Announcement Announcement Module
Collapse
No announcement yet.
Help! Why does acegi not work? Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Help! Why does acegi not work?

    Hi,

    I search and find a old thread that has a configuration file and try it. I got loop exception at the tomcat console. Anyone can help me out?

    Thanks.

    I use Eclipse 3.2, Tomcat 5.5, acegi1.0.4.

    web.xml will call Acegi.xml

    Acegi.xml:
    [ code]
    <?xml version="1.0" encoding="UTF-8"?>

    <!DOCTYPE
    beans
    PUBLIC
    "-//SPRING//DTD BEAN//EN"
    "http://www.springframework.org/dtd/spring-beans.dtd">

    <beans>
    <!-- Automatically receives AuthenticationEvent messages -->
    <bean id="loggerListener"
    class="org.acegisecurity.event.authentication.Logg erListener" />

    <!--
    =- filterChainProxy is called from web.xml
    =-
    =- recommended filter order: ChannelProcessingFilter,
    =- ConcurrentSessionFilter, HttpSessionContextIntegrationFilter,
    =- auth processing mechanisms; <AuthenticationProcessingFilter,
    =- CasProcessingFilter, BasicProcessingFilter,
    =- HttpRequestIntegrationFilter, JbossIntegrationFilter, etc.>,
    =- ContextHolderAwarenessRequestFilter,
    =- RememberMeProcessingFilter, AnonymousProcessingFilter,
    =- SecurityEnforcementFilter
    -->
    <bean id="filterChainProxy"
    class="org.acegisecurity.util.FilterChainProxy">
    <property name="filterInvocationDefinitionSource">
    <value>
    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    PATTERN_TYPE_APACHE_ANT
    /**=httpSessionContextIntegrationFilter,authenticat ionProcessingFilter,exceptionTranslationFilter,fil terSecurityInterceptor
    </value>
    </property>
    </bean>

    <bean id="httpSessionContextIntegrationFilter"
    class="org.acegisecurity.context.HttpSessionContex tIntegrationFilter" />

    <bean id="authenticationProcessingFilter"
    class="org.acegisecurity.ui.webapp.AuthenticationP rocessingFilter">
    <property name="authenticationManager">
    <ref local="providerManager"/>
    </property>

    <property name="defaultTargetUrl">
    <value>/</value>
    </property>

    <property name="filterProcessesUrl">
    <value>/j_acegi_security_check</value>
    </property>

    <property name="authenticationFailureUrl">
    <value>/login.htm?login_error=1</value>
    </property>
    </bean>

    <bean id="exceptionTranslationFilter"
    class="org.acegisecurity.ui.ExceptionTranslationFi lter">
    <property name="authenticationEntryPoint">
    <ref local="authenticationProcessingFilterEntryPoint" />
    </property>
    </bean>

    <bean id="authenticationProcessingFilterEntryPoint"
    class="org.acegisecurity.ui.webapp.AuthenticationP rocessingFilterEntryPoint">
    <property name="loginFormUrl">
    <value>/login.htm</value>
    </property>
    </bean>

    <bean id="filterSecurityInterceptor"
    class="org.acegisecurity.intercept.web.FilterSecur ityInterceptor">
    <property name="authenticationManager">
    <ref local="providerManager" />
    </property>

    <property name="accessDecisionManager">
    <ref local="httpRequestAccessDecisionManager" />
    </property>

    <property name="objectDefinitionSource">
    <value>
    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    PATTERN_TYPE_APACHE_ANT
    /page1.htm=ROLE_USER
    </value>
    </property>
    </bean>

    <bean id="providerManager"
    class="org.acegisecurity.providers.ProviderManager ">
    <property name="providers">
    <list>
    <ref local="daoAuthenticationProvider" />
    </list>
    </property>
    </bean>

    <bean id="daoAuthenticationProvider"
    class="org.acegisecurity.providers.dao.DaoAuthenti cationProvider">
    <property name="userDetailsService">
    <ref local="inMemoryDaoImpl" />
    </property>
    </bean>

    <bean id="inMemoryDaoImpl"
    class="org.acegisecurity.userdetails.memory.InMemo ryDaoImpl">
    <property name="userMap">
    <value>
    rusty=password,ROLE_USER
    </value>
    </property>
    </bean>

