web.xml configuration error

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

web.xml configuration error

Altuğ Bilgin Altıntaş
Hi all; 

I am using wicket and i need a security framework at that point  Apache ki seems ok to me. 

First i am getting this error message : 

No SecurityManager accessible to this method, either bound to the org.apache.ki.util.ThreadContext or as a vm static singleton.  See the org.apache.ki.SecurityUtils.getSubject() method JavaDoc for an explanation of expected environment configuration.

When i do this : 

 UsernamePasswordToken token = new UsernamePasswordToken(email , password);
  token.setRememberMe(true);

  Subject currentUser = SecurityUtils.getSubject();
  try {
            currentUser.login(token); // throws above exception
  catch(....) {
   .....
   } 

Here is my web.xml 

 <filter>
        <filter-name>KiFilter</filter-name>
        <filter-class>org.apache.ki.web.servlet.KiFilter</filter-class>
        <init-param>
            <param-name>config</param-name>
            <param-value>
                securityManager = org.apache.ki.web.DefaultWebSecurityManager

                securityManager.sessionMode = http
                # The KiFilter configuration is very powerful and flexible, while still remaining succinct.
                # Please read the comprehensive example, with full comments and explanations, in the JavaDoc:
                #

                [main]

                myRealm  = com.dodod.security.MyRealm

                [filters]
                ki.loginUrl = /login
                authc.successUrl = /

                [urls]
                # The /login.jsp is not restricted to authenticated users (otherwise no one could log in!), but
                # the 'authc' filter must still be specified for it so it can process that url's
                # login submissions. It is 'smart' enough to allow those requests through as specified by the
                # ki.loginUrl above.
                /login= authcBasic
                

            </param-value>
        </init-param>
    </filter>

I  wrote my own com.dodod.security.MyRealm class which extends AuthorizingRealm and overrides doGetAuthenticationInfo and doGetAuthorizationInfo methods. 

What is wrong ? 

Thanks.

--
Altuğ.
Reply | Threaded
Open this post in threaded view
|

Re: web.xml configuration error

Les Hazlewood-2
Hi Altuğ,

You don't need the two lines defining the SecurityManager - that is done by default.

Other than that, this looks ok.  Did you ensure that you set up a filter mapping to ensure the Filter intercepts that url (or set of urls)?

For example:

<filter-mapping>
    <filter-name>KiFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

Cheers,

Les

On Wed, May 13, 2009 at 7:09 AM, Altuğ B. Altıntaş <[hidden email]> wrote:
Hi all; 

I am using wicket and i need a security framework at that point  Apache ki seems ok to me. 

First i am getting this error message : 

No SecurityManager accessible to this method, either bound to the org.apache.ki.util.ThreadContext or as a vm static singleton.  See the org.apache.ki.SecurityUtils.getSubject() method JavaDoc for an explanation of expected environment configuration.

When i do this : 

 UsernamePasswordToken token = new UsernamePasswordToken(email , password);
  token.setRememberMe(true);

  Subject currentUser = SecurityUtils.getSubject();
  try {
            currentUser.login(token); // throws above exception
  catch(....) {
   .....
   } 

Here is my web.xml 

 <filter>
        <filter-name>KiFilter</filter-name>
        <filter-class>org.apache.ki.web.servlet.KiFilter</filter-class>
        <init-param>
            <param-name>config</param-name>
            <param-value>
                securityManager = org.apache.ki.web.DefaultWebSecurityManager

                securityManager.sessionMode = http
                # The KiFilter configuration is very powerful and flexible, while still remaining succinct.
                # Please read the comprehensive example, with full comments and explanations, in the JavaDoc:
                #

                [main]

                myRealm  = com.dodod.security.MyRealm

                [filters]
                ki.loginUrl = /login
                authc.successUrl = /

                [urls]
                # The /login.jsp is not restricted to authenticated users (otherwise no one could log in!), but
                # the 'authc' filter must still be specified for it so it can process that url's
                # login submissions. It is 'smart' enough to allow those requests through as specified by the
                # ki.loginUrl above.
                /login= authcBasic
                

            </param-value>
        </init-param>
    </filter>

I  wrote my own com.dodod.security.MyRealm class which extends AuthorizingRealm and overrides doGetAuthenticationInfo and doGetAuthorizationInfo methods. 

