_118f7af20a8.service($RequestFilter_118f7af20a8.java)
at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
org.apache.tapestry.internal.services.LocalizationFilter.service(LocalizationFilter.java:42)
at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
org.apache.tapestry.services.TapestryModule$3.service(TapestryModule.java:553)
at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
org.apache.tapestry.internal.services.StaticFilesFilter.service(StaticFilesFilter.java:79)
at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
nu.localhost.tapestry.acegi.services.internal.RequestFilterWrapper$1.doFilter(RequestFilterWrapper.java:60)
at
nu.localhost.tapestry.acegi.services.internal.AcegiExceptionTranslationFilter.doFilter(AcegiExceptionTranslationFilter.java:67)
at
nu.localhost.tapestry.acegi.services.internal.RequestFilterWrapper.service(RequestFilterWrapper.java:54)
at $RequestFilter_118f7af20a4.service($RequestFilter_118f7af20a4.java)
at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
org.apache.tapestry.services.TapestryModule$2.service(TapestryModule.java:520)
at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
org.apache.tapestry.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:93)
at
org.apache.tapestry.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:84)
at
org.apache.tapestry.ioc.internal.util.ConcurrentBarrier.withRead(ConcurrentBarrier.java:77)
at
org.apache.tapestry.internal.services.CheckForUpdatesFilter.service(CheckForUpdatesFilter.java:106)
at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at $RequestHandler_118f7af209e.service($RequestHandler_118f7af209e.java)
at
org.apache.tapestry.services.TapestryModule$12.service(TapestryModule.java:924)
at
org.apache.tapestry.internal.services.IgnoredPathsFilter.service(IgnoredPathsFilter.java:62)
at
$HttpServletRequestFilter_118f7af209d.service($HttpServletRequestFilter_118f7af209d.java)
at
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandler_118f7af209f.java)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
at
org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper.service(HttpServletRequestFilterWrapper.java:52)
at
$HttpServletRequestFilter_118f7af209c.service($HttpServletRequestFilter_118f7af209c.java)
at
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandler_118f7af209f.java)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
at
org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:81)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper.service(HttpServletRequestFilterWrapper.java:52)
at
$HttpServletRequestFilter_118f7af209b.service($HttpServletRequestFilter_118f7af209b.java)
at
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandler_118f7af209f.java)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
at
org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:135)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper.service(HttpServletRequestFilterWrapper.java:52)
at
$HttpServletRequestFilter_118f7af209a.service($HttpServletRequestFilter_118f7af209a.java)
at
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandler_118f7af209f.java)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
at
org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper.service(HttpServletRequestFilterWrapper.java:52)
at
$HttpServletRequestFilter_118f7af2099.service($HttpServletRequestFilter_118f7af2099.java)
at
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandler_118f7af209f.java)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
at
org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper.service(HttpServletRequestFilterWrapper.java:52)
at
$HttpServletRequestFilter_118f7af2098.service($HttpServletRequestFilter_118f7af2098.java)
at
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandler_118f7af209f.java)
at
$HttpServletRequestHandler_118f7af2097.service($HttpServletRequestHandler_118f7af2097.java)
at org.apache.tapestry.TapestryFilter.doFilter(TapestryFilter.java:168)
at
org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821)
at
org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75)
at
org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821)
at
org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:471)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1530)
at
org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1482)
at org.mortbay.http.HttpServer.service(HttpServer.java:909)
at org.mortbay.http.HttpConnection.service(HttpConnection.java:820)
at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:986)
at org.mortbay.http.HttpConnection.handle(HttpConnection.java:837)
at
org.mortbay.http.SocketListener.handleConnection(SocketListener.java:245)
at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
Caused by: org.acegisecurity.AccessDeniedException: Access is denied
at org.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:68)
at
$AccessDecisionManager_118f7af2115.decide($AccessDecisionManager_118f7af2115.java)
at
org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:323)
at
nu.localhost.tapestry.acegi.services.internal.StaticSecurityChecker.checkBefore(StaticSecurityChecker.java:43)
at
$SecurityChecker_118f7af20ce.checkBefore($SecurityChecker_118f7af20ce.java)
at com.bergoo.webshop.pages.Secure.beginRender(Secure.java)
at
org.apache.tapestry.internal.structure.ComponentPageElementImpl$11$1.run(ComponentPageElementImpl.java:338)
at
org.apache.tapestry.internal.structure.ComponentPageElementImpl.invoke(ComponentPageElementImpl.java:874)
... 98 more
The Secure.java has a @Secured("ROLE_ADMIN") annotation and therefor I
should be granted access to this page.
Anyone have any Idears?
Thanks in advance,
Jacob
--
View this message in context: http://www.nabble.com/T5%3A-Problem-with-login-form-with-Acegi-tp16364295p16364295.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
RE: T5: Problem with login form with Acegi
Posted by Mahen Perera <Ma...@igindex.co.uk>.
Ok. Got ya. Thankx
-----Original Message-----
From: Jonathan Barker [mailto:jonathan.theitguy@gmail.com]
Sent: 01 April 2008 16:04
To: 'Tapestry users'
Subject: RE: T5: Problem with login form with Acegi
It won't matter. That's why you use the @Secured("ROLE_ADMIN")
annotation.
At best, an unauthenticated user will have ROLE_ANONYMOUS if the
AnonymousAuthenticationProvider is used. They will get an AccessDenied
exception.
I'm playing with a little older code that coughs up a hairball when it
hits
one of those exceptions, but I think the newer tapestry5-acegi does the
appropriate redirection to whatever access-denied page you want. That
could
be the login page.
Jonathan
> -----Original Message-----
> From: Mahen Perera [mailto:Mahen.Perera@igindex.co.uk]
> Sent: Tuesday, April 01, 2008 10:11 AM
> To: Tapestry users
> Subject: RE: T5: Problem with login form with Acegi
>
> Quick Question:
> How can we avoid the situation where a user tries to directly access
the
> URL corresponding to the page named "Secure" in this case. I mean
> without going thru the login form.
>
> Thanks
>
>
>
> -----Original Message-----
> From: Jacob Bergoo [mailto:jacob.bergoo@gmail.com]
> Sent: 28 March 2008 23:28
> To: users@tapestry.apache.org
> Subject: T5: Problem with login form with Acegi
>
>
> Hi All,
> In my project I use the Tapestry5-Acegi project and made that work
> following
> the example and with some help from the forum, thanks...
> Now I'm trying to make a more realistic version of a login where I can
> control the validation on the login form and also based on user roles
> redirect the user to the right page.
> I have created a page like this:
> public class LoginPage {
>
> /* PRIVATE MEMBERS */
> @Persist
> private String userName;
> private String password;
> @Component
> private Form form;
>
> /* INJECTED COMPONENTS, SERVICES ETC. */
> @Component(id = "password")
> private PasswordField passwordField;
>
> @Inject
> private AuthenticationManager authenticationManager;
>
> /* GETTERS AND SETTERS */
> public String getPassword() {
> return password;
> }
>
> public void setPassword(String password) {
> this.password = password;
> }
>
> public String getUserName() {
> return userName;
> }
>
> public void setUserName(String userName) {
> this.userName = userName;
> }
>
> /* ACTION METHODS */
> protected String onSuccess() {
> UsernamePasswordAuthenticationToken authRequest = new
> UsernamePasswordAuthenticationToken(userName, password);
> Authentication authResult;
>
> try {
> authResult =
> authenticationManager.authenticate(authRequest);
> if (!authResult.isAuthenticated()) {
> form.recordError(passwordField,
> "Invalid user name or
> password.");
> return null;
> }
> GrantedAuthority[] gratedAuthorityArray =
> authResult.getAuthorities();
> Set<GrantedAuthority> grantedAuthoritySet = new
> HashSet<GrantedAuthority>();
> for (int i = 0; i < gratedAuthorityArray.length;
> i++) {
>
> grantedAuthoritySet.add(gratedAuthorityArray[i]);
> System.out.println("Adding " +
> gratedAuthorityArray[i] + " to set");
> }
>
> // DEBUGGING....
