Results 1 to 3 of 3

Thread: Getting "Principal required as per interface" during authentication

  1. Feb 20th, 2011, 03:48 AM #1
    mhchai
    mhchai is offline Junior Member
    Join Date
    Feb 2011
    Posts
    2

    Thumbs down Getting "Principal required as per interface" during authentication

    Spring Security v2.0.4

    System throw me this error during authentication.

    Caused by: java.lang.IllegalArgumentException: Principal required as per interface contract
    at org.springframework.util.Assert.notNull(Assert.jav a:112)
    at org.springframework.security.concurrent.SessionReg istryImpl.registerNewSession(SessionRegistryImpl.j ava:120)
    at org.springframework.security.concurrent.Concurrent SessionControllerImpl.registerSuccessfulAuthentica tion(ConcurrentSessionControllerImpl.java:143)
    at org.springframework.security.providers.ProviderMan ager.doAuthentication(ProviderManager.java:206)
    at org.springframework.security.AbstractAuthenticatio nManager.authenticate(AbstractAuthenticationManage r.java:46)
    at affin.cib.web.secutiry.filter.AuthenticationProces sFilter.attemptAuthentication(AuthenticationProces sFilter.java:162)
    at affin.cib.web.secutiry.filter.AuthenticationProces sFilter.doFilterHttp(AuthenticationProcessFilter.j ava:62)
    at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
    at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
    at org.springframework.security.ui.logout.LogoutFilte r.doFilterHttp(LogoutFilter.java:89)
    at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
    at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
    at affin.cib.web.secutiry.context.SecurityContextDeta ilsFilter.doFilterHttp(SecurityContextDetailsFilte r.java:41)
    at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
    at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
    at org.springframework.security.context.HttpSessionCo ntextIntegrationFilter.doFilterHttp(HttpSessionCon textIntegrationFilter.java:235)
    at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
    at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
    at org.springframework.security.concurrent.Concurrent SessionFilter.doFilterHttp(ConcurrentSessionFilter .java:99)
    at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
    at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
    at org.springframework.security.util.FilterChainProxy .doFilter(FilterChainProxy.java:175)
    at org.springframework.web.filter.DelegatingFilterPro xy.invokeDelegate(DelegatingFilterProxy.java:236)
    at org.springframework.web.filter.DelegatingFilterPro xy.doFilter(DelegatingFilterProxy.java:167)

    This is my applicationContext-security.xml
    <?xml version="1.0" encoding="UTF-8"?>
    <beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:security="http://www.springframework.org/schema/security"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schem...-beans-2.5.xsd
    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.2.xsd">

    <security:global-method-security secured-annotations="enabled"/>
    <security:authentication-manager alias="authenticationManager"/>

    <alias name="loginControlManager" alias="loginControlManager"/>
    <!-- <alias name="messageExceptionResolver" alias="messageExceptionResolverService"/>-->


    <security:http access-denied-page="/403_system.jsp" session-fixation-protection="newSession"
    entry-point-ref="authenticationProcessingFilterEntryPoint"
    access-decision-manager-ref="accessDecisionManager">
    <security:intercept-url pattern="/images/**" filters="none"/>
    <security:intercept-url pattern="/css/**" filters="none"/>
    <security:intercept-url pattern="/styles/**" filters="none"/>
    <security:intercept-url pattern="/public/**" filters="none"/>
    <security:intercept-url pattern="/login*" filters="none"/>
    <security:intercept-url pattern="/logout*" filters="none"/>
    <security:intercept-url pattern="/common/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
    <security:intercept-url pattern="/common2/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
    <security:intercept-url pattern="/app/**" access="IS_AUTHORISED_SERVICE"/>

    <security:logout logout-url="/j_security_logout"
    logout-success-url="/logout.html" />
    <security:concurrent-session-control expired-url="/session_expired.jsp" />
    <security:http-basic/>
    </security:http>