What is wrong ? 

Thanks.

--
Altuğ.

Reply | Threaded
Open this post in threaded view
|

Re: web.xml configuration error

Altuğ Bilgin Altıntaş
Hi Les; 

Yes i 've already defined the filter, my complete web.xml file : 


<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app
      PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"

<web-app>
    <display-name>Dodod</display-name>
    <filter>
        <filter-name>DododUrl</filter-name>
        <filter-class>org.apache.wicket.protocol.http.WicketFilter</filter-class>
        <init-param>
            <param-name>applicationClassName</param-name>
            <param-value>com.dodod.web.DododUygulamasi</param-value>
        </init-param>
    </filter>

    <filter>
        <filter-name>KiFilter</filter-name>
        <filter-class>org.apache.ki.web.servlet.KiFilter</filter-class>
        <init-param>
            <param-name>config</param-name>
            <param-value>
               
                # The KiFilter configuration is very powerful and flexible, while still remaining succinct.
                # Please read the comprehensive example, with full comments and explanations, in the JavaDoc:
                #

                [main]

                myRealm  = com.dodod.security.MyRealm

                [filters]
                ki.loginUrl = /login
                authc.successUrl = /

                [urls]
                # The /login.jsp is not restricted to authenticated users (otherwise no one could log in!), but
                # the 'authc' filter must still be specified for it so it can process that url's
                # login submissions. It is 'smart' enough to allow those requests through as specified by the
                # ki.loginUrl above.
                /login = authcBasic
                

            </param-value>
        </init-param>
    </filter>

    

    <filter-mapping>
        <filter-name>DodoUrl</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

   <filter-mapping>
        <filter-name>KiFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>


</web-app>






The same exception occurs : 

Caused by: java.lang.IllegalStateException: No SecurityManager accessible to this method, either bound to the org.apache.ki.util.ThreadContext or as a vm static singleton.  See the org.apache.ki.SecurityUtils.getSubject() method JavaDoc for an explanation of expected environment configuration.
        at org.apache.ki.SecurityUtils.getSubject(SecurityUtils.java:79)

jar files that i am using 

ki-core-1.0-incubating-SNAPSHOT.jar
ki-web-1.0-incubating-SNAPSHOT.jar
commons-logging-1.0.3.jar
commons-beanutils-1.7.0.jar

Thanks.

2009/5/13 Les Hazlewood <[hidden email]>
Hi Altuğ,

You don't need the two lines defining the SecurityManager - that is done by default.

Other than that, this looks ok.  Did you ensure that you set up a filter mapping to ensure the Filter intercepts that url (or set of urls)?

For example:

<filter-mapping>

    <filter-name>KiFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

Cheers,

Les


On Wed, May 13, 2009 at 7:09 AM, Altuğ B. Altıntaş <[hidden email]> wrote:
Hi all; 

I am using wicket and i need a security framework at that point  Apache ki seems ok to me. 

First i am getting this error message : 

No SecurityManager accessible to this method, either bound to the org.apache.ki.util.ThreadContext or as a vm static singleton.  See the org.apache.ki.SecurityUtils.getSubject() method JavaDoc for an explanation of expected environment configuration.

When i do this : 

 UsernamePasswordToken token = new UsernamePasswordToken(email , password);
  token.setRememberMe(true);

  Subject currentUser = SecurityUtils.getSubject();
  try {
            currentUser.login(token); // throws above exception
  catch(....) {
   .....
   } 

Here is my web.xml 

 <filter>
        <filter-name>KiFilter</filter-name>
        <filter-class>org.apache.ki.web.servlet.KiFilter</filter-class>
        <init-param>
            <param-name>config</param-name>
            <param-value>
                securityManager = org.apache.ki.web.DefaultWebSecurityManager

                securityManager.sessionMode = http
                # The KiFilter configuration is very powerful and flexible, while still remaining succinct.
                # Please read the comprehensive example, with full comments and explanations, in the JavaDoc:
                #