> System.out.println("successful login for: " +
> userName);
> System.out.println("authResult.getCredentials()
> = " +
> authResult.getCredentials());
> System.out.println("authResult.getPrincipal() =
> " +
> authResult.getPrincipal());
> System.out.println("authResult.getAuthorities():
> ");
> for (int i = 0; i < gratedAuthorityArray.length;
> i++) {
> System.out.println("Auth no " + (i + 1)
> + " = '" +
> gratedAuthorityArray[i] + "'");
> }
> // END DEBUGGING...
>
> if (grantedAuthoritySet.contains("ROLE_ADMIN"))
> {
> System.out.println("Redirecting to
> Secure page...");
> return "Secure";
> } else if
> (grantedAuthoritySet.contains("ROLE_SOME_OTHER_ROLE")) {
> System.out.println("redirecting to some
> other page");
> return "SOME_OTHER_PAGE";
> }
>
> } catch (AuthenticationException
> authenticationException) {
> System.out.println("user with username = " +
> userName
> + "couldn't be authenticated
> with Acegi");
> }
>
> return null;
> }
>
> }
>
> In my Jetty Console I can see that I get the Authetication:
>
> Adding ROLE_ADMIN to set
> Adding ROLE_MANAGER to set
> Adding ROLE_USER to set
> successful login for: jacob
> authResult.getCredentials() = jacob
> authResult.getPrincipal() = UserDetailsBean {
> username = jacob
> password = jacob
> accountNonExpired = true
> passwordaccountNonLocked = true
> credentialsNonExpired = true
> enabled = true
> grantedAuthorities {
> 'ROLE_ADMIN'
> 'ROLE_MANAGER'
> 'ROLE_USER'
> }
> }
>
> authResult.getAuthorities():
> Auth no 1 = 'ROLE_ADMIN'
> Auth no 2 = 'ROLE_MANAGER'
> Auth no 3 = 'ROLE_USER'
> [INFO] TimingFilter Request time: 26 ms
> [INFO] TimingFilter Request time: 18 ms
> [INFO] TimingFilter Request time: 2 ms
>
> but the redirection to the pages doesn't work... and if I change the
> last
> return null; to return "Secure"; then I get this exception instead:
>
> [ERROR] Secure Render queue error in BeginRender[Secure]: Access is
> denied
> org.apache.tapestry.ioc.internal.util.TapestryException: Access is
> denied
> at
>
org.apache.tapestry.internal.structure.ComponentPageElementImpl.invoke(C
> omponentPageElementImpl.java:884)
> at
>
org.apache.tapestry.internal.structure.ComponentPageElementImpl.access$1
> 00(ComponentPageElementImpl.java:54)
> at
>
org.apache.tapestry.internal.structure.ComponentPageElementImpl$11.rende
> r(ComponentPageElementImpl.java:342)
> at
>
org.apache.tapestry.internal.services.RenderQueueImpl.run(RenderQueueImp
> l.java:63)
> at
>
org.apache.tapestry.internal.services.PageRenderQueueImpl.render(PageRen
> derQueueImpl.java:84)
> at
> $PageRenderQueue_118f7af20ee.render($PageRenderQueue_118f7af20ee.java)
> at
> $PageRenderQueue_118f7af20e7.render($PageRenderQueue_118f7af20e7.java)
> at
>
org.apache.tapestry.services.TapestryModule$19.renderMarkup(TapestryModu
> le.java:1293)
> at
>
org.apache.tapestry.services.TapestryModule$23.renderMarkup(TapestryModu
> le.java:1402)
> at
>
$MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.jav
> a)
> at
>
org.apache.tapestry.services.TapestryModule$22.renderMarkup(TapestryModu
> le.java:1383)
> at
>
$MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.jav
> a)
> at
>
org.apache.tapestry.services.TapestryModule$21.renderMarkup(TapestryModu
> le.java:1365)
> at
>
$MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.jav
> a)
> at
>
org.apache.tapestry.services.TapestryModule$20.renderMarkup(TapestryModu
> le.java:1347)
> at
>
$MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.jav
> a)
> at
>
$MarkupRenderer_118f7af20ec.renderMarkup($MarkupRenderer_118f7af20ec.jav
> a)
> at
>
org.apache.tapestry.internal.services.PageMarkupRendererImpl.renderPageM
> arkup(PageMarkupRendererImpl.java:55)
> at
>
$PageMarkupRenderer_118f7af20ea.renderPageMarkup($PageMarkupRenderer_118
> f7af20ea.java)
> at
>
org.apache.tapestry.internal.services.PageResponseRendererImpl.renderPag
> eResponse(PageResponseRendererImpl.java:57)
> at
>
$PageResponseRenderer_118f7af20bb.renderPageResponse($PageResponseRender
> er_118f7af20bb.java)
> at
>
org.apache.tapestry.internal.services.PageRenderRequestHandlerImpl.handl
> e(PageRenderRequestHandlerImpl.java:59)
> at
>
org.apache.tapestry.services.TapestryModule$29.handle(TapestryModule.jav
> a:1607)
> at
>
$PageRenderRequestHandler_118f7af20bc.handle($PageRenderRequestHandler_1
> 18f7af20bc.java)
> at
>
$PageRenderRequestHandler_118f7af20b1.handle($PageRenderRequestHandler_1
> 18f7af20b1.java)
> at
>
org.apache.tapestry.internal.services.PageRenderDispatcher.process(PageR
> enderDispatcher.java:97)
> at
>
org.apache.tapestry.internal.services.PageRenderDispatcher.dispatch(Page
> RenderDispatcher.java:73)
> at
> $Dispatcher_118f7af20b8.dispatch($Dispatcher_118f7af20b8.java)
> at
> $Dispatcher_118f7af20a9.dispatch($Dispatcher_118f7af20a9.java)
> at
>
org.apache.tapestry.services.TapestryModule$13.service(TapestryModule.ja
> va:944)
> at
> com.bergoo.webshop.services.AppModule$1.service(AppModule.java:94)
> at
> $RequestFilter_118f7af20a8.service($RequestFilter_118f7af20a8.java)
> at
> $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
> at
>
org.apache.tapestry.internal.services.LocalizationFilter.service(Localiz
> ationFilter.java:42)
> at
> $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
> at
>
org.apache.tapestry.services.TapestryModule$3.service(TapestryModule.jav
> a:553)
> at
> $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
> at
>
org.apache.tapestry.internal.services.StaticFilesFilter.service(StaticFi
> lesFilter.java:79)
> at
> $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
> at
>
nu.localhost.tapestry.acegi.services.internal.RequestFilterWrapper$1.doF
> ilter(RequestFilterWrapper.java:60)
> at
>
nu.localhost.tapestry.acegi.services.internal.AcegiExceptionTranslationF
> ilter.doFilter(AcegiExceptionTranslationFilter.java:67)
> at
>
nu.localhost.tapestry.acegi.services.internal.RequestFilterWrapper.servi
> ce(RequestFilterWrapper.java:54)
> at
> $RequestFilter_118f7af20a4.service($RequestFilter_118f7af20a4.java)
> at
> $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
> at
>
org.apache.tapestry.services.TapestryModule$2.service(TapestryModule.jav
> a:520)
> at
> $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
> at
>
org.apache.tapestry.internal.services.CheckForUpdatesFilter$2.invoke(Che
> ckForUpdatesFilter.java:93)
> at
>
org.apache.tapestry.internal.services.CheckForUpdatesFilter$2.invoke(Che
> ckForUpdatesFilter.java:84)
> at
>
org.apache.tapestry.ioc.internal.util.ConcurrentBarrier.withRead(Concurr
> entBarrier.java:77)
> at
>
org.apache.tapestry.internal.services.CheckForUpdatesFilter.service(Chec
> kForUpdatesFilter.java:106)
> at
> $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
> at
> $RequestHandler_118f7af209e.service($RequestHandler_118f7af209e.java)
> at
>
org.apache.tapestry.services.TapestryModule$12.service(TapestryModule.ja
> va:924)
> at
>
org.apache.tapestry.internal.services.IgnoredPathsFilter.service(Ignored
> PathsFilter.java:62)
> at
>
$HttpServletRequestFilter_118f7af209d.service($HttpServletRequestFilter_
> 118f7af209d.java)
> at
>
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle
> r_118f7af209f.java)
> at
>
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
> at
>
org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter
> (AnonymousProcessingFilter.java:125)
> at
>
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper.service(HttpServletRequestFilterWrapper.java:52)
> at
>
$HttpServletRequestFilter_118f7af209c.service($HttpServletRequestFilter_
> 118f7af209c.java)
> at
>
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle
> r_118f7af209f.java)
> at
>
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
> at
>
org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter.doFilt
> er(SecurityContextHolderAwareRequestFilter.java:81)
> at
>
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper.service(HttpServletRequestFilterWrapper.java:52)
> at
>
$HttpServletRequestFilter_118f7af209b.service($HttpServletRequestFilter_
> 118f7af209b.java)
> at
>
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle
> r_118f7af209f.java)
> at
>
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
> at
>
org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(Reme
> mberMeProcessingFilter.java:135)
> at
>
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper.service(HttpServletRequestFilterWrapper.java:52)
> at
>
$HttpServletRequestFilter_118f7af209a.service($HttpServletRequestFilter_
> 118f7af209a.java)
> at
>
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle
> r_118f7af209f.java)
> at
>
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
> at
>
org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessin
> gFilter.java:271)
> at
>
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper.service(HttpServletRequestFilterWrapper.java:52)
> at
>
$HttpServletRequestFilter_118f7af2099.service($HttpServletRequestFilter_
> 118f7af2099.java)
> at
>
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle
> r_118f7af209f.java)
> at
>
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
> at
>
org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(H
> ttpSessionContextIntegrationFilter.java:249)
> at
>
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper.service(HttpServletRequestFilterWrapper.java:52)
> at
>
$HttpServletRequestFilter_118f7af2098.service($HttpServletRequestFilter_
> 118f7af2098.java)
> at
>
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle
> r_118f7af209f.java)
> at
>
$HttpServletRequestHandler_118f7af2097.service($HttpServletRequestHandle
> r_118f7af2097.java)
> at
> org.apache.tapestry.TapestryFilter.doFilter(TapestryFilter.java:168)
> at
>
org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(Web
> ApplicationHandler.java:821)
> at
>
org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFil
> terInternal(OpenSessionInViewFilter.java:198)
> at
>
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequ
> estFilter.java:75)
> at
>
org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(Web
> ApplicationHandler.java:821)
> at
>
org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationH
> andler.java:471)
> at
>
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1530)
> at
>
org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationCon
> text.java:633)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1482)
> at org.mortbay.http.HttpServer.service(HttpServer.java:909)
> at
> org.mortbay.http.HttpConnection.service(HttpConnection.java:820)
> at
> org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:986)
> at
> org.mortbay.http.HttpConnection.handle(HttpConnection.java:837)
> at
>
org.mortbay.http.SocketListener.handleConnection(SocketListener.java:245
> )
> at
> org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> at
> org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
> Caused by: org.acegisecurity.AccessDeniedException: Access is denied
> at
>
org.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:68)
> at
>
$AccessDecisionManager_118f7af2115.decide($AccessDecisionManager_118f7af
> 2115.java)
> at
>
org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation
> (AbstractSecurityInterceptor.java:323)
> at
>
nu.localhost.tapestry.acegi.services.internal.StaticSecurityChecker.chec
> kBefore(StaticSecurityChecker.java:43)
> at
>
$SecurityChecker_118f7af20ce.checkBefore($SecurityChecker_118f7af20ce.ja
> va)
> at com.bergoo.webshop.pages.Secure.beginRender(Secure.java)
> at
>
org.apache.tapestry.internal.structure.ComponentPageElementImpl$11$1.run
> (ComponentPageElementImpl.java:338)
> at
>
org.apache.tapestry.internal.structure.ComponentPageElementImpl.invoke(C
> omponentPageElementImpl.java:874)
> ... 98 more
>
> The Secure.java has a @Secured("ROLE_ADMIN") annotation and therefor I
> should be granted access to this page.
>
> Anyone have any Idears?
>
> Thanks in advance,
> Jacob
> --
> View this message in context:
>
http://www.nabble.com/T5%3A-Problem-with-login-form-with-Acegi-tp1636429
> 5p16364295.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
> The information contained in this email is strictly confidential and
for
> the use of the addressee only, unless otherwise indicated. If you are
not
> the intended recipient, please do not read, copy, use or disclose to
> others this message or any attachment. Please also notify the sender
by
> replying to this email or by telephone (+44 (0)20 7896 0011) and then
> delete the email and any copies of it. Opinions, conclusions (etc.)
that
> do not relate to the official business of this company shall be
understood
> as neither given nor endorsed by it. IG Index plc is a company
registered
> in England and Wales under number 01190902. VAT registration number
761
> 2978 07. Registered Office: Friars House, 157-168 Blackfriars Road,
London
> SE1 8EZ. Authorised and regulated by the Financial Services Authority.
FSA
> Register number 114059.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
The information contained in this email is strictly confidential and for the use of the addressee only, unless otherwise indicated. If you are not the intended recipient, please do not read, copy, use or disclose to others this message or any attachment. Please also notify the sender by replying to this email or by telephone (+44 (0)20 7896 0011) and then delete the email and any copies of it. Opinions, conclusions (etc.) that do not relate to the official business of this company shall be understood as neither given nor endorsed by it. IG Index plc is a company registered in England and Wales under number 01190902. VAT registration number 761 2978 07. Registered Office: Friars House, 157-168 Blackfriars Road, London SE1 8EZ. Authorised and regulated by the Financial Services Authority. FSA Register number 114059.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
RE: T5: Problem with login form with Acegi
Posted by Jonathan Barker <jo...@gmail.com>.
It won't matter. That's why you use the @Secured("ROLE_ADMIN") annotation.
At best, an unauthenticated user will have ROLE_ANONYMOUS if the
AnonymousAuthenticationProvider is used. They will get an AccessDenied
exception.
I'm playing with a little older code that coughs up a hairball when it hits
one of those exceptions, but I think the newer tapestry5-acegi does the
appropriate redirection to whatever access-denied page you want. That could
be the login page.
Jonathan
> -----Original Message-----
> From: Mahen Perera [mailto:Mahen.Perera@igindex.co.uk]
> Sent: Tuesday, April 01, 2008 10:11 AM
> To: Tapestry users
> Subject: RE: T5: Problem with login form with Acegi
>
> Quick Question:
> How can we avoid the situation where a user tries to directly access the
> URL corresponding to the page named "Secure" in this case. I mean
> without going thru the login form.
>
> Thanks
>
>
>
> -----Original Message-----
> From: Jacob Bergoo [mailto:jacob.bergoo@gmail.com]
> Sent: 28 March 2008 23:28
> To: users@tapestry.apache.org
> Subject: T5: Problem with login form with Acegi
>
>
> Hi All,
> In my project I use the Tapestry5-Acegi project and made that work
> following
> the example and with some help from the forum, thanks...
> Now I'm trying to make a more realistic version of a login where I can
> control the validation on the login form and also based on user roles
> redirect the user to the right page.
> I have created a page like this:
> public class LoginPage {
>
> /* PRIVATE MEMBERS */
> @Persist
> private String userName;
> private String password;
> @Component
> private Form form;
>
> /* INJECTED COMPONENTS, SERVICES ETC. */
> @Component(id = "password")
> private PasswordField passwordField;
>
> @Inject
> private AuthenticationManager authenticationManager;
>
> /* GETTERS AND SETTERS */
> public String getPassword() {
> return password;
> }
>
> public void setPassword(String password) {
> this.password = password;
> }
>
> public String getUserName() {
> return userName;
> }
>
> public void setUserName(String userName) {
> this.userName = userName;
> }
>
> /* ACTION METHODS */
> protected String onSuccess() {
> UsernamePasswordAuthenticationToken authRequest = new
> UsernamePasswordAuthenticationToken(userName, password);
> Authentication authResult;
>
> try {
> authResult =
> authenticationManager.authenticate(authRequest);
> if (!authResult.isAuthenticated()) {
> form.recordError(passwordField,
> "Invalid user name or
> password.");
> return null;
> }
> GrantedAuthority[] gratedAuthorityArray =
> authResult.getAuthorities();
> Set<GrantedAuthority> grantedAuthoritySet = new
> HashSet<GrantedAuthority>();
> for (int i = 0; i < gratedAuthorityArray.length;
> i++) {
>
> grantedAuthoritySet.add(gratedAuthorityArray[i]);
> System.out.println("Adding " +
> gratedAuthorityArray[i] + " to set");
> }
>
> // DEBUGGING....
