Results 1 to 10 of 18

Thread: oauth 2 An Authentication object was not found in the SecurityContext

Threaded View

  1. Mar 3rd, 2012, 07:20 AM #1
    cybertop
    cybertop is offline Junior Member
    Join Date
    Jan 2012
    Posts
    3

    Default oauth 2 An Authentication object was not found in the SecurityContext

    Hi,

    I'm trying to replicate the OAuth 2.0 authentication sparklr example in my application, when i run a test end call /app/oauth/token resurce I get 401 error: An Authentication object was not found in the SecurityContext.

    I try to change /app/* with /* in web.xml it work fine. I can not understand what could be the problem

    My security context
    Code:
    	<http pattern="/app/oauth/token" create-session="never" authentication-manager-ref="clientAuthenticationManager"xmlns="http://www.springframework.org/schema/security">
		<intercept-url pattern="/app/oauth/token" access="IS_AUTHENTICATED_FULLY" />
		<anonymous enabled="false" />
		<http-basic />
		<custom-filter ref="clientCredentialsTokenEndpointFilter" before="BASIC_AUTH_FILTER" />
		<access-denied-handler ref="oauthAccessDeniedHandler" />
	</http>
	<http access-denied-page="/app/pub/login.htm" xmlns="http://www.springframework.org/schema/security">
		<intercept-url pattern="/app/oauth/**" access="ROLE_USER" />
		<intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
		<form-login authentication-failure-url="/app/pub/login.htm?login_error=1" login-page="/app/pub/login.htm" authentication-success-handler-ref="roleBasedTargetUrl" login-processing-url="/app/pub/login/login_security_check.do" />
		<logout logout-success-url="/app/pub/home.htm" invalidate-session="true"   		logout-url="/app/secure/logout"/>
		<anonymous />
	</http>

	<bean id="oauthAuthenticationEntryPoint" class="org.springframework.security.oauth2.provider.error.MediaTypeAwareAuthenticationEntryPoint">
		<property name="realmName" value="FantaGameBE" />
	</bean>

	<bean id="oauthAccessDeniedHandler" class="org.springframework.security.oauth2.provider.error.MediaTypeAwareAccessDeniedHandler" />
	<bean id="clientCredentialsTokenEndpointFilter" class="org.springframework.security.oauth2.provider.filter.ClientCredentialsTokenEndpointFilter">
		<property name="authenticationManager" ref="clientAuthenticationManager" />
	</bean>

	<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased" xmlns="http://www.springframework.org/schema/beans">
		<constructor-arg>
			<list>
				<bean class="org.springframework.security.oauth2.provider.vote.ScopeVoter" />
				<bean class="org.springframework.security.access.vote.RoleVoter" />
				<bean class="org.springframework.security.access.vote.AuthenticatedVoter" />
			</list>
		</constructor-arg>
	</bean>

	<authentication-manager id="clientAuthenticationManager" xmlns="http://www.springframework.org/schema/security">
		<authentication-provider user-service-ref="clientDetailsUserService" />
	</authentication-manager>

    <authentication-manager xmlns="http://www.springframework.org/schema/security">
    	<authentication-provider ref="authenticationProvider"/>
    </authentication-manager>
    
    <bean id="authenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
        <property name="passwordEncoder">
            <bean class="org.springframework.security.authentication.encoding.ShaPasswordEncoder" >
            	<constructor-arg value="256"/>
            </bean>
        </property>
        <property name="saltSource" ref="saltSource"/>
        <property name="userDetailsService" ref="userDetailsService" />
    </bean>
    <bean id="userDetailsService" 	class="com.fantagame.be.application.security.UserDetailsServiceImp"/>
     <bean id="saltSource" class="org.springframework.security.authentication.dao.ReflectionSaltSource">
		<property name="userPropertyToUse" value="getNick" />
	</bean>

	<bean id="clientDetailsUserService" class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
		<constructor-arg ref="clientDetails" />
	</bean>

	<bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.InMemoryTokenStore" />

	<bean id="tokenServices" class="org.springframework.security.oauth2.provider.token.RandomValueTokenServices">
		<property name="tokenStore" ref="tokenStore" />
		<property name="supportRefreshToken" value="true" />
	</bean>

	<bean id="userApprovalHandler" class="com.fantagame.be.application.security.oauth.SparklrUserApprovalHandler">
		<property name="autoApproveClients">
			<set>
				<value>my-less-trusted-autoapprove-client</value>
			</set>
		</property>
		<property name="tokenServices" ref="tokenServices" />
	</bean>

	<oauth:authorization-server client-details-service-ref="clientDetails" token-services-ref="tokenServices"user-approval-handler-ref="userApprovalHandler" user-approval-page="oauth/confirm_access" >
		<oauth:authorization-code />
		<oauth:implicit />
		<oauth:refresh-token />
		<oauth:client-credentials />
		<oauth:password />
	</oauth:authorization-server>

