valentim
Sep 2nd, 2004, 09:48 AM
Hi folks,
I have the following problem: I implemented the AuthenticationDao interface and I get the correct information of my user in the database, but acegi informs that I not having authorization to enter in the site.
Somebody would know to say the reason?
My development environment setup is:
/WEB-INF/applicationContext-Acegi.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC
"-//SPRING//DTD BEAN//EN"
"http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<bean id="authenticationDao"
class="....classes.dao.hibernate.AuthenticationHibernateD ao">
<property name="sessionFactory">
<ref bean="sessionFactory" />
</property>
</bean>
<bean id="filterInvocationInterceptor"
class="net.sf.acegisecurity.intercept.web.FilterSecurityI nterceptor">
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="accessDecisionManager">
<ref bean="accessDecisionManager"/>
</property>
<property name="objectDefinitionSource">
<value>CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/secure/**=ROLE_USER</value>
</property>
</bean>
<bean id="daoAuthenticationProvider"
class="net.sf.acegisecurity.providers.dao.DaoAuthenticati onProvider">
<property name="authenticationDao">
<ref bean="authenticationDao"/>
</property>
<property name="userCache">
<ref bean="userCache"/>
</property>
</bean>
<bean id="userCache"
class="net.sf.acegisecurity.providers.dao.cache.EhCacheBa sedUserCache">
</bean>
<bean id="authenticationManager"
class="net.sf.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref bean="daoAuthenticationProvider"/>
</list>
</property>
</bean>
<bean id="roleVoter"
class="net.sf.acegisecurity.vote.RoleVoter"/>
<bean id="accessDecisionManager"
class="net.sf.acegisecurity.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions">
<value>false</value>
</property>
<property name="decisionVoters">
<list>
<ref bean="roleVoter"/>
</list>
</property>
</bean>
<bean id="authenticationProcessingFilter"
class="net.sf.acegisecurity.ui.webapp.AuthenticationProce ssingFilter">
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="authenticationFailureUrl">
<value>/login.jsp?login_error=1</value>
</property>
<property name="defaultTargetUrl">
<value>/</value>
</property>
<property name="filterProcessesUrl">
<value>/loginAction.do</value>
</property>
</bean>
<bean id="securityEnforcementFilter"
class="net.sf.acegisecurity.intercept.web.SecurityEnforce mentFilter">
<property name="filterSecurityInterceptor">
<ref bean="filterInvocationInterceptor"/>
</property>
<property name="authenticationEntryPoint">
<ref bean="authenticationProcessingFilterEntryPoint"/>
</property>
</bean>
<bean id="authenticationProcessingFilterEntryPoint"
class="net.sf.acegisecurity.ui.webapp.AuthenticationProce ssingFilterEntryPoint">
<property name="loginFormUrl">
<value>/login.jsp</value>
</property>
<property name="forceHttps">
<value>false</value>
</property>
</bean>
<bean id="autoIntegrationFilter"
class="net.sf.acegisecurity.ui.AutoIntegrationFilter"/>
</beans>
/WEB-INF/web.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<context-param>
<param-name>webAppRootKey</param-name>
<param-value>applog.root</param-value>
</context-param>
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j.properties</param-value>
</context-param>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/applicationContext.xml /WEB-INF/applicationContext-Acegi.xml</param-value>
</context-param>
<filter>
<filter-name>Acegi Authentication Processing Filter</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.ui.webapp.AuthenticationProce ssingFilter</param-value>
</init-param>
</filter>
<filter>
<filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.ui.AutoIntegrationFilter</param-value>
</init-param>
</filter>
<filter>