                [main]

                myRealm  = com.dodod.security.MyRealm

                [filters]
                ki.loginUrl = /login
                authc.successUrl = /

                [urls]
                # The /login.jsp is not restricted to authenticated users (otherwise no one could log in!), but
                # the 'authc' filter must still be specified for it so it can process that url's
                # login submissions. It is 'smart' enough to allow those requests through as specified by the
                # ki.loginUrl above.
                /login= authcBasic
                

            </param-value>
        </init-param>
    </filter>

I  wrote my own com.dodod.security.MyRealm class which extends AuthorizingRealm and overrides doGetAuthenticationInfo and doGetAuthorizationInfo methods. 

What is wrong ? 

Thanks.

--
Altuğ.




--
Altuğ.
Reply | Threaded
Open this post in threaded view
|

Re: web.xml configuration error

Altuğ Bilgin Altıntaş
I think I found the problem. 

I replaced the filters order. 

First  order - Apache Ki filter
Second order - Wicket Filter

now It works ! 

Great. 



2009/5/13 Altuğ B. Altıntaş <[hidden email]>
Hi Les; 

Yes i 've already defined the filter, my complete web.xml file : 


<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app
      PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"

<web-app>
    <display-name>Dodod</display-name>
    <filter>
        <filter-name>DododUrl</filter-name>
        <filter-class>org.apache.wicket.protocol.http.WicketFilter</filter-class>
        <init-param>
            <param-name>applicationClassName</param-name>
            <param-value>com.dodod.web.DododUygulamasi</param-value>
        </init-param>
    </filter>

    <filter>
        <filter-name>KiFilter</filter-name>
        <filter-class>org.apache.ki.web.servlet.KiFilter</filter-class>
        <init-param>
            <param-name>config</param-name>
            <param-value>
               
                # The KiFilter configuration is very powerful and flexible, while still remaining succinct.
                # Please read the comprehensive example, with full comments and explanations, in the JavaDoc:
                #

                [main]

                myRealm  = com.dodod.security.MyRealm

                [filters]
                ki.loginUrl = /login
                authc.successUrl = /

                [urls]
                # The /login.jsp is not restricted to authenticated users (otherwise no one could log in!), but
                # the 'authc' filter must still be specified for it so it can process that url's
                # login submissions. It is 'smart' enough to allow those requests through as specified by the
                # ki.loginUrl above.
                /login = authcBasic
                

            </param-value>
        </init-param>
    </filter>

    

    <filter-mapping>
        <filter-name>DodoUrl</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

   <filter-mapping>
        <filter-name>KiFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>


</web-app>






The same exception occurs : 

Caused by: java.lang.IllegalStateException: No SecurityManager accessible to this method, either bound to the org.apache.ki.util.ThreadContext or as a vm static singleton.  See the org.apache.ki.SecurityUtils.getSubject() method JavaDoc for an explanation of expected environment configuration.
        at org.apache.ki.SecurityUtils.getSubject(SecurityUtils.java:79)

jar files that i am using 

ki-core-1.0-incubating-SNAPSHOT.jar
ki-web-1.0-incubating-SNAPSHOT.jar
commons-logging-1.0.3.jar
commons-beanutils-1.7.0.jar

Thanks.

2009/5/13 Les Hazlewood <[hidden email]>

Hi Altuğ,

You don't need the two lines defining the SecurityManager - that is done by default.

Other than that, this looks ok.  Did you ensure that you set up a filter mapping to ensure the Filter intercepts that url (or set of urls)?

For example:

<filter-mapping>

    <filter-name>KiFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

Cheers,

Les


On Wed, May 13, 2009 at 7:09 AM, Altuğ B. Altıntaş <[hidden email]> wrote:
Hi all; 

I am using wicket and i need a security framework at that point  Apache ki seems ok to me. 

First i am getting this error message : 

No SecurityManager accessible to this method, either bound to the org.apache.ki.util.ThreadContext or as a vm static singleton.  See the org.apache.ki.SecurityUtils.getSubject() method JavaDoc for an explanation of expected environment configuration.

