Announcement Announcement Module
No announcement yet.
Acegi usage questions Page Title Module
Move Remove Collapse
This topic is closed
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Acegi usage questions

    I have a working web application that is using the applicationContext.xml and the web.xml files from the quickstart WEB-INF directory. The only modification I have made is to use the JdbcDaoImpl instead of the InMemoryDaoImpl.

    I have a few questions.

    1. How to make additional properties in my users table accessible in addition to the username, password fields? Example: first and last name and email properties?

    2. How to access my users credentials from my Strut's action classes?

    3. How to perform password encryption/decryption?

    I have read through the documentation and plan to re-read it until I understand this better, however a few small examples would really be appreciated.


  • #2
    You need to subclass JdbcDaoImpl to add additional properties to a subclass of User (or write your own UserDetails).

    Use ((SecureContext)ContextHolder.getContext()).getAut hentication().getPrincipal() to obtain the User/UserDetails your JdbcDaoImpl returned. You can do this from anywhere, including your views, controllers and services layer classes (it's a ThreadLocal).

    Password encryption and decryption is handled by a property on DaoAuthenticationProvider. See its JavaDocs.



    • #3
      help - subclassing JdbcDaoImpl


      Im trying to subclass JdbcDaoImpl and override the rowMapper so that the columns of my user select query can be mapped correctly (Ive added a lot more like email, address etc).

      What exactly am I to override to enable the UsersByUsernameMapping use my own (nested) rowMapper that will map the additional columns to my User bean??

      Secondly, I noticed that the user query select on user name only. When does the password match checking occur? And if i insert my passwords as SHA or MD5 using the password encoder, how/when does the acegi framework compare the user entered password (which has been encoded to SHA or MD5) with the one from the DB?

      would be grateful and very much appreciate a quick response as im little stuck. I must say Acegi is truly a superb piece of kit.

      Asif Akhtar


      • #4
        I guess you would probably have to override loadUserByUsername since it return a plain User object and you'll want to return something more complicated with your extra data included:

        If you're using DaoAuthenticationProvider, the password is checked here:


        • #5
          Forwarding to URL other than the success login page

          thanks for your reply luke.

          just another question. instead of forwarding to a success login page I would like to forward to a struts Action (or any other controller class) to determine the actual role of the user via the ACEGI Contextholder and then from this determine which page to forward to (e.g. admin.jsp).

          How would this be achieved? Would I have to do manual programmatic login using UsernamePasswordAuthenticationToken, or can I specify the .do url so struts will pick it up?

          so if I add a path e.g. will this be acceptable?

          hmm, not sure if what i said makes sense, but if u know what i mean please respond asap as im stuck once again!

          thanks guys


          • #6
            Acegi has no knowledge of struts, it just deals in URLs, so you can use anything you want.

            If you want to make a decision about what page to show based on the user's role, you could set the defaultTargetUrl of AuthenticationProcessingFilter to point to your struts controller ( and forward to whatever you want from there.


            • #7
              Get NoSuchBeanDefinitionException !!


              Ive gone nuts. All im trying to do is to allow all users to access web pages that are not protected, but only allow ADMIN, and USER to access the secure pages via logging in.

              so heres my objectDefSource bit from app.xml:

              <property name="objectDefinitionSource">
              /secure/admin* = ROLE_ADMIN
              /secure/** = ROLE_USER

              Now, when I href from an ordinary static page to my login page and hit submit (trying to log on) I get the following error:

              [DEBUG,PathBasedFilterInvocationDefinitionMap,http-8080-Processor25] Candidate is: '/j_acegi_security_check'; pattern is /**; matched=true
              [DEBUG,PathBasedFilterInvocationDefinitionMap,http-8080-Processor25] Candidate is: '/j_acegi_security_check'; pattern is /**; matched=true
              [DEBUG,PathBasedFilterInvocationDefinitionMap,http-8080-Processor25] Candidate is: '/j_acegi_security_check'; pattern is /**; matched=true
              [DEBUG,PathBasedFilterInvocationDefinitionMap,http-8080-Processor25] Candidate is: '/j_acegi_security_check'; pattern is /**; matched=true
              [ERROR,[default],http-8080-Processor25] Servlet.service() for servlet default threw exception
              org.springframework.beans.factory.NoSuchBeanDefini tionException: No bean named '' is defined: istableBeanFactory defining beans [messageSou
              at istableBeanFactory.getBeanDefinition(DefaultListab
              at BeanFactory.getMergedBeanDefinition(AbstractBeanFa
              at BeanFactory.getBean(
              at BeanFactory.getBean(
              at ationContext.getBean(AbstractApplicationContext.ja va:538)
              at org.acegisecurity.util.FilterChainProxy.obtainAllD efinedFilters(
              at org.acegisecurity.util.FilterChainProxy.doFilter(F
              at org.acegisecurity.util.FilterToBeanProxy.doFilter(
              at ternalDoFilter(
              at Filter(
              at org.apache.catalina.core.StandardWrapperValve.invo ke(
              at org.apache.catalina.core.StandardContextValve.invo ke(
              at org.apache.catalina.core.StandardHostValve.invoke(
              at org.apache.catalina.valves.ErrorReportValve.invoke (
              at org.apache.catalina.core.StandardEngineValve.invok e(
              at org.apache.catalina.connector.CoyoteAdapter.servic e(
              at org.apache.coyote.http11.Http11Processor.process(H
              at org.apache.coyote.http11.Http11BaseProtocol$Http11 ConnectionHandler.processConnection(Http11BaseProt
              at Socket(
              at ead.runIt(
              at org.apache.tomcat.util.threads.ThreadPool$ControlR

              It says - No bean named '' is defined. I dont get it.

              This is the value for my filterInvocationDefinitionSource defined in my filterChainProxy,


              Any ideas??


              • #8
                You shouldn't need to have the line


                If there is no matching configuration then it should have public access by default.

                Post your configuration (preferrably updated for RC2 in which SecurityEnforcementFilter has been refactored) if you can't get it to work.


                • #9
                  Wheh you are declaring anonymous filter you need to define it and also if you want all users to access the web pages which are not protected just
                  remove this line from your object definition source
                  and then try