<filter-name>Acegi HTTP Request Security Filter</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.intercept.web.SecurityEnforce mentFilter</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Acegi Authentication Processing Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>Acegi HTTP Request Security Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListe ner</listener-class>
</listener>
<servlet>
<servlet-name>action</servlet-name>
<servlet-class>org.apache.struts.action.ActionServlet</servlet-class>
<init-param>
<param-name>config</param-name>
<param-value>/WEB-INF/struts-config.xml</param-value>
</init-param>
<init-param>
<param-name>debug</param-name>
<param-value>2</param-value>
</init-param>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>action</servlet-name>
<url-pattern>/do/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>20</session-timeout>
</session-config>
<!-- taglibs -->
</web-app>
....classes.dao.hibernate.AuthenticationHibernateD ao
package ....classes.dao.hibernate;
import ....classes.dao.hibernate.HibernateDAO;
import ....classes.vo.MyUserVO;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.providers.dao.*;
import org.apache.commons.logging.*;
import org.springframework.dao.DataAccessException;
import net.sf.acegisecurity.GrantedAuthorityImpl;
import net.sf.acegisecurity.GrantedAuthority;
public class AuthenticationHibernateDao extends HibernateDAO implements
AuthenticationDao {
private static Log log = LogFactory.getLog(AuthenticationHibernateDao.class );
public UserDetails loadUserByUsername(String username) throws
UsernameNotFoundException, DataAccessException {
if (log.isInfoEnabled()) {
log.info("User authentication for " + username);
}
MyUserVO myUser = new MyUserVO();
myUser.setlogin(username);
myUser = (MyUserVO) find(myUser, myUser.getlogin());
if (myUser != null) {
GrantedAuthority[] grantedAuthorities = {new GrantedAuthorityImpl("ROLE_USER")};
return new User(myUser.getlogin(),
myUser.getpassword(),
true,
grantedAuthorities);
}
if (log.isWarnEnabled()) {
log.warn("User [" + username + "] not found!");
}
throw new UsernameNotFoundException("User [" + username +
"] not found.");
}
}
login.jsp
<%@ page contentType="text/html; charset=iso-8859-1" %>
<%@ taglib uri="/WEB-INF/struts-bean.tld" prefix="bean" %>
<%@ taglib uri="/WEB-INF/struts-html.tld" prefix="html" %>
<%@ taglib uri="/WEB-INF/struts-logic.tld" prefix="logic" %>
<%@ taglib uri="/WEB-INF/c.tld" prefix="c" %>
<%@ page import="net.sf.acegisecurity.ui.AbstractProcessingFilter" %>
<%@ page import="net.sf.acegisecurity.AuthenticationException" %>
<html:html>
<head>
<title><bean:message key="title.appName"/></title>
<link href="tcisupply.css" rel="stylesheet" type="text/css">
</head>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<center>
<table width="140" height="88" border="0" cellpadding="0" cellspacing="0" class="font1">
<logic:messagesPresent>
<tr>
<td>
<span id="errorsHeader"><bean:message key="errors.validation.header"/></span>
<html:messages id="error">
<li><c:out value="${error}"/></li>
</html:messages>
<hr>
</td>
</tr>
</logic:messagesPresent>
<c:if test="${not empty param.login_error}">
<tr>
<td>
<font color="red">
<bean:message key="error.login"/>
</font>
</td>
</tr>
</c:if>
<c:if test="${empty param.login_error}">
<tr>
<td>
<bean:message key="login.caption"/>
</td>
</tr>
</c:if>
<tr>
<td height="1" width="140" align="justify" valign="top" class="font1">
<form action="<html:rewrite page='/loginAction.do'/>" method="POST">
<table>
<tr>
<td class="font1"><bean:message key="login.caption.login"/></td>
<td><input type='text' name='j_username' size="15" maxlength="15"/></td>
</tr>
<tr>
<td class="font1"><bean:message key="login.caption.password"/></td>
<td><input type='password' name='j_password' size="15" maxlength="15"/></td>
</tr>
</table>
<input name="Entrar" type="submit">
<input name="Limpar" type="reset">
</form>
</td>
</tr>
</table>
</center>
</body>
</html:html>
/WEB-INF/applog.log