    <bean id="authenticationProcessingFilterEntryPoint"
    class="org.springframework.security.ui.webapp.Auth enticationProcessingFilterEntryPoint">
    <property name="loginFormUrl" value="/login.html" />
    <property name="forceHttps" value="${url.forceHttps}" />
    <property name="serverSideRedirect" value="${url.serverSideRedirect}" />
    </bean>

    <bean id="securityContextFilter" class="affin.cib.web.secutiry.context.SecurityCont extDetailsFilter">
    <security:custom-filter after="SESSION_CONTEXT_INTEGRATION_FILTER"/>
    </bean>

    <bean id="authenticationProcessingFilter" class="affin.cib.web.secutiry.filter.Authenticatio nProcessFilter">
    <security:custom-filter position="AUTHENTICATION_PROCESSING_FILTER" />
    <property name="authenticationManager" ref="authenticationManager" />
    <property name="authenticationFailureUrl" value="/login.html?error=1 "/>
    <property name="defaultTargetUrl" value="/common/landing.html" />
    <property name="filterProcessesUrl" value="/j_security_check" />
    <property name="alwaysUseDefaultTargetUrl" value="true" />
    <!--
    <property name="invalidateSessionOnSuccessfulAuthentication" value="true" />
    -->
    <property name="loginHandler">
    <bean class="affin.cib.web.secutiry.LoginHandlerImpl" >
    <property name="loginControlManager" ref="loginControlManager" />
    <property name="tokenProvider" ref="tokenProvider" />
    <property name="saltEncryptor" ref="saltEncryptor"></property>
    </bean>
    </property>
    <!-- <property name="exceptionResolver" ref="messageExceptionResolverService"/> -->

    </bean>

    <bean id="accessDecisionManager" class="org.springframework.security.vote.Affirmati veBased">
    <property name="allowIfAllAbstainDecisions" value="false"/>
    <property name="decisionVoters">
    <list>
    <bean class="org.springframework.security.vote.Authentic atedVoter"/>
    <bean class="affin.cib.web.secutiry.ServiceVoter"/>
    </list>
    </property>
    </bean>

    <bean id="authenticationProvider"
    class="affin.cib.web.secutiry.SupportCenterAuthent icationProvider">
    <security:custom-authentication-provider />
    <property name="loginControlManager" ref="loginControlManager" />
    <property name="allowMultipleLoginSession" value="${url.allowMultipleLoginSession}" />
    </bean>

    <bean id="messageSource" class="org.springframework.context.support.Reloada bleResourceBundleMessageSource">
    <property name="basename" value="classpath:SecurityResources"/>
    </bean>

    <bean id="saltEncryptor" class="affin.cib.web.common.security.crypto.AESSal tEncryptor"/>


    <bean id="userAuthenticationManager" class="affin.cib.web.secutiry.UserAuthenticationMa nagerImpl">
    <property name="authenticationProvider" ref="authenticationProvider"/>
    <property name="loginControlManager" ref="loginControlManager" />
    </bean>
    </beans>
    Any idea how to fix this problem ?
    Reply With Quote Reply With Quote
  2. Feb 20th, 2011, 04:42 AM #2
    pmularien
    pmularien is offline Senior Member
    Join Date
    Sep 2004
    Location
    Manchester, NH
    Posts
    1,236

    Default

    Looks like your custom AuthenticationProvider ('affin.cib.web.secutiry.SupportCenterAuthenticati onProvider') is not correctly setting the principal field of the Authentication object after successfully authenticating the user. This is part of the contract (ref. Javadoc for AuthenticationProvider) for this interface.

    My guess is, if this error is recently introduced, someone just turned on the concurrent session control feature of the framework.
    Peter Mularien | Blog
    Author, Spring Security 3 (Book) - Packt Publishing, Available in print and eBook form
    SCJP 5, Oracle DBA
    Any postings are my own opinion, and should not be attributed to my employer or clients.
    Reply With Quote Reply With Quote
  3. Feb 20th, 2011, 06:21 AM #3
    mhchai
    mhchai is offline Junior Member
    Join Date
    Feb 2011
    Posts
    2

    Default

    Thx for the advise, Just found out that i didn't set the username to the custom UserDetails object.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules