acegi

Any good tutorials/examples for the Spring Security Framework?

Any good tutorials or samples on spring security. Thanks ...

Grails - Acegi: Customize Authentication Method

Hi, I want to change the authentication process that is used by the Acegi - Plugin. It should be a completly customized process. Cusotm login form + custom auth method. Obviously there is only few documentation regarding this topic. In the book "The Definitive Guide to Grails" it is described for an older version of grails. There the ...

Acegi Security: How do i add another GrantedAuthority to Authentication to anonymous user

i give users special URL with access key in it. users accessing the public page via this special url should be able to see some additional data as compared to simple anonymous user. i want to give some additional role to anonymous user based on parameters provided in request so i can do something like this in my template: <@sec.author...

Creating a custom authentication with Acegi/Spring Security

I'm having trouble discovering exactly what I need to implement in order to use a custom authentication method with my web application using Spring Security. I have a Grails application with the Spring Security plugin that currently uses the standard user/password authentication with a browser form. This is working correctly. I need to...

How can I determine what roles are required to access a URL with Spring Security?

I'm using Spring Security to secure a webapp. The URLs are secured like this: <security:http entry-point-ref="authenticationEntryPoint"> <security:intercept-url pattern="/" access="ROLE_ANONYMOUS" /> <security:intercept-url pattern="/assets/**/*" access="ROLE_ANONYMOUS" /> ... <security:intercept-url pattern="/**" access="ROLE_U...

ACEGI Authentication available in tomcat 404 error handler.

I'm using spring and acegi in a webapp that's deployed in tomcat 5.5.26. I want to see if the user is logged in on the 404 page, so that we can show their name if they're logged in, and a login link otherwise. I have the HttpSessionContextIntegrationFilter, in the filters on the REQUEST dispatcher. I also have it in the ERROR dispatche...

How to grant access for all authenticated users?

Need to grant access to users without any role using Spring Security. Anyone how process authentication must be granted to access any URL. So can I do that by something like this or may be somehow else? <http auto-config='true'> <intercept-url pattern="/**" access="ALL" /> <intercept-url pattern="/login.jsp" filters="none" /> <for...

JAAS for human beings

I am having a hard time understanding JAAS. It all seems more complicated than it should be (especially the Sun tutorials). I need a simple tutorial or example on how to implement security (authentication + authorization) in java application based on Struts + Spring + Hibernate with custom user repository. Can be implemented using ACEGI....

Spring Security: How to get the initial target url

I am using the spring security to restricted urls. I am trying to provide signup and login page, on the same page. On login spring security transfers to the restricted page. However i am trying to pass the target url to the signup process, so that after signup we can redirect to the restricted page. How to get the actual URL that user ...

Does Acegi/Spring security support getUserPrincipal()?

I need to interface an existing application with Acegi/Spring security. In order to get started I am looking for one simple piece of information: in this context, will HttpServletRequest.getUserPrincipal() called from my application properly return the username obtained through Spring (as opposed to using Spring-specific objects)? I hav...

Spring Acegi - Social Network platform

Can spring Acegi security be used for a social networking application where users can set their security preferences to share their data only with their friends? The common scenario of the Acegi tutorials is where you want to authorize actions per user role, but what about authorizing users to view specific data, say, only their friends...

Spring Security: What is the UserDetailsManager interface used for? And more!

I'm curious about the UserDetailsManager interface. It's not mentioned in the reference guide and in the JavaDoc it's described as: An extension of the UserDetailsService which provides the ability to create new users and update existing ones. When implementing the UserDetailsManager interface you have to implement five meth...

Grails 1.0.4 with Acegi 0.4.1 upgraded to Grails 1.1 and Acegi 0.5.1 with problems!

Hi guys! I upgraded my Grails 1.0.4 application to 1.1. I also upgraded from acegi 0.4.1 to 0.5.1! I had some problems but i'm working on it and i think this is my last problem. When i start my grails application i get the following error message: loading security config ... ...

Grails Acegi Plugin springsecurity.GrailsDaoImpl - User [admin] has no GrantedAuthority

Hi guys, i upgraded my grails 1.0.4 + acegi 0.4.1 project to grails 1.1 with acegi 0.5.1. I'm able to start my application without errors, but when i want to login i get a "wrong username or password" message. Grails-shell output is: 2009-04-26 12:38:46,997 [403984690@qtp0-0] ERROR springsecurity.GrailsDaoImpl - User [admin] ...

acegi + facebook / myspace / google

my app is using acegi as security. is there any facebook connect/google/myspace plugin i can hook up with acegi ? ...

How to integrate google's Step2 with acegi security in the Grails Framework?

How to integrate google's Step2 with acegi security ...

Grails Security Problem and Search Engine optimization

I'm trying to build a control logic that depends on the current gsp page to call an action, is there a tag or a session method that i can use to identify the current gsp page I want to restrict access to all GSPs except singup and login, so if a user open any other gsp he will be redirected to signup page and he will also be able to n...

Example link Required for Uses of acegisecurity framework with spring

Hello, I am currently developing my project using Spring, Sutruts2 & Hibernate. Now i want to apply acegi security for authentication & authrization purpose. But, i m totally new with acegi, so i want to use acegisecurity framework with spring configuration. If anyone have link for an simple example of acegi with spring, struts2 & hi...

Acegi/Spring Security Grails plug-in not seeing changes to a User instance

I am writing a web app in Grails with the Acegi/Spring Security plug-in, and am having trouble getting it to see changes I make to User instances. I have only been working with Groovy/Grails for about three weeks, so please forgive me if this problem is trivial, since I have been poring over mailing lists and tutorials trying to find the...

Does it make sense to have more than one MethodSecurityInterceptor bean?

Can two MethodSecurityInterceptor beans be defined as follows? <beans> <bean id="moduleOneMethodSecurity" class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor"> <property name="accessDecisionManager"><ref bean="serviceAccessDecisionManager"/></property> <property name="authenticationMa...