Announcement Announcement Module
Collapse
No announcement yet.
SiteMesh decoration problem Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • SiteMesh decoration problem

    Hi,
    This is my first project with acegi and I've managed to get it to do the authentication and authorization bit. But I am stuck on this one problem. I am using SiteMesh for page decoration and everything is working fine with that except when a user does not have the right authority to access the resource the access denied page is not being decorated and I cant figure out why. Can anyone see what's going wrong?

    Thanks in advance.

    Ziad


    web.xml

    Code:
        
    <filter>
            <filter-name>Acegi Filter Chain Proxy</filter-name>
            <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
            <init-param>
                <param-name>targetClass</param-name>
                <param-value>org.acegisecurity.util.FilterChainProxy</param-value>
            </init-param>
        </filter>
    
        <filter-mapping>
          <filter-name>Acegi Filter Chain Proxy</filter-name>
          <url-pattern>/*</url-pattern>
        </filter-mapping>
    
    ....
    
    	<!--  Start of SiteMesh stuff     -->
    	<filter>
    		<filter-name>sitemesh</filter-name>
    <filter-class>com.opensymphony.module.sitemesh.filter.PageFilter</filter-class>
    	</filter>    
    	<filter-mapping>
    		<filter-name>sitemesh</filter-name>
    		<url-pattern>/*</url-pattern>
    	</filter-mapping>
    	<taglib>
    		<taglib-uri>sitemesh-page</taglib-uri>
    		<taglib-location>/WEB-INF/sitemesh-page.tld</taglib-location>
    	</taglib>    
    	<taglib>
    		<taglib-uri>sitemesh-decorator</taglib-uri>
    		<taglib-location>/WEB-INF/sitemesh-decorator.tld</taglib-location>
    	</taglib>    
    	<!--  End of SiteMesh stuff -->
    applicationContext.xml
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
    
    <beans>
    
    	<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
    		<property name="filterInvocationDefinitionSource">
    			<value><![CDATA[
    				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    				PATTERN_TYPE_APACHE_ANT
    				/**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
    			]]></value>
    		</property>
    	</bean>
    
    	<bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/>
    
    	<bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter">
    		<constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout -->
    		<constructor-arg>
    			<list>
    				<ref bean="rememberMeServices"/>
    				<bean class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler"/>
    			</list>
    		</constructor-arg>
    	</bean>
    
    	<bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
    		<property name="authenticationManager" ref="authenticationManager"/>
    		<property name="authenticationFailureUrl" value="/login.jsp?login_error=1"/>
    		<property name="defaultTargetUrl" value="/"/>
    		<property name="filterProcessesUrl" value="/j_acegi_security_check"/>
    		<property name="rememberMeServices" ref="rememberMeServices"/>
    	</bean>
    
    	<bean id="securityContextHolderAwareRequestFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/>
    
    	<bean id="rememberMeProcessingFilter" class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">
    		<property name="authenticationManager" ref="authenticationManager"/>
    		<property name="rememberMeServices" ref="rememberMeServices"/>
    	</bean>
    
    	<bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
    		<property name="key" value="changeThis"/>
    		<property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS"/>
    	</bean>
    
    	<bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
    		<property name="authenticationEntryPoint">
    			<bean class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
    				<property name="loginFormUrl" value="/login.jsp"/>
    				<property name="forceHttps" value="false"/>
    			</bean>
    		</property>
    		<property name="accessDeniedHandler">
    			<bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
    				<property name="errorPage" value="/accessDenied.jsp"/>
    			</bean>
    		</property>
    	</bean>
    
    	<bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
    		<property name="authenticationManager" ref="authenticationManager"/>
    		<property name="accessDecisionManager">
    			<bean class="org.acegisecurity.vote.AffirmativeBased">
    				<property name="allowIfAllAbstainDecisions" value="false"/>
    				<property name="decisionVoters">
    					<list>
    						<bean class="org.acegisecurity.vote.RoleVoter"/>
    						<bean class="org.acegisecurity.vote.AuthenticatedVoter"/>
    					</list>
    				</property>
    			</bean>
    		</property>
    		<property name="objectDefinitionSource">
    			<value><![CDATA[
    				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    				PATTERN_TYPE_APACHE_ANT
    				/agent/**=ROLE_AGENT
    				/agent/**=IS_AUTHENTICATED_REMEMBERED
    				/**=IS_AUTHENTICATED_ANONYMOUSLY
    			]]></value>
    		</property>
    	</bean>
    
    	<bean id="rememberMeServices" class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices">
    		<property name="userDetailsService" ref="userDetailsService"/>
    		<property name="key" value="changeThis"/>
    	</bean>
    
    	<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
    		<property name="providers">
    			<list>
    				<ref local="daoAuthenticationProvider"/>
    				<bean class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
    					<property name="key" value="changeThis"/>
    				</bean>
    				<bean class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
    					<property name="key" value="changeThis"/>
    				</bean>
    			</list>
    		</property>
    	</bean>
    
    	<bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
    		<property name="userDetailsService" ref="userDetailsService"/>
    	</bean>
    
    	<!-- UserDetailsService is the most commonly frequently Acegi Security interface implemented by end users -->
    	<bean id="userDetailsService"
    		class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
    		<property name="dataSource" ref="dataSource" />
    		<property name="usersByUsernameQuery">
    			<value>
    				SELECT username,password,enabled FROM users WHERE username = ?
    			</value>
    		</property>
    		<property name="authoritiesByUsernameQuery">
    			<value>
    				SELECT username, authority FROM authorities WHERE username = ?
    			</value>
    		</property>
    	</bean>
    
    	<!-- This bean is optional; it isn't used by any other bean as it only listens and logs -->
    	<bean id="loggerListener" class="org.acegisecurity.event.authentication.LoggerListener"/>
    
    </beans>

  • #2
    look here
    http://forum.springframework.org/showthread.php?t=34221

    Comment


    • #3
      Hi Janning,

      Thanks for that, I used the redirect 'hack' to fix the problem for now, I might look at extending the decorator later but for now the redirect will do.

      Comment

      Working...
      X