> System.out.println("successful login for: " +
> userName);
> System.out.println("authResult.getCredentials()
> = " +
> authResult.getCredentials());
> System.out.println("authResult.getPrincipal() =
> " +
> authResult.getPrincipal());
> System.out.println("authResult.getAuthorities():
> ");
> for (int i = 0; i < gratedAuthorityArray.length;
> i++) {
> System.out.println("Auth no " + (i + 1)
> + " = '" +
> gratedAuthorityArray[i] + "'");
> }
> // END DEBUGGING...
>
> if (grantedAuthoritySet.contains("ROLE_ADMIN"))
> {
> System.out.println("Redirecting to
> Secure page...");
> return "Secure";
> } else if
> (grantedAuthoritySet.contains("ROLE_SOME_OTHER_ROLE")) {
> System.out.println("redirecting to some
> other page");
> return "SOME_OTHER_PAGE";
> }
>
> } catch (AuthenticationException
> authenticationException) {
> System.out.println("user with username = " +
> userName
> + "couldn't be authenticated
> with Acegi");
> }
>
> return null;
> }
>
> }
>
> In my Jetty Console I can see that I get the Authetication:
>
> Adding ROLE_ADMIN to set
> Adding ROLE_MANAGER to set
> Adding ROLE_USER to set
> successful login for: jacob
> authResult.getCredentials() = jacob
> authResult.getPrincipal() = UserDetailsBean {
> username = jacob
> password = jacob
> accountNonExpired = true
> passwordaccountNonLocked = true
> credentialsNonExpired = true
> enabled = true
> grantedAuthorities {
> 'ROLE_ADMIN'
> 'ROLE_MANAGER'
> 'ROLE_USER'
> }
> }
>
> authResult.getAuthorities():
> Auth no 1 = 'ROLE_ADMIN'
> Auth no 2 = 'ROLE_MANAGER'
> Auth no 3 = 'ROLE_USER'
> [INFO] TimingFilter Request time: 26 ms
> [INFO] TimingFilter Request time: 18 ms
> [INFO] TimingFilter Request time: 2 ms
>
> but the redirection to the pages doesn't work... and if I change the
> last
> return null; to return "Secure"; then I get this exception instead:
>
> [ERROR] Secure Render queue error in BeginRender[Secure]: Access is
> denied
> org.apache.tapestry.ioc.internal.util.TapestryException: Access is
> denied
> at
> org.apache.tapestry.internal.structure.ComponentPageElementImpl.invoke(C
> omponentPageElementImpl.java:884)
> at
> org.apache.tapestry.internal.structure.ComponentPageElementImpl.access$1
> 00(ComponentPageElementImpl.java:54)
> at
> org.apache.tapestry.internal.structure.ComponentPageElementImpl$11.rende
> r(ComponentPageElementImpl.java:342)
> at
> org.apache.tapestry.internal.services.RenderQueueImpl.run(RenderQueueImp
> l.java:63)
> at
> org.apache.tapestry.internal.services.PageRenderQueueImpl.render(PageRen
> derQueueImpl.java:84)
> at
> $PageRenderQueue_118f7af20ee.render($PageRenderQueue_118f7af20ee.java)
> at
> $PageRenderQueue_118f7af20e7.render($PageRenderQueue_118f7af20e7.java)
> at
> org.apache.tapestry.services.TapestryModule$19.renderMarkup(TapestryModu
> le.java:1293)
> at
> org.apache.tapestry.services.TapestryModule$23.renderMarkup(TapestryModu
> le.java:1402)
> at
> $MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.jav
> a)
> at
> org.apache.tapestry.services.TapestryModule$22.renderMarkup(TapestryModu
> le.java:1383)
> at
> $MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.jav
> a)
> at
> org.apache.tapestry.services.TapestryModule$21.renderMarkup(TapestryModu
> le.java:1365)
> at
> $MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.jav
> a)
> at
> org.apache.tapestry.services.TapestryModule$20.renderMarkup(TapestryModu
> le.java:1347)
> at
> $MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.jav
> a)
> at
> $MarkupRenderer_118f7af20ec.renderMarkup($MarkupRenderer_118f7af20ec.jav
> a)
> at
> org.apache.tapestry.internal.services.PageMarkupRendererImpl.renderPageM
> arkup(PageMarkupRendererImpl.java:55)
> at
> $PageMarkupRenderer_118f7af20ea.renderPageMarkup($PageMarkupRenderer_118
> f7af20ea.java)
> at
> org.apache.tapestry.internal.services.PageResponseRendererImpl.renderPag
> eResponse(PageResponseRendererImpl.java:57)
> at
> $PageResponseRenderer_118f7af20bb.renderPageResponse($PageResponseRender
> er_118f7af20bb.java)
> at
> org.apache.tapestry.internal.services.PageRenderRequestHandlerImpl.handl
> e(PageRenderRequestHandlerImpl.java:59)
> at
> org.apache.tapestry.services.TapestryModule$29.handle(TapestryModule.jav
> a:1607)
> at
> $PageRenderRequestHandler_118f7af20bc.handle($PageRenderRequestHandler_1
> 18f7af20bc.java)
> at
> $PageRenderRequestHandler_118f7af20b1.handle($PageRenderRequestHandler_1
> 18f7af20b1.java)
> at
> org.apache.tapestry.internal.services.PageRenderDispatcher.process(PageR
> enderDispatcher.java:97)
> at
> org.apache.tapestry.internal.services.PageRenderDispatcher.dispatch(Page
> RenderDispatcher.java:73)
> at
> $Dispatcher_118f7af20b8.dispatch($Dispatcher_118f7af20b8.java)
> at
> $Dispatcher_118f7af20a9.dispatch($Dispatcher_118f7af20a9.java)
> at
> org.apache.tapestry.services.TapestryModule$13.service(TapestryModule.ja
> va:944)
> at
> com.bergoo.webshop.services.AppModule$1.service(AppModule.java:94)
> at
> $RequestFilter_118f7af20a8.service($RequestFilter_118f7af20a8.java)
> at
> $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
> at
> org.apache.tapestry.internal.services.LocalizationFilter.service(Localiz
> ationFilter.java:42)
> at
> $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
> at
> org.apache.tapestry.services.TapestryModule$3.service(TapestryModule.jav
> a:553)
> at
> $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
> at
> org.apache.tapestry.internal.services.StaticFilesFilter.service(StaticFi
> lesFilter.java:79)
> at
> $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
> at
> nu.localhost.tapestry.acegi.services.internal.RequestFilterWrapper$1.doF
> ilter(RequestFilterWrapper.java:60)
> at
> nu.localhost.tapestry.acegi.services.internal.AcegiExceptionTranslationF
> ilter.doFilter(AcegiExceptionTranslationFilter.java:67)
> at
> nu.localhost.tapestry.acegi.services.internal.RequestFilterWrapper.servi
> ce(RequestFilterWrapper.java:54)
> at
> $RequestFilter_118f7af20a4.service($RequestFilter_118f7af20a4.java)
> at
> $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
> at
> org.apache.tapestry.services.TapestryModule$2.service(TapestryModule.jav
> a:520)
> at
> $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
> at
> org.apache.tapestry.internal.services.CheckForUpdatesFilter$2.invoke(Che
> ckForUpdatesFilter.java:93)
> at
> org.apache.tapestry.internal.services.CheckForUpdatesFilter$2.invoke(Che
> ckForUpdatesFilter.java:84)
> at
> org.apache.tapestry.ioc.internal.util.ConcurrentBarrier.withRead(Concurr
> entBarrier.java:77)
> at
> org.apache.tapestry.internal.services.CheckForUpdatesFilter.service(Chec
> kForUpdatesFilter.java:106)
> at
> $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
> at
> $RequestHandler_118f7af209e.service($RequestHandler_118f7af209e.java)
> at
> org.apache.tapestry.services.TapestryModule$12.service(TapestryModule.ja
> va:924)
> at
> org.apache.tapestry.internal.services.IgnoredPathsFilter.service(Ignored
> PathsFilter.java:62)
> at
> $HttpServletRequestFilter_118f7af209d.service($HttpServletRequestFilter_
> 118f7af209d.java)
> at
> $HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle
> r_118f7af209f.java)
> at
> nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
> at
> org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter
> (AnonymousProcessingFilter.java:125)
> at
> nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper.service(HttpServletRequestFilterWrapper.java:52)
> at
> $HttpServletRequestFilter_118f7af209c.service($HttpServletRequestFilter_
