Announcement Announcement Module
Collapse
No announcement yet.
How to trigger Acegi Security from Laszlo Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to trigger Acegi Security from Laszlo

    I'm using a Laszlo UI connect to Spring framework to get data from database. The call to spring is defined as a HTTP data source, which has this format:
    http://localhost:8080/mytest/acegiTe...rd&userid=user
    where acegiTest.html is mapped to a controller that uses a method UserManager.getUser() to talks to the database.

    My question is: how can I config Acegi to anable the authentication?
    I have set up a small app which work well with the jsp authentication/authorization. I also added HTTP Basic authentication from the reference:
    <bean id="basicProcessingFilter" class="net.sf.acegisecurity.ui.basicauth.BasicProc essingFilter">
    <property name="authenticationManager"><ref local="authenticationManager"/></property>
    <property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property>
    </bean>

    <bean id="basicProcessingFilterEntryPoint" class="net.sf.acegisecurity.ui.basicauth.BasicProc essingFilterEntryPoint">
    <property name="realmName"><value>TestRealm</value></property>
    </bean>
    ...
    <bean id="laszloSecurityInterceptor" class="net.sf.acegisecurity.intercept.method.aopal liance.MethodSecurityInterceptor">
    <property name="validateConfigAttributes"><value>true</value></property>
    <property name="authenticationManager"><ref local="authenticationManager"/></property>
    <property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>
    <property name="objectDefinitionSource">
    <value>
    test.UserManager.getUser*=ROLE_ADMIN
    </value>
    </property>
    </bean>
    ...

    It seems that Acegi security doesn't get triggered when the client app is run. The server side code just gets the data then passes it back to the client without authentication. I knew something must be missing somewhere (like more data should be submitted from the client?) but can not find an example on this forum. If anyone has done this, can you please show me a sample? Any help will be greatly appreciated.

  • #2
    I don't know anything about Laszlo - does it involve using a normal web-app? If so, do you have the acegi filters in your web.xml file?

    Comment


    • #3
      Thanks for your reply.

      I have figured out what is missing -- after added the header data to the HTTP call from the the client side, everything works immediately.

      Comment


      • #4
        is it possible to show how you solve your problem, because it seems that i have the same, and i tried to pass to the Embeded url all parameters of the jsp and this doesn't work, it redirects me to the login page

        Comment

        Working...
        X