right.

In my spring.xml, how do I refer to it?

I tried doing

<property name="profileManager" ref="profileManagerImpl"/>

to inject the profile manager in but got a nullpointer.

I then greped through the clearspace webapp directory and found no refernce to a profilemanager. The only spring file I can find is WEB-INF/classes/spring-aopContext.xml and that doesn't give any clues either.

Can you be a bit more explicit on how I inject a profileManager please

Cheers

Nomit

Hello

I've been a spring course so know about the xml or annotation config and how injection works. It was an error in my xml config that was the problem.

when I get a map of  ProfileFieldValues from the profileManage:

Map<Long,ProfileFieldValue> m = profileManager.getProfile(user);
         for (Long key : m.keySet())
         {
              ProfileFieldValue p = m.get(key);

          }

getter methods on ProfileFieldValue do not seem to return the name of the ldap field even though I can get the value of the field??

Does the Long key relate to the ldap field name somehow or am I somehow able to get hold of the

com.jivesoftware.community.user.profile.ProfileField?

just spotted the ProfileFieldManager - will look at that too anbd see if the ID from the profileField relate
 to id of the profilefieldvalue

Cheers

Hello

A quick question about logout from clearspace.

When a user clicks logout they seem to get redirected from logout.jspa to index.jspa.

Index.jspa is both the login page and the logged in page.

Our custom auth filter uses an external Authentication system that still has you logged in.

As index.jspa is protected by this filter a user logging out gets logged back in straight away!

The only thing that changes in a browser session on the logout seems to be a cooke set

Set-Cookie: ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/clearspace

but this does not get sent with the redirect to index.jspa so I'm not sure how to capture the logout redirect to  index.jspa in my filter.

Can you configure a clearspace login page to be differerent to the logged in page?

Regards

Nomit

"You can configure the logout action to redirect to a page other than index.jspa. That way you wont get this look when a user attempts to log out."

How would I do this exactly?

cheers

Nomit

Hello Sean

One more question about configuring your own custom login filter.

I've set up the filters as described at

http://www.jivesoftware.com/builds/docs/clearspace/latest/ExampleAuthenticationandAuthorization.html

but this forces people to login for public pages as well.

How do I let people through to public pages that should not require a login?

Is there another way to configure the filters, or is the answer in the code?

Any pointers would be appreciated

Thanks

Hello

Thanks for that.

How does my filter check that the request is for public/open content?

If I create a public grp with the url

http://localhost:8080/clearspace/groups/publc-test-grp?view=overview

how does my filter know this is public and allow anon access?

Cheers

Nomit

However we have defined the filter as

/**=httpSessionContextIntegrationFilter, sessionTrackingFilter,

federatedIdentityAuthFilter, rememberMeProcessingFilter,

feedBasicAuthenticationFilter,exceptionTranslationFilter,jiveAuthenticationTranslationFilter

in the spring.xml.

this is different to that described at

http://www.jivesoftware.com/builds/docs/clearspace/beta/ClearspaceAuthenticationandAuthorization.html

but was taken out of the spring-securityContext.xml in the clearspace

jar itself.

Should the httpSessionContextIntegrationFilter be adding the

|AnonymousAuthentication for my |federatedIdentityAuthFilter to check?

The link about seems to say that

"As part of the authentication contract, if no authentication is present

when the |JiveAuthenticationTranslationFilter| is invoked, the

|AnonymousAuthentication| will be set to the |SecurityContext| prior to

transferring control to the application layer."

the |JiveAuthenticationTranslationFilter is further down the chain.

I've sent up a open group and my filter is still requesting our custom

authentication to be called

Cheers

|

so you

Nomit,

Please let me know if you have any more questions about this.  To recap:

• add client side redirect to unauth.ftl and login.ftl in global theme
• CAS redirects back to /clearspace/cs_login
• your auth filter returns an anonymous auth token unless the ticket is populated in the request header

Thanks,

Austen

This would be preferable

due losing custom changes after upgrades?

It is actually preferable to use a theme as these are stored in your jiveHome/themes and will not be lost during an upgrade.  If you override the global results, you'll need to reapply your customizations every patch release.

Thanks,

Austen

This is probably because you have removed the formProcessingFilter from your filter chain.  Add this property to your authentication filter bean and it should work again:

<property name="filterProcessesUrl"><value>/cs_login</value></property>

Sorry, please ignore my earlier advice about the /cs_login.  You really want to redirect back to the login.jspa from your SSO.  See here instructions here for how to setup the redirect to your SSO and what URL to return to:

http://www.jivesoftware.com/jivespace/thread/38369

Thanks,

Austen

Nomit,

As I mentioned above, this is not the preferred way to go as you will need to update this every time you update to the latest patch release.  The preferred way to do this is in a theme.

Thanks,

Austen

Yes, this should be done from within your plugin.  The best thing to do would be supply a new definition for the logout action in your plugin's struts.xml file.  You shouldn't need to override any core code.

Correct

Hey Nomit,

You can change the action that this link uses, or you can theme it out all together, forcing users to go to your main login page.

I just deleted the WEB-INF/classes/struts-community-custom.xml file and the plugin loaded.

however my pulugin has an error

18 May 2009 16:36:49,979 [http-8080-Processor98] ERROR [/clearspace].[default] - Servlet.service() for servlet default threw exception
java.lang.NullPointerException
        at com.jivesoftware.community.impl.ProfileManagerImpl.getProfile(ProfileManagerImpl.java:58)
        at uk.ac.sheffield.cics.clearspace.plugins.auth.UosLdapAgent.convertAttributesToUser(UosLdapAgent.java:134)
        at uk.ac.sheffield.cics.clearspace.plugins.auth.UosLdapAgent.extractUser(UosLdapAgent.java:86)
        at uk.ac.sheffield.cics.clearspace.plugins.auth.CasAuthFilter.doFilter(CasAuthFilter.java:119)
        at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
        at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
        at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainPr

from the line

Map<Long,ProfileFieldValue> m = profileManager.getProfile(jiveRepresentation);

This worked fine in 2.5.6 so not sure if the API has changed accross versions?

Regards

Nomit

Nomit,

What is the namespace for your actions in your struts.xml?  Is it "/" or simply ""?  We upgraded the Struts library to the latest version in the 2.5.10 release and this caused a change in the way the namespace must be mapped, if you are using that option on your actions package.  Please change this the other one if you have a package defined for your actions with a namespace of "/" or "".

Thanks,

Austen