    <bean id="httpRequestAccessDecisionManager"
    class="org.acegisecurity.vote.AffirmativeBased">
    <property name="allowIfAllAbstainDecisions">
    <value>false</value>
    </property>

    <property name="decisionVoters">
    <list>
    <ref local="roleVoter" />
    </list>
    </property>
    </bean>

    <!--
    =- An access decision voter that reads ROLE_* configuration
    =- settings.
    -->
    <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter" />
    </beans>
    [ /code]

    The exceptions at the server console are like:

    at javax.servlet.http.HttpServletRequestWrapper.getSe ssion(HttpServletRequestWrapper.java:216)
    at org.apache.catalina.core.ApplicationHttpRequest.ge tSession(ApplicationHttpRequest.java:545)
    at javax.servlet.http.HttpServletRequestWrapper.getSe ssion(HttpServletRequestWrapper.java:216)
    at org.apache.catalina.core.ApplicationHttpRequest.ge tSession(ApplicationHttpRequest.java:545)
    at javax.servlet.http.HttpServletRequestWrapper.getSe ssion(HttpServletRequestWrapper.java:216)
    at org.apache.catalina.core.ApplicationHttpRequest.ge tSession(ApplicationHttpRequest.java:545)

  • #2
    Sorry for the messy of the XML content. I tried to use [ code], but seems not working.

    Comment


    • #3
      I don't know if it's the cause, but it seems that you put the login page as a secure page, you have to put the access to the login page to an anonymous user (see the tutorial here around).

      Comment


      • #4
        Out of interest, why did you copy this example? It's generally easier to start with the sample tutorial that ships with Acegi.
        Last edited by karldmoore; Aug 29th, 2007, 10:17 AM.

        Comment


        • #5
          Originally posted by JuliusIT View Post
          I don't know if it's the cause, but it seems that you put the login page as a secure page, you have to put the access to the login page to an anonymous user (see the tutorial here around).
          That's actually a FAQ response to this FAQ, about loops.

          Comment


          • #6
            Strip out the spaces

            Originally posted by knightEric View Post
            Sorry for the messy of the XML content. I tried to use [ code], but seems not working.
            Your code tags have spaces. You should be able to edit the entry yourself, since its your entry. See if that makes it look better.

            Comment


            • #7
              Originally posted by lally View Post
              That's actually a FAQ response to this FAQ, about loops.
              Can you post the link to the Acegi Faq? I can't find it.

              Comment


              • #8
                http://www.acegisecurity.org/faq.html

                Comment


                • #9
                  A common user problem with infinite loop and redirecting to the login page is caused by accidently configuring the login page as a "secured" resource. Generally make sure you mark your login page as requiring ROLE_ANONYMOUS.

                  (Sorry, should have included this in the first post.)

                  Comment


                  • #10
                    Originally posted by Rick Evans View Post
                    A common user problem with infinite loop and redirecting to the login page is caused by accidently configuring the login page as a "secured" resource. Generally make sure you mark your login page as requiring ROLE_ANONYMOUS.

                    (Sorry, should have included this in the first post.)
                    Thanks for the hint.

                    Giulio

                    Comment


                    • #11
                      Hi all,

                      Thanks all of you who read and give answers to this thread. Finally, I change to use Tomcat JDBCRealm for authentication and authorization. It is quite simple and meet my requirement, which is form based and keeping the user name and encrypted password in the database.

                      Maybe in the future, another project will require Acegi and I will remember to expose login page to anonymous (not try if it works because of busy ).

                      BTW, what are the advantages of using Acegi instead of Tomcat JDBCRealm except keeping the project independent from specific server?

                      Thanks,

                      Comment


                      • #12
                        Originally posted by JuliusIT View Post
                        Can you post the link to the Acegi Faq? I can't find it.
                        Please make an effort to use other resources before posting so we can keep the noise ration down in the forum. E.g. entering "acegi faq" in google returns that page as the first match.


                        knightEric: The website has a list of features, links to articles and the reference manual. Please read these to find out what is available and why you might want to use it. In short, if you have no need for any customization of the authentication process and you have all the functionality you need in standard J2EE security then use that. However, if you need to alter the behaviour then your options are pretty limited.

                        Comment

                        Working...
                        X