Announcement Announcement Module
Collapse
No announcement yet.
finally the AHa moment I've been waiting for Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • finally the AHa moment I've been waiting for

    I can finally talk about the authentication! It's taken me a while b/c the chaining is known but I've never used it. No offense meant but the spring mvc and step by step was fast so I figured this would be too!

    Where it comes together is in the AuthenticationProcessingFilter. If you don't understand the acegi take a look at it b/c this method call this.getAuthenticationManager().authenticate(authR equest); is what it is all about. Also the authorization at a method level started making sense.

    From the samples app war I pasted the following entry which now makes some sense to me.

    <bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSe curityInterceptor">
    <property name="authenticationManager"><ref bean="authenticationManager"/></property>
    <property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property>
    <property name="objectDefinitionSource">
    values...
    </property>
    </bean>

    I had to take inventory of the ways or scenarios you can hit a web server and what that means. This (above) is one scenario where you need to authenticate. Basic and anonymous are some others.

    dw

  • #2
    Hi David, I received your howto guide, I will get a chance to take a look at it later today... Thanks for that.

    Comment

    Working...
    X