DEBUG Thread-11 net.sf.acegisecurity.ui.AbstractProcessingFilter - Request is to process authentication
DEBUG Thread-11 net.sf.acegisecurity.providers.ProviderManager - Authentication attempt using net.sf.acegisecurity.providers.dao.DaoAuthenticati onProvider
DEBUG Thread-11 net.sf.ehcache.store.MemoryStore - ehCacheBasedUserCacheCache: MemoryStore miss for valentim
DEBUG Thread-11 net.sf.ehcache.Cache - ehCacheBasedUserCache cache - Miss
DEBUG Thread-11 net.sf.acegisecurity.providers.dao.cache.EhCacheBa sedUserCache - Cache hit: false; username: valentim
INFO Thread-11 ....classes.dao.hibernate.AuthenticationHibernateD ao - User authentication for valentim
INFO Thread-11 ....classes.dao.hibernate.HibernateDAO - Finding ValueObject [....classes.vo.MyUserVO@1b06a21[login=valentim]]
DEBUG Thread-11 org.springframework.orm.hibernate.SessionFactoryUt ils - Opening Hibernate session
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - opened session
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - loading [....classes.vo.MyUserVO#valentim]
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - attempting to resolve [....classes.vo.MyUserVO#valentim]
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - object not resolved in any cache [....classes.vo.MyUserVO#valentim]
DEBUG Thread-11 net.sf.hibernate.persister.EntityPersister - Materializing entity: [....classes.vo.MyUserVO#valentim]
DEBUG Thread-11 net.sf.hibernate.impl.BatcherImpl - about to open: 0 open PreparedStatements, 0 open ResultSets
DEBUG Thread-11 net.sf.hibernate.SQL - select MyUserVO0_.LOGIN as LOGIN0_, MyUserVO0_.PASSWORD as PASSWORD0_ from USERS MyUserVO0_ where MyUserVO0_.LOGIN=?
DEBUG Thread-11 net.sf.hibernate.impl.BatcherImpl - preparing statement
DEBUG Thread-11 net.sf.hibernate.type.StringType - binding 'valentim' to parameter: 1
DEBUG Thread-11 net.sf.hibernate.loader.Loader - processing result set
DEBUG Thread-11 net.sf.hibernate.loader.Loader - result row: valentim
DEBUG Thread-11 net.sf.hibernate.loader.Loader - Initializing object from ResultSet: valentim
DEBUG Thread-11 net.sf.hibernate.loader.Loader - Hydrating entity: ....classes.vo.MyUserVO#valentim
DEBUG Thread-11 net.sf.hibernate.type.StringType - returning 'e2d5o0v3 ' as column: PASSWORD0_
DEBUG Thread-11 net.sf.hibernate.loader.Loader - done processing result set (1 rows)
DEBUG Thread-11 net.sf.hibernate.impl.BatcherImpl - done closing: 0 open PreparedStatements, 0 open ResultSets
DEBUG Thread-11 net.sf.hibernate.impl.BatcherImpl - closing statement
DEBUG Thread-11 net.sf.hibernate.loader.Loader - total objects hydrated: 1
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - resolving associations for [....classes.vo.MyUserVO#valentim]
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - done materializing entity [....classes.vo.MyUserVO#valentim]
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - initializing non-lazy collections
DEBUG Thread-11 org.springframework.orm.hibernate.HibernateTemplat e - Eagerly flushing Hibernate session
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - flushing session
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - Flushing entities and processing referenced collections
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - Processing unreferenced collections
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - Scheduling collection removes/(re)creates/updates
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - Flushed: 0 insertions, 0 updates, 0 deletions to 1 objects
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - Flushed: 0 (re)creations, 0 updates, 0 removals to 0 collections
DEBUG Thread-11 net.sf.hibernate.impl.Printer - listing entities:
DEBUG Thread-11 net.sf.hibernate.impl.Printer - ....classes.vo.MyUserVO{password=******** , login=valentim}
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - executing flush