	<oauth:resource-server id="resourceServerFilter" resource-id="fantagame" token-services-ref="tokenServices" />

	<oauth:client-details-service id="clientDetails">
		<oauth:client client-id="my-trusted-client" 							authorized-grant-types="password,authorization_code,refresh_token,implicit"	authorities="ROLE_CLIENT, ROLE_TRUSTED_CLIENT" scope="read,write,trust" />
		<oauth:client client-id="my-trusted-client-with-secret" 				authorized-grant-types="password,authorization_code,refresh_token,implicit" authorities="ROLE_CLIENT" secret="somesecret" />
		<oauth:client client-id="my-less-trusted-client" 						authorized-grant-types="authorization_code,implicit"	authorities="ROLE_CLIENT" />
		<oauth:client client-id="my-less-trusted-autoapprove-client" 			authorized-grant-types="implicit" 		authorities="ROLE_CLIENT" />
		<oauth:client client-id="my-client-with-registered-redirect" 			authorized-grant-types="authorization_code,client_credentials" 	authorities="ROLE_CLIENT" redirect-uri="http://anywhere" scope="read,trust" />
		<oauth:client client-id="my-untrusted-client-with-registered-redirect" 	authorized-grant-types="authorization_code" authorities="ROLE_CLIENT" redirect-uri="http://anywhere" scope="read" />
		<oauth:client client-id="tonr" resource-ids="sparklr" 					authorized-grant-types="authorization_code" authorities="ROLE_CLIENT" scope="read,write" secret="secret" />
	</oauth:client-details-service>

	<sec:global-method-security pre-post-annotations="enabled" proxy-target-class="false">
		<sec:expression-handler ref="oauthExpressionHandler" />
	</sec:global-method-security>

	<oauth:expression-handler id="oauthExpressionHandler" />

	<bean id="adminController" class="com.fantagame.be.business.controller.AdminController">
		<property name="userApprovalHandler" ref="userApprovalHandler" />
	</bean>
	<bean id="accessConfirmationController" class="com.fantagame.be.business.controller.AccessConfirmationController">
		<property name="clientDetailsService" ref="clientDetails" />
	</bean>
	<bean id="loadRSAKey" 			class="com.fantagame.be.application.security.LoadRSAPrivateKey">
		<property name="path" value="classpath:privateKey.ky"/>
	</bean>	
	<bean id="roleBasedTargetUrl" 	class="com.fantagame.be.application.security.RoleBasedTargetUrl" />
	<bean class="org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler" />
    this my web.xml
    Code:
    <listener>
        <listener-class>
            org.springframework.web.context.ContextLoaderListener
        </listener-class>
   </listener>
   
  	<servlet>
		<servlet-name>FantaGameBE</servlet-name>
		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
		<init-param>
			<param-name>contextConfigLocation</param-name>
			<param-value></param-value>			
		</init-param>
		<load-on-startup>1</load-on-startup>
	</servlet>
	
	<context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>
            /WEB-INF/spring/web-application-context.xml
        </param-value>
    </context-param>
 
 	<servlet-mapping>
    	<servlet-name>FantaGameBE</servlet-name>
    	<url-pattern>/app/*</url-pattern>
 	</servlet-mapping>

	<!-- Datasource connection -->
	<resource-ref>
		<description>Fantagame DataSource connection</description>
		<res-ref-name>jdbc/fantagameDB</res-ref-name>
		<res-type>javax.sql.DataSource</res-type>
		<res-auth>Container</res-auth>
	 </resource-ref>

<!-- Log4J Configuration 	-->
	<listener>
  		<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
	</listener>
	
	<context-param>
  		<param-name>log4jConfigLocation</param-name>
  		<param-value>/WEB-INF/classes/log4j.xml</param-value>
	</context-param>
	
<!-- Internationalization	-->
	 <filter>
	    <filter-name>encoding-filter</filter-name>
	    <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
	    <init-param>
	        <param-name>encoding</param-name>
	        <param-value>UTF-8</param-value>
	    </init-param>
	</filter>
	
	<filter-mapping>
	    <filter-name>encoding-filter</filter-name>
	    <url-pattern>/app/*</url-pattern>
	</filter-mapping>
	
		<filter>
		<filter-name>springSecurityFilterChain</filter-name>
		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
		<init-param>
			<param-name>contextAttribute</param-name>
			<param-value>org.springframework.web.servlet.FrameworkServlet.CONTEXT.FantaGameBE</param-value>
		</init-param>
	</filter>

	<filter-mapping>
		<filter-name>springSecurityFilterChain</filter-name>
		<url-pattern>/app/*</url-pattern>
	</filter-mapping>
    How can i resolve this problem ?

    Thnaks a lot
    Last edited by cybertop; Mar 3rd, 2012 at 04:22 PM. Reason: Resolve
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules