Custom security filter.

I have created my own Filter, Provider and Authentication manager. Now I am trying to hook them up in my program.

My bean configuration file looks like

Code:

<bean id="securityFilterChain" class="org.springframework.security.web.FilterChainProxy"> <constructor-arg> <list> <security:filter-chain pattern="/**" filters="authFilter" /> </list> </constructor-arg> </bean> <bean id="authFilter" class="com.secure.provider.OpenAuthenticationFilter"> <property name="authenticationManager" ref="authManager" /> </bean> <bean id="authManager" class="com.secure.provider.OpenAuthenticationManager"> <constructor-arg> <list> <ref bean="xmlAuthProvider" /> </list> </constructor-arg> </bean> <bean id="xmlAuthProvider" class="com.secure.provider.OpenXMLAuthenticationProvider"> <constructor-arg index="0"> <value>"classpath:configurations/UserConfig.xml"</value> </constructor-arg> </bean>

In my web.xml

Code:

<filter> <filter-name>securityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>securityFilterChain</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> </filter-mapping>

In my implementation for filter

Code:

public class OpenAuthenticationFilter extends AbstractAuthenticationProcessingFilter { private final static String USERNAME_KEY = "username"; private final static String PASSWORD_KEY = "password"; private final static String ACTION_URL = "/process_credentials"; private String usernameParameter = USERNAME_KEY; private String passwordParameter = PASSWORD_KEY; protected OpenAuthenticationFilter() { super(ACTION_URL); } @Override public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException { if (!request.getMethod().equals("POST")) { throw new AuthenticationServiceException( "Authentication method not supported: " + request.getMethod()); } /** * Time to get the user name and password details in the token */ String username = (String) request.getAttribute(usernameParameter); String password = (String) request.getAttribute(passwordParameter); /** * Trimmed user name */ OpenAuthenticationToken authentication = new OpenAuthenticationToken( username.trim(), password); /** * More information about the object in details */ authentication.setDetails(request); return this.getAuthenticationManager().authenticate(authentication); } }

I guess I am still missing something to complete the hooking from any login page that shall post to the /process_credentials URI.

Totally lost, can someone help?
- Saurabh

Handler - Request Mapping not found.

What I confirmed by enabling debug is that the Handler was not found.

DEBUG org.springframework.web.servlet.mvc.method.annotat ion.RequestMappingHandlerMapping - Did not find handler method for [/process_credentials]

Got it!

Found the solution, the debug was actually showing me what was missing and finally corrected the intercecpt URL defined for the filter chain and it now works!!