When i do this : 

 UsernamePasswordToken token = new UsernamePasswordToken(email , password);
  token.setRememberMe(true);

  Subject currentUser = SecurityUtils.getSubject();
  try {
            currentUser.login(token); // throws above exception
  catch(....) {
   .....
   } 

Here is my web.xml 

 <filter>
        <filter-name>KiFilter</filter-name>
        <filter-class>org.apache.ki.web.servlet.KiFilter</filter-class>
        <init-param>
            <param-name>config</param-name>
            <param-value>
                securityManager = org.apache.ki.web.DefaultWebSecurityManager

                securityManager.sessionMode = http
                # The KiFilter configuration is very powerful and flexible, while still remaining succinct.
                # Please read the comprehensive example, with full comments and explanations, in the JavaDoc:
                #

                [main]

                myRealm  = com.dodod.security.MyRealm

                [filters]
                ki.loginUrl = /login
                authc.successUrl = /

                [urls]
                # The /login.jsp is not restricted to authenticated users (otherwise no one could log in!), but
                # the 'authc' filter must still be specified for it so it can process that url's
                # login submissions. It is 'smart' enough to allow those requests through as specified by the
                # ki.loginUrl above.
                /login= authcBasic
                

            </param-value>
        </init-param>
    </filter>

I  wrote my own com.dodod.security.MyRealm class which extends AuthorizingRealm and overrides doGetAuthenticationInfo and doGetAuthorizationInfo methods. 

What is wrong ? 

Thanks.

--
Altuğ.




--
Altuğ.



--
Altuğ.
Reply | Threaded
Open this post in threaded view
|

Re: web.xml configuration error

Maarten Bosteels
Hello Altuğ,

You can find some samples and other useful code here:
https://wicket-stuff.svn.sourceforge.net/svnroot/wicket-stuff/trunk/wicketstuff-core/ki-security/

regards
Maarten

On Wed, May 13, 2009 at 7:21 PM, Altuğ B. Altıntaş <[hidden email]> wrote:
I think I found the problem. 

I replaced the filters order. 

First  order - Apache Ki filter
Second order - Wicket Filter

now It works ! 

Great. 



2009/5/13 Altuğ B. Altıntaş <[hidden email]>

Hi Les; 

Yes i 've already defined the filter, my complete web.xml file : 


<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app
      PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"

<web-app>
    <display-name>Dodod</display-name>
    <filter>
        <filter-name>DododUrl</filter-name>
        <filter-class>org.apache.wicket.protocol.http.WicketFilter</filter-class>
        <init-param>
            <param-name>applicationClassName</param-name>
            <param-value>com.dodod.web.DododUygulamasi</param-value>
        </init-param>
    </filter>

    <filter>
        <filter-name>KiFilter</filter-name>
        <filter-class>org.apache.ki.web.servlet.KiFilter</filter-class>
        <init-param>
            <param-name>config</param-name>
            <param-value>
               
                # The KiFilter configuration is very powerful and flexible, while still remaining succinct.
                # Please read the comprehensive example, with full comments and explanations, in the JavaDoc:
                #

                [main]

                myRealm  = com.dodod.security.MyRealm

                [filters]
                ki.loginUrl = /login
                authc.successUrl = /

                [urls]
                # The /login.jsp is not restricted to authenticated users (otherwise no one could log in!), but
                # the 'authc' filter must still be specified for it so it can process that url's
                # login submissions. It is 'smart' enough to allow those requests through as specified by the
                # ki.loginUrl above.
                /login = authcBasic
                

            </param-value>
        </init-param>
    </filter>

    

    <filter-mapping>
        <filter-name>DodoUrl</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

   <filter-mapping>
        <filter-name>KiFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>


</web-app>






The same exception occurs : 

Caused by: java.lang.IllegalStateException: No SecurityManager accessible to this method, either bound to the org.apache.ki.util.ThreadContext or as a vm static singleton.  See the org.apache.ki.SecurityUtils.getSubject() method JavaDoc for an explanation of expected environment configuration.
        at org.apache.ki.SecurityUtils.getSubject(SecurityUtils.java:79)

jar files that i am using 

ki-core-1.0-incubating-SNAPSHOT.jar
ki-web-1.0-incubating-SNAPSHOT.jar
commons-logging-1.0.3.jar
commons-beanutils-1.7.0.jar

Thanks.