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - post flush
DEBUG Thread-11 org.springframework.orm.hibernate.SessionFactoryUt ils - Closing Hibernate session
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - closing session
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - disconnecting session
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - transaction completion
DEBUG Thread-11 org.springframework.web.context.support.XmlWebAppl icationContext - Publishing event in context [Root XmlWebApplicationContext]: net.sf.acegisecurity.providers.dao.event.Authentic ationFailurePasswordEvent[source=net.sf.acegisecurity.providers.UsernamePass wordAuthenticationToken@187f9f1: Username: valentim; Password: [PROTECTED]; Authenticated: false; Details: 127.0.0.1; Not granted any authorities]
DEBUG Thread-11 net.sf.acegisecurity.ui.AbstractProcessingFilter - Authentication request failed: net.sf.acegisecurity.BadCredentialsException: Bad credentials presented
DEBUG Thread-10 net.sf.acegisecurity.ui.AbstractIntegrationFilter - Authentication not added to ContextHolder (could not extract an authentication object from the container which is an instance of Authentication)
DEBUG Thread-10 net.sf.acegisecurity.intercept.web.PathBasedFilter InvocationDefinitionMap - Converted URL to lowercase, from: 'org.apache.coyote.tomcat4.CoyoteRequestFacade@f05 2d5'; to: '/login.jsp?login_error=1'
DEBUG Thread-10 net.sf.acegisecurity.intercept.web.PathBasedFilter InvocationDefinitionMap - Candidate is: '/login.jsp?login_error=1'; pattern is /secure/**; matched=false
DEBUG Thread-10 net.sf.acegisecurity.intercept.AbstractSecurityInt erceptor - Public object - authentication not attempted
DEBUG Thread-10 org.apache.struts.util.PropertyMessageResources - getMessage(pt_BR,error.login)
DEBUG Thread-10 org.apache.struts.util.PropertyMessageResources - loadLocale(pt_BR)
DEBUG Thread-10 org.apache.struts.util.PropertyMessageResources - loadLocale(pt)
DEBUG Thread-10 org.apache.struts.util.PropertyMessageResources - loadLocale()
DEBUG Thread-10 net.sf.acegisecurity.intercept.web.SecurityEnforce mentFilter - Chain processed normally
I hope that this detailed description of the development environment also helps other users to implement yours sites using Acegi
I have the following problem: I implemented the AuthenticationDao interface and I get the correct information of my user in the database, but acegi informs that I not having authorization to enter in the site.
Somebody would know to say the reason?
My development environment setup is:
/WEB-INF/applicationContext-Acegi.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC
"-//SPRING//DTD BEAN//EN"
"http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<bean id="authenticationDao"
class="....classes.dao.hibernate.AuthenticationHibernateD ao">
<property name="sessionFactory">
<ref bean="sessionFactory" />
</property>
</bean>
<bean id="filterInvocationInterceptor"
class="net.sf.acegisecurity.intercept.web.FilterSecurityI nterceptor">
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="accessDecisionManager">
<ref bean="accessDecisionManager"/>
</property>
<property name="objectDefinitionSource">
<value>CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/secure/**=ROLE_USER</value>
</property>
</bean>
<bean id="daoAuthenticationProvider"
class="net.sf.acegisecurity.providers.dao.DaoAuthenticati onProvider">
<property name="authenticationDao">
<ref bean="authenticationDao"/>
</property>
<property name="userCache">
<ref bean="userCache"/>
</property>
</bean>
<bean id="userCache"
class="net.sf.acegisecurity.providers.dao.cache.EhCacheBa sedUserCache">
</bean>
<bean id="authenticationManager"
class="net.sf.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref bean="daoAuthenticationProvider"/>
</list>
</property>
</bean>
<bean id="roleVoter"
class="net.sf.acegisecurity.vote.RoleVoter"/>
<bean id="accessDecisionManager"
class="net.sf.acegisecurity.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions">
<value>false</value>
</property>
<property name="decisionVoters">
<list>
<ref bean="roleVoter"/>
</list>
</property>
</bean>
<bean id="authenticationProcessingFilter"
class="net.sf.acegisecurity.ui.webapp.AuthenticationProce ssingFilter">
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="authenticationFailureUrl">
<value>/login.jsp?login_error=1</value>
</property>
<property name="defaultTargetUrl">
<value>/</value>
</property>
<property name="filterProcessesUrl">
<value>/loginAction.do</value>
</property>
</bean>
<bean id="securityEnforcementFilter"
class="net.sf.acegisecurity.intercept.web.SecurityEnforce mentFilter">
<property name="filterSecurityInterceptor">
<ref bean="filterInvocationInterceptor"/>
</property>
<property name="authenticationEntryPoint">
<ref bean="authenticationProcessingFilterEntryPoint"/>
</property>
</bean>
<bean id="authenticationProcessingFilterEntryPoint"
class="net.sf.acegisecurity.ui.webapp.AuthenticationProce ssingFilterEntryPoint">
<property name="loginFormUrl">
<value>/login.jsp</value>
</property>
<property name="forceHttps">
<value>false</value>
</property>
</bean>
<bean id="autoIntegrationFilter"
class="net.sf.acegisecurity.ui.AutoIntegrationFilter"/>
</beans>
/WEB-INF/web.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<context-param>
<param-name>webAppRootKey</param-name>
<param-value>applog.root</param-value>
</context-param>
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j.properties</param-value>
</context-param>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/applicationContext.xml /WEB-INF/applicationContext-Acegi.xml</param-value>
</context-param>
<filter>
<filter-name>Acegi Authentication Processing Filter</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.ui.webapp.AuthenticationProce ssingFilter</param-value>
</init-param>
</filter>
<filter>
<filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.ui.AutoIntegrationFilter</param-value>
</init-param>
</filter>
<filter>
<filter-name>Acegi HTTP Request Security Filter</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.intercept.web.SecurityEnforce mentFilter</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Acegi Authentication Processing Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>Acegi HTTP Request Security Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListe ner</listener-class>
</listener>
<servlet>
<servlet-name>action</servlet-name>
<servlet-class>org.apache.struts.action.ActionServlet</servlet-class>
<init-param>
<param-name>config</param-name>
<param-value>/WEB-INF/struts-config.xml</param-value>
</init-param>
<init-param>
<param-name>debug</param-name>
<param-value>2</param-value>
</init-param>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>action</servlet-name>
<url-pattern>/do/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>20</session-timeout>
</session-config>
<!-- taglibs -->
</web-app>
....classes.dao.hibernate.AuthenticationHibernateD ao
package ....classes.dao.hibernate;
import ....classes.dao.hibernate.HibernateDAO;
import ....classes.vo.MyUserVO;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.providers.dao.*;
import org.apache.commons.logging.*;
import org.springframework.dao.DataAccessException;
import net.sf.acegisecurity.GrantedAuthorityImpl;
import net.sf.acegisecurity.GrantedAuthority;
public class AuthenticationHibernateDao extends HibernateDAO implements
AuthenticationDao {
private static Log log = LogFactory.getLog(AuthenticationHibernateDao.class );
public UserDetails loadUserByUsername(String username) throws
UsernameNotFoundException, DataAccessException {
if (log.isInfoEnabled()) {
log.info("User authentication for " + username);
}
MyUserVO myUser = new MyUserVO();
myUser.setlogin(username);