> 118f7af209c.java)
> at
> $HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle
> r_118f7af209f.java)
> at
> nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
> at
> org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter.doFilt
> er(SecurityContextHolderAwareRequestFilter.java:81)
> at
> nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper.service(HttpServletRequestFilterWrapper.java:52)
> at
> $HttpServletRequestFilter_118f7af209b.service($HttpServletRequestFilter_
> 118f7af209b.java)
> at
> $HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle
> r_118f7af209f.java)
> at
> nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
> at
> org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(Reme
> mberMeProcessingFilter.java:135)
> at
> nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper.service(HttpServletRequestFilterWrapper.java:52)
> at
> $HttpServletRequestFilter_118f7af209a.service($HttpServletRequestFilter_
> 118f7af209a.java)
> at
> $HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle
> r_118f7af209f.java)
> at
> nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
> at
> org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessin
> gFilter.java:271)
> at
> nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper.service(HttpServletRequestFilterWrapper.java:52)
> at
> $HttpServletRequestFilter_118f7af2099.service($HttpServletRequestFilter_
> 118f7af2099.java)
> at
> $HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle
> r_118f7af209f.java)
> at
> nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
> at
> org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(H
> ttpSessionContextIntegrationFilter.java:249)
> at
> nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
> apper.service(HttpServletRequestFilterWrapper.java:52)
> at
> $HttpServletRequestFilter_118f7af2098.service($HttpServletRequestFilter_
> 118f7af2098.java)
> at
> $HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle
> r_118f7af209f.java)
> at
> $HttpServletRequestHandler_118f7af2097.service($HttpServletRequestHandle
> r_118f7af2097.java)
> at
> org.apache.tapestry.TapestryFilter.doFilter(TapestryFilter.java:168)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(Web
> ApplicationHandler.java:821)
> at
> org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFil
> terInternal(OpenSessionInViewFilter.java:198)
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequ
> estFilter.java:75)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(Web
> ApplicationHandler.java:821)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationH
> andler.java:471)
> at
> org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1530)
> at
> org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationCon
> text.java:633)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1482)
> at org.mortbay.http.HttpServer.service(HttpServer.java:909)
> at
> org.mortbay.http.HttpConnection.service(HttpConnection.java:820)
> at
> org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:986)
> at
> org.mortbay.http.HttpConnection.handle(HttpConnection.java:837)
> at
> org.mortbay.http.SocketListener.handleConnection(SocketListener.java:245
> )
> at
> org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> at
> org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
> Caused by: org.acegisecurity.AccessDeniedException: Access is denied
> at
> org.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:68)
> at
> $AccessDecisionManager_118f7af2115.decide($AccessDecisionManager_118f7af
> 2115.java)
> at
> org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation
> (AbstractSecurityInterceptor.java:323)
> at
> nu.localhost.tapestry.acegi.services.internal.StaticSecurityChecker.chec
> kBefore(StaticSecurityChecker.java:43)
> at
> $SecurityChecker_118f7af20ce.checkBefore($SecurityChecker_118f7af20ce.ja
> va)
> at com.bergoo.webshop.pages.Secure.beginRender(Secure.java)
> at
> org.apache.tapestry.internal.structure.ComponentPageElementImpl$11$1.run
> (ComponentPageElementImpl.java:338)
> at
> org.apache.tapestry.internal.structure.ComponentPageElementImpl.invoke(C
> omponentPageElementImpl.java:874)
> ... 98 more
>
> The Secure.java has a @Secured("ROLE_ADMIN") annotation and therefor I
> should be granted access to this page.
>
> Anyone have any Idears?
>
> Thanks in advance,
> Jacob
> --
> View this message in context:
> http://www.nabble.com/T5%3A-Problem-with-login-form-with-Acegi-tp1636429
> 5p16364295.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
> The information contained in this email is strictly confidential and for
> the use of the addressee only, unless otherwise indicated. If you are not
> the intended recipient, please do not read, copy, use or disclose to
> others this message or any attachment. Please also notify the sender by
> replying to this email or by telephone (+44 (0)20 7896 0011) and then
> delete the email and any copies of it. Opinions, conclusions (etc.) that
> do not relate to the official business of this company shall be understood
> as neither given nor endorsed by it. IG Index plc is a company registered
> in England and Wales under number 01190902. VAT registration number 761
> 2978 07. Registered Office: Friars House, 157-168 Blackfriars Road, London
> SE1 8EZ. Authorised and regulated by the Financial Services Authority. FSA
> Register number 114059.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
RE: T5: Problem with login form with Acegi
Posted by Mahen Perera <Ma...@igindex.co.uk>.
Quick Question:
How can we avoid the situation where a user tries to directly access the
URL corresponding to the page named "Secure" in this case. I mean
without going thru the login form.
Thanks
-----Original Message-----
From: Jacob Bergoo [mailto:jacob.bergoo@gmail.com]
Sent: 28 March 2008 23:28
To: users@tapestry.apache.org
Subject: T5: Problem with login form with Acegi
Hi All,
In my project I use the Tapestry5-Acegi project and made that work
following
the example and with some help from the forum, thanks...
Now I'm trying to make a more realistic version of a login where I can
control the validation on the login form and also based on user roles
redirect the user to the right page.
I have created a page like this:
public class LoginPage {
/* PRIVATE MEMBERS */
@Persist
private String userName;
private String password;
@Component
private Form form;
/* INJECTED COMPONENTS, SERVICES ETC. */
@Component(id = "password")
private PasswordField passwordField;
@Inject
private AuthenticationManager authenticationManager;
/* GETTERS AND SETTERS */
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getUserName() {
return userName;
}
public void setUserName(String userName) {
this.userName = userName;
}
/* ACTION METHODS */
protected String onSuccess() {
UsernamePasswordAuthenticationToken authRequest = new
UsernamePasswordAuthenticationToken(userName, password);
Authentication authResult;
try {
authResult =
authenticationManager.authenticate(authRequest);
if (!authResult.isAuthenticated()) {
form.recordError(passwordField,
"Invalid user name or
password.");
return null;
}
GrantedAuthority[] gratedAuthorityArray =
authResult.getAuthorities();
Set<GrantedAuthority> grantedAuthoritySet = new
HashSet<GrantedAuthority>();
for (int i = 0; i < gratedAuthorityArray.length;
i++) {
grantedAuthoritySet.add(gratedAuthorityArray[i]);
System.out.println("Adding " +
gratedAuthorityArray[i] + " to set");
}
// DEBUGGING....
System.out.println("successful login for: " +
userName);
System.out.println("authResult.getCredentials()
= " +
authResult.getCredentials());
System.out.println("authResult.getPrincipal() =
" +
authResult.getPrincipal());
System.out.println("authResult.getAuthorities():
");
for (int i = 0; i < gratedAuthorityArray.length;
i++) {
System.out.println("Auth no " + (i + 1)
+ " = '" +
gratedAuthorityArray[i] + "'");
}
// END DEBUGGING...
if (grantedAuthoritySet.contains("ROLE_ADMIN"))
{
System.out.println("Redirecting to
Secure page...");
return "Secure";
} else if
(grantedAuthoritySet.contains("ROLE_SOME_OTHER_ROLE")) {
System.out.println("redirecting to some
other page");
return "SOME_OTHER_PAGE";
}
} catch (AuthenticationException
authenticationException) {
System.out.println("user with username = " +
userName
+ "couldn't be authenticated
with Acegi");
}
return null;
}
}
In my Jetty Console I can see that I get the Authetication:
Adding ROLE_ADMIN to set
Adding ROLE_MANAGER to set
Adding ROLE_USER to set
successful login for: jacob
authResult.getCredentials() = jacob
authResult.getPrincipal() = UserDetailsBean {
username = jacob
password = jacob
accountNonExpired = true
passwordaccountNonLocked = true
credentialsNonExpired = true
enabled = true
grantedAuthorities {
'ROLE_ADMIN'
'ROLE_MANAGER'
'ROLE_USER'
}
}
authResult.getAuthorities():
Auth no 1 = 'ROLE_ADMIN'
Auth no 2 = 'ROLE_MANAGER'
Auth no 3 = 'ROLE_USER'
[INFO] TimingFilter Request time: 26 ms
[INFO] TimingFilter Request time: 18 ms
[INFO] TimingFilter Request time: 2 ms
but the redirection to the pages doesn't work... and if I change the
last
return null; to return "Secure"; then I get this exception instead:
[ERROR] Secure Render queue error in BeginRender[Secure]: Access is
denied
org.apache.tapestry.ioc.internal.util.TapestryException: Access is
denied
at
org.apache.tapestry.internal.structure.ComponentPageElementImpl.invoke(C
omponentPageElementImpl.java:884)
at
org.apache.tapestry.internal.structure.ComponentPageElementImpl.access$1
00(ComponentPageElementImpl.java:54)
at
org.apache.tapestry.internal.structure.ComponentPageElementImpl$11.rende
r(ComponentPageElementImpl.java:342)
at
org.apache.tapestry.internal.services.RenderQueueImpl.run(RenderQueueImp
l.java:63)
at
org.apache.tapestry.internal.services.PageRenderQueueImpl.render(PageRen
derQueueImpl.java:84)
at
$PageRenderQueue_118f7af20ee.render($PageRenderQueue_118f7af20ee.java)
at
$PageRenderQueue_118f7af20e7.render($PageRenderQueue_118f7af20e7.java)
at
org.apache.tapestry.services.TapestryModule$19.renderMarkup(TapestryModu
le.java:1293)
at
org.apache.tapestry.services.TapestryModule$23.renderMarkup(TapestryModu
le.java:1402)
at
$MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.jav
a)
at
org.apache.tapestry.services.TapestryModule$22.renderMarkup(TapestryModu
le.java:1383)
at
$MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.jav
a)
at
org.apache.tapestry.services.TapestryModule$21.renderMarkup(TapestryModu
le.java:1365)
at
$MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.jav
a)
at
org.apache.tapestry.services.TapestryModule$20.renderMarkup(TapestryModu
le.java:1347)
at
$MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.jav
a)
at
$MarkupRenderer_118f7af20ec.renderMarkup($MarkupRenderer_118f7af20ec.jav
a)
at
org.apache.tapestry.internal.services.PageMarkupRendererImpl.renderPageM
arkup(PageMarkupRendererImpl.java:55)
at
$PageMarkupRenderer_118f7af20ea.renderPageMarkup($PageMarkupRenderer_118
f7af20ea.java)
at
org.apache.tapestry.internal.services.PageResponseRendererImpl.renderPag
eResponse(PageResponseRendererImpl.java:57)
at
$PageResponseRenderer_118f7af20bb.renderPageResponse($PageResponseRender
er_118f7af20bb.java)
at
org.apache.tapestry.internal.services.PageRenderRequestHandlerImpl.handl
e(PageRenderRequestHandlerImpl.java:59)
at
org.apache.tapestry.services.TapestryModule$29.handle(TapestryModule.jav
a:1607)
at
$PageRenderRequestHandler_118f7af20bc.handle($PageRenderRequestHandler_1
18f7af20bc.java)
at
$PageRenderRequestHandler_118f7af20b1.handle($PageRenderRequestHandler_1
18f7af20b1.java)
at
org.apache.tapestry.internal.services.PageRenderDispatcher.process(PageR
enderDispatcher.java:97)
at
org.apache.tapestry.internal.services.PageRenderDispatcher.dispatch(Page
RenderDispatcher.java:73)
at
$Dispatcher_118f7af20b8.dispatch($Dispatcher_118f7af20b8.java)
at
$Dispatcher_118f7af20a9.dispatch($Dispatcher_118f7af20a9.java)
at
org.apache.tapestry.services.TapestryModule$13.service(TapestryModule.ja
va:944)
at
com.bergoo.webshop.services.AppModule$1.service(AppModule.java:94)
at
$RequestFilter_118f7af20a8.service($RequestFilter_118f7af20a8.java)
at
$RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
org.apache.tapestry.internal.services.LocalizationFilter.service(Localiz
ationFilter.java:42)
at
$RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
org.apache.tapestry.services.TapestryModule$3.service(TapestryModule.jav
a:553)
at
$RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
org.apache.tapestry.internal.services.StaticFilesFilter.service(StaticFi
lesFilter.java:79)
at
$RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
nu.localhost.tapestry.acegi.services.internal.RequestFilterWrapper$1.doF
ilter(RequestFilterWrapper.java:60)
at
nu.localhost.tapestry.acegi.services.internal.AcegiExceptionTranslationF
ilter.doFilter(AcegiExceptionTranslationFilter.java:67)
at
nu.localhost.tapestry.acegi.services.internal.RequestFilterWrapper.servi
ce(RequestFilterWrapper.java:54)
at
$RequestFilter_118f7af20a4.service($RequestFilter_118f7af20a4.java)
at
$RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
org.apache.tapestry.services.TapestryModule$2.service(TapestryModule.jav
a:520)
at
$RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
org.apache.tapestry.internal.services.CheckForUpdatesFilter$2.invoke(Che
ckForUpdatesFilter.java:93)
at
org.apache.tapestry.internal.services.CheckForUpdatesFilter$2.invoke(Che
ckForUpdatesFilter.java:84)
at
org.apache.tapestry.ioc.internal.util.ConcurrentBarrier.withRead(Concurr
entBarrier.java:77)
at
org.apache.tapestry.internal.services.CheckForUpdatesFilter.service(Chec
kForUpdatesFilter.java:106)
at
$RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
$RequestHandler_118f7af209e.service($RequestHandler_118f7af209e.java)
at
org.apache.tapestry.services.TapestryModule$12.service(TapestryModule.ja
va:924)
at
org.apache.tapestry.internal.services.IgnoredPathsFilter.service(Ignored
PathsFilter.java:62)
at
$HttpServletRequestFilter_118f7af209d.service($HttpServletRequestFilter_
118f7af209d.java)
at
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle
r_118f7af209f.java)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
apper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
at
org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter
(AnonymousProcessingFilter.java:125)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
apper.service(HttpServletRequestFilterWrapper.java:52)
at
$HttpServletRequestFilter_118f7af209c.service($HttpServletRequestFilter_
118f7af209c.java)
at
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle
r_118f7af209f.java)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
apper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
at
org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter.doFilt
er(SecurityContextHolderAwareRequestFilter.java:81)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
apper.service(HttpServletRequestFilterWrapper.java:52)
at
$HttpServletRequestFilter_118f7af209b.service($HttpServletRequestFilter_
118f7af209b.java)
at
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle
r_118f7af209f.java)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
apper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
at
org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(Reme
mberMeProcessingFilter.java:135)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
apper.service(HttpServletRequestFilterWrapper.java:52)
at
$HttpServletRequestFilter_118f7af209a.service($HttpServletRequestFilter_
118f7af209a.java)
at
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle
r_118f7af209f.java)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
apper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
at
org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessin
gFilter.java:271)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
apper.service(HttpServletRequestFilterWrapper.java:52)
at
$HttpServletRequestFilter_118f7af2099.service($HttpServletRequestFilter_
118f7af2099.java)
at
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle
r_118f7af209f.java)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
apper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
at
org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(H
ttpSessionContextIntegrationFilter.java:249)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWr
apper.service(HttpServletRequestFilterWrapper.java:52)
at
$HttpServletRequestFilter_118f7af2098.service($HttpServletRequestFilter_
118f7af2098.java)
at
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandle
r_118f7af209f.java)
at
$HttpServletRequestHandler_118f7af2097.service($HttpServletRequestHandle
r_118f7af2097.java)
at
org.apache.tapestry.TapestryFilter.doFilter(TapestryFilter.java:168)
at
org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(Web
ApplicationHandler.java:821)
at
org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFil
terInternal(OpenSessionInViewFilter.java:198)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequ
estFilter.java:75)
at
org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(Web
ApplicationHandler.java:821)
at
org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationH
andler.java:471)
at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1530)
at
org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationCon
text.java:633)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1482)
at org.mortbay.http.HttpServer.service(HttpServer.java:909)
at
org.mortbay.http.HttpConnection.service(HttpConnection.java:820)
at
org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:986)
at
org.mortbay.http.HttpConnection.handle(HttpConnection.java:837)
at
org.mortbay.http.SocketListener.handleConnection(SocketListener.java:245
)
at
org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
at
org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
Caused by: org.acegisecurity.AccessDeniedException: Access is denied
at
org.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:68)
at
$AccessDecisionManager_118f7af2115.decide($AccessDecisionManager_118f7af
2115.java)
at
org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation
(AbstractSecurityInterceptor.java:323)
at
nu.localhost.tapestry.acegi.services.internal.StaticSecurityChecker.chec
kBefore(StaticSecurityChecker.java:43)
at
$SecurityChecker_118f7af20ce.checkBefore($SecurityChecker_118f7af20ce.ja
va)
at com.bergoo.webshop.pages.Secure.beginRender(Secure.java)
at
org.apache.tapestry.internal.structure.ComponentPageElementImpl$11$1.run
(ComponentPageElementImpl.java:338)
at
org.apache.tapestry.internal.structure.ComponentPageElementImpl.invoke(C
omponentPageElementImpl.java:874)
... 98 more
The Secure.java has a @Secured("ROLE_ADMIN") annotation and therefor I
should be granted access to this page.
Anyone have any Idears?
Thanks in advance,
Jacob
--
View this message in context:
http://www.nabble.com/T5%3A-Problem-with-login-form-with-Acegi-tp1636429
5p16364295.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
The information contained in this email is strictly confidential and for the use of the addressee only, unless otherwise indicated. If you are not the intended recipient, please do not read, copy, use or disclose to others this message or any attachment. Please also notify the sender by replying to this email or by telephone (+44 (0)20 7896 0011) and then delete the email and any copies of it. Opinions, conclusions (etc.) that do not relate to the official business of this company shall be understood as neither given nor endorsed by it. IG Index plc is a company registered in England and Wales under number 01190902. VAT registration number 761 2978 07. Registered Office: Friars House, 157-168 Blackfriars Road, London SE1 8EZ. Authorised and regulated by the Financial Services Authority. FSA Register number 114059.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
RE: T5: Problem with login form with Acegi
Posted by Jonathan Barker <jo...@gmail.com>.
@Secured({"ROLE1","ROLE2","ROLE3"})
> -----Original Message-----
> From: Mahen Perera [mailto:Mahen.Perera@igindex.co.uk]
> Sent: Saturday, March 29, 2008 9:29 PM
> To: Tapestry users
> Subject: RE: T5: Problem with login form with Acegi
>
> Thanks Guys, this thread benefitted me as well :)
>
> One more Q:
> How can I give multiple roles access to a page
>
> @Secured("RLE-DEFAULT-ROLE <here can I specifiy roles separating them
> using commas,, or else, how can I do it?>")
> Public class Blah{
>
> Thanks
>
>
> -----Original Message-----
> From: Jacob Bergoo [mailto:jacob.bergoo@gmail.com]
> Sent: 29 March 2008 16:32
> To: users@tapestry.apache.org
> Subject: RE: T5: Problem with login form with Acegi
>
>
> Thanks Jonathan, that did the trick!
> Cheers,
> Jacob
>
>
> Jonathan Barker wrote:
> >
> >
> > I should have pasted a little more code before. You need the
> following
> > line
> > in your onSuccess method:
> >
> >
> > SecurityContextHolder.getContext().setAuthentication(authResult);
> >
> >
> > Acegi expects to do everything through the SecurityContext.
> >
> >
> >
> >
> >> -----Original Message-----
> >> From: Jacob Bergoo [mailto:jacob.bergoo@gmail.com]
> >> Sent: Friday, March 28, 2008 9:57 PM
> >> To: users@tapestry.apache.org
> >> Subject: Re: T5: Problem with login form with Acegi
> >>
> >>
> >> Hi again,
> >> I had an error in my code when I compared the Set<GrantedAuthority>
> with
> >> a
> >> String value... I changed that so the Set takes a String as input
> >> instead.
> >> Now it goes into the first if statement and try to call page Secure
> and I
> >> get the same error as I posted in my previous posting...
> >>
> >> in the end the error states:
> >> Caused by: org.acegisecurity.AccessDeniedException: Access is denied
> >> at
> >>
> org.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:68)
> >> at
> >>
> $AccessDecisionManager_118f7af2115.decide($AccessDecisionManager_118f7af
> 21
> >> 15.java)
> >> at
> >>
> org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation
> (A
> >> bstractSecurityInterceptor.java:323)
> >> at
> >>
> nu.localhost.tapestry.acegi.services.internal.StaticSecurityChecker.chec
> kB
> >> efore(StaticSecurityChecker.java:43)
> >> at
> >>
> $SecurityChecker_118f7af20ce.checkBefore($SecurityChecker_118f7af20ce.ja
> va
> >> )
> >> at com.bergoo.webshop.pages.Secure.beginRender(Secure.java)
> >> at
> >>
> org.apache.tapestry.internal.structure.ComponentPageElementImpl$11$1.run
> (C
> >> omponentPageElementImpl.java:338)
> >> at
> >>
> org.apache.tapestry.internal.structure.ComponentPageElementImpl.invoke(C
> om
> >> ponentPageElementImpl.java:874)
> >> ... 98 more
> >>
> >> I don't see the reason why I get the Access denied.
> >> Thanks for any help...
> >> Jacob
> >> --
> >> View this message in context:
> http://www.nabble.com/T5%3A-Problem-with-
> >> login-form-with-Acegi-tp16364295p16365723.html
> >> Sent from the Tapestry - User mailing list archive at Nabble.com.
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> >> For additional commands, e-mail: users-help@tapestry.apache.org
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: users-help@tapestry.apache.org
> >
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/T5%3A-Problem-with-login-form-with-Acegi-tp1636429
> 5p16371816.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
> The information contained in this email is strictly confidential and for
> the use of the addressee only, unless otherwise indicated. If you are not
> the intended recipient, please do not read, copy, use or disclose to
> others this message or any attachment. Please also notify the sender by
> replying to this email or by telephone (+44 (0)20 7896 0011) and then
> delete the email and any copies of it. Opinions, conclusions (etc.) that
> do not relate to the official business of this company shall be understood
> as neither given nor endorsed by it. IG Index plc is a company registered
> in England and Wales under number 01190902. VAT registration number 761
> 2978 07. Registered Office: Friars House, 157-168 Blackfriars Road, London
> SE1 8EZ. Authorised and regulated by the Financial Services Authority. FSA
> Register number 114059.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
RE: T5: Problem with login form with Acegi
Posted by Mahen Perera <Ma...@igindex.co.uk>.
Thanks Guys, this thread benefitted me as well :)
One more Q:
How can I give multiple roles access to a page
@Secured("RLE-DEFAULT-ROLE <here can I specifiy roles separating them
using commas,, or else, how can I do it?>")
Public class Blah{
Thanks
-----Original Message-----
From: Jacob Bergoo [mailto:jacob.bergoo@gmail.com]
Sent: 29 March 2008 16:32
To: users@tapestry.apache.org
Subject: RE: T5: Problem with login form with Acegi
Thanks Jonathan, that did the trick!
Cheers,
Jacob
Jonathan Barker wrote:
>
>
> I should have pasted a little more code before. You need the
following
> line
> in your onSuccess method:
>
>
> SecurityContextHolder.getContext().setAuthentication(authResult);
>
>
> Acegi expects to do everything through the SecurityContext.
>
>
>
>
>> -----Original Message-----
>> From: Jacob Bergoo [mailto:jacob.bergoo@gmail.com]
>> Sent: Friday, March 28, 2008 9:57 PM
>> To: users@tapestry.apache.org
>> Subject: Re: T5: Problem with login form with Acegi
>>
>>
>> Hi again,
>> I had an error in my code when I compared the Set<GrantedAuthority>
with
>> a
>> String value... I changed that so the Set takes a String as input
>> instead.