2009/5/13 Les Hazlewood <[hidden email]>

Hi Altuğ,

You don't need the two lines defining the SecurityManager - that is done by default.

Other than that, this looks ok.  Did you ensure that you set up a filter mapping to ensure the Filter intercepts that url (or set of urls)?

For example:

<filter-mapping>

    <filter-name>KiFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

Cheers,

Les


On Wed, May 13, 2009 at 7:09 AM, Altuğ B. Altıntaş <[hidden email]> wrote:
Hi all; 

I am using wicket and i need a security framework at that point  Apache ki seems ok to me. 

First i am getting this error message : 

No SecurityManager accessible to this method, either bound to the org.apache.ki.util.ThreadContext or as a vm static singleton.  See the org.apache.ki.SecurityUtils.getSubject() method JavaDoc for an explanation of expected environment configuration.

When i do this : 

 UsernamePasswordToken token = new UsernamePasswordToken(email , password);
  token.setRememberMe(true);

  Subject currentUser = SecurityUtils.getSubject();
  try {
            currentUser.login(token); // throws above exception
  catch(....) {
   .....
   } 

Here is my web.xml 

 <filter>
        <filter-name>KiFilter</filter-name>
        <filter-class>org.apache.ki.web.servlet.KiFilter</filter-class>
        <init-param>
            <param-name>config</param-name>
            <param-value>
                securityManager = org.apache.ki.web.DefaultWebSecurityManager

                securityManager.sessionMode = http
                # The KiFilter configuration is very powerful and flexible, while still remaining succinct.
                # Please read the comprehensive example, with full comments and explanations, in the JavaDoc:
                #

                [main]

                myRealm  = com.dodod.security.MyRealm

                [filters]
                ki.loginUrl = /login
                authc.successUrl = /

                [urls]
                # The /login.jsp is not restricted to authenticated users (otherwise no one could log in!), but
                # the 'authc' filter must still be specified for it so it can process that url's
                # login submissions. It is 'smart' enough to allow those requests through as specified by the
                # ki.loginUrl above.
                /login= authcBasic
                

            </param-value>
        </init-param>
    </filter>

I  wrote my own com.dodod.security.MyRealm class which extends AuthorizingRealm and overrides doGetAuthenticationInfo and doGetAuthorizationInfo methods. 

What is wrong ? 

Thanks.

--
Altuğ.




--
Altuğ.



--
Altuğ.

Reply | Threaded
Open this post in threaded view
|

Re: web.xml configuration error

Altuğ Bilgin Altıntaş
Thanks Maarten ! 

They are very useful...

Great.

2009/5/13 Maarten Bosteels <[hidden email]>
Hello Altuğ,

You can find some samples and other useful code here:
https://wicket-stuff.svn.sourceforge.net/svnroot/wicket-stuff/trunk/wicketstuff-core/ki-security/

regards
Maarten


On Wed, May 13, 2009 at 7:21 PM, Altuğ B. Altıntaş <[hidden email]> wrote:
I think I found the problem. 

I replaced the filters order. 

First  order - Apache Ki filter
Second order - Wicket Filter

now It works ! 

Great. 