myUser = (MyUserVO) find(myUser, myUser.getlogin());
if (myUser != null) {
GrantedAuthority[] grantedAuthorities = {new GrantedAuthorityImpl("ROLE_USER")};
return new User(myUser.getlogin(),
myUser.getpassword(),
true,
grantedAuthorities);
}
if (log.isWarnEnabled()) {
log.warn("User [" + username + "] not found!");
}
throw new UsernameNotFoundException("User [" + username +
"] not found.");
}
}
login.jsp
<%@ page contentType="text/html; charset=iso-8859-1" %>
<%@ taglib uri="/WEB-INF/struts-bean.tld" prefix="bean" %>
<%@ taglib uri="/WEB-INF/struts-html.tld" prefix="html" %>
<%@ taglib uri="/WEB-INF/struts-logic.tld" prefix="logic" %>
<%@ taglib uri="/WEB-INF/c.tld" prefix="c" %>
<%@ page import="net.sf.acegisecurity.ui.AbstractProcessingFilter" %>
<%@ page import="net.sf.acegisecurity.AuthenticationException" %>
<html:html>
<head>
<title><bean:message key="title.appName"/></title>
<link href="tcisupply.css" rel="stylesheet" type="text/css">
</head>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<center>
<table width="140" height="88" border="0" cellpadding="0" cellspacing="0" class="font1">
<logic:messagesPresent>
<tr>
<td>
<span id="errorsHeader"><bean:message key="errors.validation.header"/></span>
<html:messages id="error">
<li><c:out value="${error}"/></li>
</html:messages>
<hr>
</td>
</tr>
</logic:messagesPresent>
<c:if test="${not empty param.login_error}">
<tr>
<td>
<font color="red">
<bean:message key="error.login"/>
</font>
</td>
</tr>
</c:if>
<c:if test="${empty param.login_error}">
<tr>
<td>
<bean:message key="login.caption"/>
</td>
</tr>
</c:if>
<tr>
<td height="1" width="140" align="justify" valign="top" class="font1">
<form action="<html:rewrite page='/loginAction.do'/>" method="POST">
<table>
<tr>
<td class="font1"><bean:message key="login.caption.login"/></td>
<td><input type='text' name='j_username' size="15" maxlength="15"/></td>
</tr>
<tr>
<td class="font1"><bean:message key="login.caption.password"/></td>
<td><input type='password' name='j_password' size="15" maxlength="15"/></td>
</tr>
</table>
<input name="Entrar" type="submit">
<input name="Limpar" type="reset">
</form>
</td>
</tr>
</table>
</center>
</body>
</html:html>
/WEB-INF/applog.log
DEBUG Thread-11 net.sf.acegisecurity.ui.AbstractProcessingFilter - Request is to process authentication
DEBUG Thread-11 net.sf.acegisecurity.providers.ProviderManager - Authentication attempt using net.sf.acegisecurity.providers.dao.DaoAuthenticati onProvider
DEBUG Thread-11 net.sf.ehcache.store.MemoryStore - ehCacheBasedUserCacheCache: MemoryStore miss for valentim
DEBUG Thread-11 net.sf.ehcache.Cache - ehCacheBasedUserCache cache - Miss
DEBUG Thread-11 net.sf.acegisecurity.providers.dao.cache.EhCacheBa sedUserCache - Cache hit: false; username: valentim
INFO Thread-11 ....classes.dao.hibernate.AuthenticationHibernateD ao - User authentication for valentim
INFO Thread-11 ....classes.dao.hibernate.HibernateDAO - Finding ValueObject [....classes.vo.MyUserVO@1b06a21[login=valentim]]
DEBUG Thread-11 org.springframework.orm.hibernate.SessionFactoryUt ils - Opening Hibernate session
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - opened session
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - loading [....classes.vo.MyUserVO#valentim]
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - attempting to resolve [....classes.vo.MyUserVO#valentim]
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - object not resolved in any cache [....classes.vo.MyUserVO#valentim]
DEBUG Thread-11 net.sf.hibernate.persister.EntityPersister - Materializing entity: [....classes.vo.MyUserVO#valentim]
DEBUG Thread-11 net.sf.hibernate.impl.BatcherImpl - about to open: 0 open PreparedStatements, 0 open ResultSets
DEBUG Thread-11 net.sf.hibernate.SQL - select MyUserVO0_.LOGIN as LOGIN0_, MyUserVO0_.PASSWORD as PASSWORD0_ from USERS MyUserVO0_ where MyUserVO0_.LOGIN=?
