Problems with WebApplicationContext

[craigl]

Hello,

I'm new to acegi and spring so I'm probably doing something stupid. I hope someone reading this can point out what it is. I'm trying to use acegi to protect webservices that are provided with Apache-Axis.

I've tried to follow the examples as close as possible but everytime I deploy my war file I get the following exception:

java.lang.IllegalStateException: Root context attribute is not of type WebApplicationContext: org.springframework.web.context.support.XmlWebAppl icationContext:
displayName=[Root XmlWebApplicationContext]; startup date=[Wed Nov 03 08:10:42 MST 2004]; root of ApplicationContext hierarchy; config locations=[/WEB-INF/classes/securityApplicationContext.xml];
at org.springframework.web.context.support.WebApplica tionContextUtils.getWebApplicationContext(WebAppli cationContextUtils.java:64)

I can tell my web.xml file is being loaded and parsed but for some reason acegi/spring is unhappy with my securityApplicationContext.xml file.

I've attached both my web.xml and my securityApplicationContext.xml. Any help that can be provided would be appreciated.

Craig Lindley

Here is my web.xml file
<?xml version="1.0" encoding="ISO-8859-1"?>

<!DOCTYPE web-app
PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
"http://java.sun.com/j2ee/dtds/web-app_2.2.dtd">

<web-app>

<display-name>Cassatt Collage Webservices</display-name>

<!-- XML file that defines the root application context -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/classes/securityApplicationContext.xml</param-value>
</context-param>

<servlet>
<servlet-name>AxisServlet</servlet-name>
<display-name>Apache-Axis Servlet</display-name>
<servlet-class>
org.apache.axis.transport.http.AxisServlet
</servlet-class>
<load-on-startup>2</load-on-startup>
</servlet>

<servlet>
<servlet-name>AdminServlet</servlet-name>
<display-name>Axis Admin Servlet</display-name>
<servlet-class>
org.apache.axis.transport.http.AdminServlet
</servlet-class>
<load-on-startup>100</load-on-startup>
</servlet>

<servlet-mapping>
<servlet-name>AxisServlet</servlet-name>
<url-pattern>/servlet/AxisServlet</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>AxisServlet</servlet-name>
<url-pattern>/services/*</url-pattern>
</servlet-mapping>

<filter>
<filter-name>Acegi HTTP Request Security Filter</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>init</param-name>
<param-value>lazy</param-value>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.intercept.web.SecurityE nforcementFilter</param-value>
</init-param>
</filter>

<filter-mapping>
<filter-name>Acegi HTTP Request Security Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<mime-mapping>
<extension>wsdl</extension>
<mime-type>text/xml</mime-type>
</mime-mapping>

<mime-mapping>
<extension>xsd</extension>
<mime-type>text/xml</mime-type>
</mime-mapping>

<!-- Loads root application context of this web app at startup -->
<listener>
<listener-class>org.springframework.web.context.ContextLoade rListener</listener-class>
</listener>

</web-app>

here is my securityApplicationContext.xml:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">

<beans>

<!-- =================== SECURITY SYSTEM DEFINITIONS ================== -->
<bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderMana ger">
<property name="providers">
<list><ref bean="CassattAuthenticationProvider"/></list>
</property>
</bean>

<bean id="CassattAuthenticationProvider" class="com.cassatt.blt.security.CassattAuthenticat ionProvider"/>

<bean id="authorizationManager" class="net.sf.acegisecurity.vote.AffirmativeBased" >
<property name="allowIfAllAbstainDecisions"><value>false</value></property>
<property name="decisionVoters">
<list><ref bean="CassattAuthorizationVoter"/></list>
</property>
</bean>

<bean id="CassattAuthorizationVoter" class="com.cassatt.blt.security.CassattAuthorizati onVoter"/>

<!-- ===================== HTTP REQUEST SECURITY ==================== -->
<bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.Security EnforcementFilter">
<property name="filterSecurityInterceptor"><ref bean="filterInvocationInterceptor"/></property>
</bean>

<bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSe curityInterceptor">
<property name="authenticationManager"><ref bean="authenticationManager"/></property>
<property name="accessDecisionManager"><ref bean="authorizationManager"/></property>
</bean>

</beans>

[Ben Alex]

Is <listener> valid for a 2.2 DTD? Maybe try using http://java.sun.com/dtd/web-app_2_3.dtd as your DTD.

[craigl]

I made the change to the dtd version with no affect.

I added lazy init for the SecurityEnforcementFilter in the web.xml file and now my webservices come up again but as soon as I hit the URL specified in the filter mapping for the Acegi HTTP Request Security Filter I get the same error. I know the applicationContext is being loaded correctly because I can see it in the tomcat log files.

I don't understand why this exception is being thrown when XmlWebApplicationContext is implements WebApplicationContext.

[Ben Alex]

Is something maybe wrong with your classpath? I've seen similar things, where I get errors like "Foo is not an instance of Foo" and it turns out Foo (#1) was in a JAR in a higher classloader than Foo (#2). Do you have multiple spring.jars laying around? Or the classes included in several JARs?

[craigl]

Ben,

Yes I came to the same conclusion and did infact find multiple spring jars in my classpath and that was the problem.

Thanks for the help and the great productt

Craig Lindley