>> Now it goes into the first if statement and try to call page Secure
and I
>> get the same error as I posted in my previous posting...
>>
>> in the end the error states:
>> Caused by: org.acegisecurity.AccessDeniedException: Access is denied
>> at
>>
org.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:68)
>> at
>>
$AccessDecisionManager_118f7af2115.decide($AccessDecisionManager_118f7af
21
>> 15.java)
>> at
>>
org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation
(A
>> bstractSecurityInterceptor.java:323)
>> at
>>
nu.localhost.tapestry.acegi.services.internal.StaticSecurityChecker.chec
kB
>> efore(StaticSecurityChecker.java:43)
>> at
>>
$SecurityChecker_118f7af20ce.checkBefore($SecurityChecker_118f7af20ce.ja
va
>> )
>> at com.bergoo.webshop.pages.Secure.beginRender(Secure.java)
>> at
>>
org.apache.tapestry.internal.structure.ComponentPageElementImpl$11$1.run
(C
>> omponentPageElementImpl.java:338)
>> at
>>
org.apache.tapestry.internal.structure.ComponentPageElementImpl.invoke(C
om
>> ponentPageElementImpl.java:874)
>> ... 98 more
>>
>> I don't see the reason why I get the Access denied.
>> Thanks for any help...
>> Jacob
>> --
>> View this message in context:
http://www.nabble.com/T5%3A-Problem-with-
>> login-form-with-Acegi-tp16364295p16365723.html
>> Sent from the Tapestry - User mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
>
--
View this message in context:
http://www.nabble.com/T5%3A-Problem-with-login-form-with-Acegi-tp1636429
5p16371816.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
The information contained in this email is strictly confidential and for the use of the addressee only, unless otherwise indicated. If you are not the intended recipient, please do not read, copy, use or disclose to others this message or any attachment. Please also notify the sender by replying to this email or by telephone (+44 (0)20 7896 0011) and then delete the email and any copies of it. Opinions, conclusions (etc.) that do not relate to the official business of this company shall be understood as neither given nor endorsed by it. IG Index plc is a company registered in England and Wales under number 01190902. VAT registration number 761 2978 07. Registered Office: Friars House, 157-168 Blackfriars Road, London SE1 8EZ. Authorised and regulated by the Financial Services Authority. FSA Register number 114059.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
RE: T5: Problem with login form with Acegi
Posted by Jacob Bergoo <ja...@gmail.com>.
Thanks Jonathan, that did the trick!
Cheers,
Jacob
Jonathan Barker wrote:
>
>
> I should have pasted a little more code before. You need the following
> line
> in your onSuccess method:
>
>
> SecurityContextHolder.getContext().setAuthentication(authResult);
>
>
> Acegi expects to do everything through the SecurityContext.
>
>
>
>
>> -----Original Message-----
>> From: Jacob Bergoo [mailto:jacob.bergoo@gmail.com]
>> Sent: Friday, March 28, 2008 9:57 PM
>> To: users@tapestry.apache.org
>> Subject: Re: T5: Problem with login form with Acegi
>>
>>
>> Hi again,
>> I had an error in my code when I compared the Set<GrantedAuthority> with
>> a
>> String value... I changed that so the Set takes a String as input
>> instead.
>> Now it goes into the first if statement and try to call page Secure and I
>> get the same error as I posted in my previous posting...
>>
>> in the end the error states:
>> Caused by: org.acegisecurity.AccessDeniedException: Access is denied
>> at
>> org.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:68)
>> at
>> $AccessDecisionManager_118f7af2115.decide($AccessDecisionManager_118f7af21
>> 15.java)
>> at
>> org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(A
>> bstractSecurityInterceptor.java:323)
>> at
>> nu.localhost.tapestry.acegi.services.internal.StaticSecurityChecker.checkB
>> efore(StaticSecurityChecker.java:43)
>> at
>> $SecurityChecker_118f7af20ce.checkBefore($SecurityChecker_118f7af20ce.java
>> )
>> at com.bergoo.webshop.pages.Secure.beginRender(Secure.java)
>> at
>> org.apache.tapestry.internal.structure.ComponentPageElementImpl$11$1.run(C
>> omponentPageElementImpl.java:338)
>> at
>> org.apache.tapestry.internal.structure.ComponentPageElementImpl.invoke(Com
>> ponentPageElementImpl.java:874)
>> ... 98 more
>>
>> I don't see the reason why I get the Access denied.
>> Thanks for any help...
>> Jacob
>> --
>> View this message in context: http://www.nabble.com/T5%3A-Problem-with-
>> login-form-with-Acegi-tp16364295p16365723.html
>> Sent from the Tapestry - User mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
>
--
View this message in context: http://www.nabble.com/T5%3A-Problem-with-login-form-with-Acegi-tp16364295p16371816.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
RE: T5: Problem with login form with Acegi
Posted by Jonathan Barker <jo...@gmail.com>.
I should have pasted a little more code before. You need the following line
in your onSuccess method:
SecurityContextHolder.getContext().setAuthentication(authResult);
Acegi expects to do everything through the SecurityContext.
> -----Original Message-----
> From: Jacob Bergoo [mailto:jacob.bergoo@gmail.com]
> Sent: Friday, March 28, 2008 9:57 PM
> To: users@tapestry.apache.org
> Subject: Re: T5: Problem with login form with Acegi
>
>
> Hi again,
> I had an error in my code when I compared the Set<GrantedAuthority> with a
> String value... I changed that so the Set takes a String as input instead.
> Now it goes into the first if statement and try to call page Secure and I
> get the same error as I posted in my previous posting...
>
> in the end the error states:
> Caused by: org.acegisecurity.AccessDeniedException: Access is denied
> at
> org.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:68)
> at
> $AccessDecisionManager_118f7af2115.decide($AccessDecisionManager_118f7af21
> 15.java)
> at
> org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(A
> bstractSecurityInterceptor.java:323)
> at
> nu.localhost.tapestry.acegi.services.internal.StaticSecurityChecker.checkB
> efore(StaticSecurityChecker.java:43)
> at
> $SecurityChecker_118f7af20ce.checkBefore($SecurityChecker_118f7af20ce.java
> )
> at com.bergoo.webshop.pages.Secure.beginRender(Secure.java)
> at
> org.apache.tapestry.internal.structure.ComponentPageElementImpl$11$1.run(C
> omponentPageElementImpl.java:338)
> at
> org.apache.tapestry.internal.structure.ComponentPageElementImpl.invoke(Com
> ponentPageElementImpl.java:874)
> ... 98 more
>
> I don't see the reason why I get the Access denied.
> Thanks for any help...
> Jacob
> --
> View this message in context: http://www.nabble.com/T5%3A-Problem-with-
> login-form-with-Acegi-tp16364295p16365723.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: T5: Problem with login form with Acegi
Posted by Jacob Bergoo <ja...@gmail.com>.
Hi again,
I had an error in my code when I compared the Set<GrantedAuthority> with a
String value... I changed that so the Set takes a String as input instead.
Now it goes into the first if statement and try to call page Secure and I
get the same error as I posted in my previous posting...
in the end the error states:
Caused by: org.acegisecurity.AccessDeniedException: Access is denied
at
org.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:68)
at
$AccessDecisionManager_118f7af2115.decide($AccessDecisionManager_118f7af2115.java)
at
org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:323)
at
nu.localhost.tapestry.acegi.services.internal.StaticSecurityChecker.checkBefore(StaticSecurityChecker.java:43)
at
$SecurityChecker_118f7af20ce.checkBefore($SecurityChecker_118f7af20ce.java)
at com.bergoo.webshop.pages.Secure.beginRender(Secure.java)
at
org.apache.tapestry.internal.structure.ComponentPageElementImpl$11$1.run(ComponentPageElementImpl.java:338)
at
org.apache.tapestry.internal.structure.ComponentPageElementImpl.invoke(ComponentPageElementImpl.java:874)
... 98 more
I don't see the reason why I get the Access denied.
Thanks for any help...
Jacob
--
View this message in context: http://www.nabble.com/T5%3A-Problem-with-login-form-with-Acegi-tp16364295p16365723.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org