Dave Johnson-8 wrote:
>
> It appears that, after your CAS login, you user is not
authenticated
> in Roller -- therefore the authenticated user is null
and you get that
> Null Pointer Exception.
>
> Maybe you are missing the change that allows Roller to
check with CAS
> to determine if the user is authenticated. Perhaps that
is part of the
> Aceci security.xml configuration.
>
> I'm not really familiar with Acegi-CAS. What
instructions are you
> following to do this integration?
>
> - Dave
>
ok dave, thanks for your replay.
I wrote my secuity,xml inspired by jamwiki and contact-cas
in acegi-security
this is my security.xml
<?xml version="1.0"
encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under
one or more
contributor license agreements. The ASF licenses this
file to You
under the Apache License, Version 2.0 (the
"License"); you may not
use this file except in compliance with the License.
You may obtain a copy of the License at
http://www
.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in
writing, software
distributed under the License is distributed on an
"AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
express or implied.
See the License for the specific language governing
permissions and
limitations under the License. For additional
information regarding
copyright in this work, please see the NOTICE file in
the top level
directory of this distribution.
-->
<!DOCTYPE beans PUBLIC "-//SPRING//DTD
BEAN//EN"
"http://www.springframework.org/dtd/spring-beans.dtd
">
<beans>
<bean id="propertyConfigurer"
class="org.springframework.beans.factory.config.Propert
yPlaceholderConfigurer">
<property
name="ignoreResourceNotFound"><value>fals
e</value></property>
<property name="locations">
<list>
<value>classpath:cas.properties</value>
</list>
</property>
</bean>
<!-- ======================== FILTER CHAIN
======================= -->
<bean id="filterChainProxy"
class="org.acegisecurity.util.FilterChainProxy">
;
<property
name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,casProcessingFilter,
anonymousProcessingFilter,exceptionTranslationFilter,filterI
nvocationInterceptor
</value>
</property>
</bean>
<!-- ======================== AUTHENTICATION
======================= -->
<!-- Note the order that entries are placed against
the
objectDefinitionSource is critical.
The FilterSecurityInterceptor will work from the top
of the list down
to the FIRST pattern that matches the request URL.
Accordingly, you should place MOST SPECIFIC (ie
a/b/c/d.*)
expressions first, with LEAST SPECIFIC (ie a/.*) expressions
last -->
<bean id="filterInvocationInterceptor"
class="org.acegisecurity.intercept.web.FilterSecurityIn
terceptor">
<property name="authenticationManager"
ref="authenticationManager"/>
<property name="accessDecisionManager"
ref="accessDecisionManager"/>
<property
name="objectDefinitionSource">
<value>
PATTERN_TYPE_APACHE_ANT
/roller-ui/login-redirect.jsp=admin,editor
/roller-ui/yourProfile**=admin,editor
/roller-ui/createWebsite**=admin,editor
/roller-ui/yourWebsites**=admin,editor
/roller-ui/authoring/**=admin,editor
/roller-ui/admin/**=admin
/rewrite-status*=admin
</value>
</property>
</bean>
<bean id="authenticationManager"
class="org.acegisecurity.providers.ProviderManager"
;>
<property name="providers">
<list>
<ref
local="casAuthenticationProvider"/>
<!-- <ref
local="daoAuthenticationProvider"/>-->
<ref
local="anonymousAuthenticationProvider"/>
<!-- rememberMeAuthenticationProvider added
programmatically -->
</list>
</property>
</bean>
<!-- Log failed authentication attempts to
commons-logging -->
<bean id="loggerListener"
class="org.acegisecurity.event.authentication.LoggerLis
tener"/>
<!-- Read users from database -->
<bean id="jdbcAuthenticationDao"
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl&q
uot;>
<property name="dataSource">
<bean
class="org.springframework.jndi.JndiObjectFactoryBean&q
uot;>
<property name="jndiName"
value="java:comp/env/jdbc/rollerdb"/>
</bean>
</property>
<property
name="usersByUsernameQuery">
<value>SELECT username,passphrase,isenabled
FROM rolleruser WHERE
username = ?</value>
</property>
<property
name="authoritiesByUsernameQuery">
<value>SELECT username,rolename FROM
userrole WHERE username =
?</value>
</property>
</bean>
<bean id="userCache"
class="org.acegisecurity.providers.dao.cache.EhCacheBas
edUserCache">
<property name="cache">
<bean
class="org.springframework.cache.ehcache.EhCacheFactory
Bean">
<property name="cacheManager">
<bean
class="org.springframework.cache.ehcache.EhCacheManager
FactoryBean"/>
</property>
<property name="cacheName"
value="userCache"/>
</bean>
</property>
</bean>
<bean
id="anonymousAuthenticationProvider"
class="org.acegisecurity.providers.anonymous.AnonymousA