2009/5/13 Altuğ B. Altıntaş <[hidden email]>

Hi Les; 

Yes i 've already defined the filter, my complete web.xml file : 


<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app
      PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"

<web-app>
    <display-name>Dodod</display-name>
    <filter>
        <filter-name>DododUrl</filter-name>
        <filter-class>org.apache.wicket.protocol.http.WicketFilter</filter-class>
        <init-param>
            <param-name>applicationClassName</param-name>
            <param-value>com.dodod.web.DododUygulamasi</param-value>
        </init-param>
    </filter>

    <filter>
        <filter-name>KiFilter</filter-name>
        <filter-class>org.apache.ki.web.servlet.KiFilter</filter-class>
        <init-param>
            <param-name>config</param-name>
            <param-value>
               
                # The KiFilter configuration is very powerful and flexible, while still remaining succinct.
                # Please read the comprehensive example, with full comments and explanations, in the JavaDoc:
                #

                [main]

                myRealm  = com.dodod.security.MyRealm

                [filters]
                ki.loginUrl = /login
                authc.successUrl = /

                [urls]
                # The /login.jsp is not restricted to authenticated users (otherwise no one could log in!), but
                # the 'authc' filter must still be specified for it so it can process that url's
                # login submissions. It is 'smart' enough to allow those requests through as specified by the
                # ki.loginUrl above.
                /login = authcBasic
                

            </param-value>
        </init-param>
    </filter>

    

    <filter-mapping>
        <filter-name>DodoUrl</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

   <filter-mapping>
        <filter-name>KiFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>


</web-app>






The same exception occurs : 

Caused by: java.lang.IllegalStateException: No SecurityManager accessible to this method, either bound to the org.apache.ki.util.ThreadContext or as a vm static singleton.  See the org.apache.ki.SecurityUtils.getSubject() method JavaDoc for an explanation of expected environment configuration.
        at org.apache.ki.SecurityUtils.getSubject(SecurityUtils.java:79)

jar files that i am using 

ki-core-1.0-incubating-SNAPSHOT.jar
ki-web-1.0-incubating-SNAPSHOT.jar
commons-logging-1.0.3.jar
commons-beanutils-1.7.0.jar

Thanks.

2009/5/13 Les Hazlewood <[hidden email]>

Hi Altuğ,

You don't need the two lines defining the SecurityManager - that is done by default.

Other than that, this looks ok.  Did you ensure that you set up a filter mapping to ensure the Filter intercepts that url (or set of urls)?

For example:

<filter-mapping>

    <filter-name>KiFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

Cheers,

Les


On Wed, May 13, 2009 at 7:09 AM, Altuğ B. Altıntaş <[hidden email]> wrote:
Hi all; 

I am using wicket and i need a security framework at that point  Apache ki seems ok to me. 

First i am getting this error message : 

No SecurityManager accessible to this method, either bound to the org.apache.ki.util.ThreadContext or as a vm static singleton.  See the org.apache.ki.SecurityUtils.getSubject() method JavaDoc for an explanation of expected environment configuration.

When i do this : 

 UsernamePasswordToken token = new UsernamePasswordToken(email , password);
  token.setRememberMe(true);

  Subject currentUser = SecurityUtils.getSubject();
  try {
            currentUser.login(token); // throws above exception
  catch(....) {
   .....
   } 

Here is my web.xml 

 <filter>
        <filter-name>KiFilter</filter-name>
        <filter-class>org.apache.ki.web.servlet.KiFilter</filter-class>
        <init-param>
            <param-name>config</param-name>
            <param-value>
                securityManager = org.apache.ki.web.DefaultWebSecurityManager

                securityManager.sessionMode = http
                # The KiFilter configuration is very powerful and flexible, while still remaining succinct.
                # Please read the comprehensive example, with full comments and explanations, in the JavaDoc:
                #

                [main]

                myRealm  = com.dodod.security.MyRealm

                [filters]
                ki.loginUrl = /login
                authc.successUrl = /

                [urls]
                # The /login.jsp is not restricted to authenticated users (otherwise no one could log in!), but
                # the 'authc' filter must still be specified for it so it can process that url's
                # login submissions. It is 'smart' enough to allow those requests through as specified by the
                # ki.loginUrl above.
                /login= authcBasic
                

            </param-value>
        </init-param>
    </filter>

I  wrote my own com.dodod.security.MyRealm class which extends AuthorizingRealm and overrides doGetAuthenticationInfo and doGetAuthorizationInfo methods. 

What is wrong ? 

Thanks.

--
Altuğ.




--
Altuğ.



--
Altuğ.




--
Altuğ.