DEBUG Thread-11 net.sf.hibernate.impl.BatcherImpl - preparing statement
DEBUG Thread-11 net.sf.hibernate.type.StringType - binding 'valentim' to parameter: 1
DEBUG Thread-11 net.sf.hibernate.loader.Loader - processing result set
DEBUG Thread-11 net.sf.hibernate.loader.Loader - result row: valentim
DEBUG Thread-11 net.sf.hibernate.loader.Loader - Initializing object from ResultSet: valentim
DEBUG Thread-11 net.sf.hibernate.loader.Loader - Hydrating entity: ....classes.vo.MyUserVO#valentim
DEBUG Thread-11 net.sf.hibernate.type.StringType - returning 'e2d5o0v3 ' as column: PASSWORD0_
DEBUG Thread-11 net.sf.hibernate.loader.Loader - done processing result set (1 rows)
DEBUG Thread-11 net.sf.hibernate.impl.BatcherImpl - done closing: 0 open PreparedStatements, 0 open ResultSets
DEBUG Thread-11 net.sf.hibernate.impl.BatcherImpl - closing statement
DEBUG Thread-11 net.sf.hibernate.loader.Loader - total objects hydrated: 1
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - resolving associations for [....classes.vo.MyUserVO#valentim]
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - done materializing entity [....classes.vo.MyUserVO#valentim]
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - initializing non-lazy collections
DEBUG Thread-11 org.springframework.orm.hibernate.HibernateTemplat e - Eagerly flushing Hibernate session
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - flushing session
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - Flushing entities and processing referenced collections
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - Processing unreferenced collections
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - Scheduling collection removes/(re)creates/updates
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - Flushed: 0 insertions, 0 updates, 0 deletions to 1 objects
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - Flushed: 0 (re)creations, 0 updates, 0 removals to 0 collections
DEBUG Thread-11 net.sf.hibernate.impl.Printer - listing entities:
DEBUG Thread-11 net.sf.hibernate.impl.Printer - ....classes.vo.MyUserVO{password=******** , login=valentim}
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - executing flush
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - post flush
DEBUG Thread-11 org.springframework.orm.hibernate.SessionFactoryUt ils - Closing Hibernate session
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - closing session
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - disconnecting session
DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - transaction completion
DEBUG Thread-11 org.springframework.web.context.support.XmlWebAppl icationContext - Publishing event in context [Root XmlWebApplicationContext]: net.sf.acegisecurity.providers.dao.event.Authentic ationFailurePasswordEvent[source=net.sf.acegisecurity.providers.UsernamePass wordAuthenticationToken@187f9f1: Username: valentim; Password: [PROTECTED]; Authenticated: false; Details: 127.0.0.1; Not granted any authorities]
DEBUG Thread-11 net.sf.acegisecurity.ui.AbstractProcessingFilter - Authentication request failed: net.sf.acegisecurity.BadCredentialsException: Bad credentials presented
DEBUG Thread-10 net.sf.acegisecurity.ui.AbstractIntegrationFilter - Authentication not added to ContextHolder (could not extract an authentication object from the container which is an instance of Authentication)
DEBUG Thread-10 net.sf.acegisecurity.intercept.web.PathBasedFilter InvocationDefinitionMap - Converted URL to lowercase, from: 'org.apache.coyote.tomcat4.CoyoteRequestFacade@f05 2d5'; to: '/login.jsp?login_error=1'
DEBUG Thread-10 net.sf.acegisecurity.intercept.web.PathBasedFilter InvocationDefinitionMap - Candidate is: '/login.jsp?login_error=1'; pattern is /secure/**; matched=false
DEBUG Thread-10 net.sf.acegisecurity.intercept.AbstractSecurityInt erceptor - Public object - authentication not attempted
DEBUG Thread-10 org.apache.struts.util.PropertyMessageResources - getMessage(pt_BR,error.login)
DEBUG Thread-10 org.apache.struts.util.PropertyMessageResources - loadLocale(pt_BR)
DEBUG Thread-10 org.apache.struts.util.PropertyMessageResources - loadLocale(pt)
DEBUG Thread-10 org.apache.struts.util.PropertyMessageResources - loadLocale()
DEBUG Thread-10 net.sf.acegisecurity.intercept.web.SecurityEnforce mentFilter - Chain processed normally
I hope that this detailed description of the development environment also helps other users to implement yours sites using Acegi