uthenticationProvider">
<property name="key"
value="anonymous"/>
</bean>
<bean id="roleVoter"
class="org.acegisecurity.vote.RoleVoter">
<property name="rolePrefix"
value=""/>
</bean>
<bean id="accessDecisionManager"
class="org.acegisecurity.vote.AffirmativeBased">
;
<property
name="allowIfAllAbstainDecisions"
value="false"/>
<property name="decisionVoters">
<list>
<ref local="roleVoter"/>
</list>
</property>
</bean>
<!-- ===================== HTTP REQUEST SECURITY
====================
-->
<bean
id="httpSessionContextIntegrationFilter"
class="org.acegisecurity.context.HttpSessionContextInte
grationFilter"/>
<bean id="anonymousProcessingFilter"
class="org.acegisecurity.providers.anonymous.AnonymousP
rocessingFilter">
<property name="key"
value="anonymous"/>
<property name="userAttribute"
value="anonymous,ROLE_ANONYMOUS"/>
</bean>
<bean id="exceptionTranslationFilter"
class="org.acegisecurity.ui.ExceptionTranslationFilter&
quot;>
<!--<property
name="authenticationEntryPoint"
ref="authenticationProcessingFilterEntryPoint"/>
;-->
<property
name="authenticationEntryPoint"><ref
bean="casProcessingFilterEntryPoint"/></prop
erty>
</bean>
<!-- ========================= CAS Service
Provider
========================= -->
<bean id="serviceProperties"
class="org.acegisecurity.ui.cas.ServiceProperties"
>
<property
name="service"><value>${roller.base.url}/
j_acegi_cas_security_check</value></property>
<property
name="sendRenew"><value>false</value&g
t;</property>
</bean>
<!-- ======================== CAS Processing Filter
======================== -->
<bean id="casProcessingFilter"
class="org.acegisecurity.ui.cas.CasProcessingFilter&quo
t;>
<property
name="authenticationManager"><ref
local="authenticationManager"/></property>
;
<property
name="authenticationFailureUrl"><value>/r
oller-ui/login.do?error=true</value></property>
<property
name="defaultTargetUrl"><value>/</valu
e></property>
<property
name="filterProcessesUrl"><value>/j_acegi
_cas_security_check</value></property>
</bean>
<bean id="casProcessingFilterEntryPoint"
class="org.acegisecurity.ui.cas.CasProcessingFilterEntr
yPoint">
<property
name="loginUrl"><value>${cas.base.url}/lo
gin</value></property>
<property
name="serviceProperties"><ref
bean="serviceProperties"/></property>
</bean>
<bean id="casAuthenticationProvider"
class="org.acegisecurity.providers.cas.CasAuthenticatio
nProvider">
<property
name="casAuthoritiesPopulator"><ref
local="casAuthoritiesPopulator"/></property&
gt;
<property
name="casProxyDecider"><ref
local="casProxyDecider"/></property>
<property
name="ticketValidator"><ref
local="casProxyTicketValidator"/></property&
gt;
<property
name="statelessTicketCache"><ref
local="statelessTicketCache"/></property>
<property
name="key"><value>k7oihd§()8</value&g
t;</property>
</bean>
<bean id="casProxyTicketValidator"
class="org.acegisecurity.providers.cas.ticketvalidator.
CasProxyTicketValidator">
<property
name="casValidate"><value>${cas.base.url}
/proxyValidate</value></property>
<!-- <property
name="proxyCallbackUrl"><value>${cas.prox
y.callback.base.url}/casProxy/receptor</value></pro
perty>-->
<property
name="serviceProperties"><ref
local="serviceProperties"/></property>
<property
name="trustStore"><value>/home/reschini/t
rojacerts</value></property>
</bean>
<bean id="cacheManager"
class="org.springframework.cache.ehcache.EhCacheManager
FactoryBean"/>
<bean id="ticketCacheBackend"
class="org.springframework.cache.ehcache.EhCacheFactory
Bean">
<property name="cacheManager">
<ref local="cacheManager"/>
</property>
<property name="cacheName">
<value>ticketCache</value>
</property>
</bean>
<bean id="statelessTicketCache"
class="org.acegisecurity.providers.cas.cache.EhCacheBas
edTicketCache">
<property name="cache"><ref
local="ticketCacheBackend"/></property>
</bean>
<bean id="casAuthoritiesPopulator"
class="org.acegisecurity.providers.cas.populator.DaoCas
AuthoritiesPopulator">
<property
name="userDetailsService"><ref
local="daoAuthenticationProvider"/></propert
y>
</bean>
<bean id="casProxyDecider"
class="org.acegisecurity.providers.cas.proxy.RejectProx
yTickets"/>
<!-- +++++++++ Logging +++++++++ -->
<bean id="authenticationLoggerListener"
class="org.acegisecurity.event.authentication.LoggerLis
tener"/>
<bean id="authorizationLoggerListener"
class="org.acegisecurity.event.authorization.LoggerList
ener"/>
</beans>
THANKS A LOT!
--
View this message in context: http://www.nabble.com/Roller-%2B-C
AS-integration-tf3413536s12275.html#a9555526
Sent from the Roller - Dev mailing list archive at
Nabble.com.
|
inera.it> wrote:
>
> I'm using 3.0
>
> thanks
>
>
> Dave Johnson-8 wrote:
> >
> > What version of Roller are you using for this?
> >
> > - Dave
> >
>
> --
> View this message in context: 