Results 1 to 2 of 2

Thread: spring security pre_auth_filter not working

  1. Jun 7th, 2012, 12:37 AM #1
    samwillkingson
    samwillkingson is offline Junior Member
    Join Date
    Jun 2012
    Posts
    1

    Unhappy spring security pre_auth_filter not working

    Hi, all,
    I am trying to integrate spring security 3.07 with Shibboleth/apache 2. The user is preauthenticated and stored in REMOTE_USER header. I would like to use spring security for authorization purpose only using database. Here is the configuration file but always got no authentication provider error.

    ************************************************** *******************************

    <?xml version="1.0" encoding="UTF-8"?>

    <beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schem...-beans-3.0.xsd
    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">

    <http auto-config="false" entry-point-ref="http403ForbiddenEntryPoint">

    <intercept-url pattern="/**" access="hasRole('ROLE_USER')"/>

    <logout invalidate-session="true" logout-success-url="http://localhost/Shibboleth.sso/Logout" logout-url="/logout"/>

    <custom-filter ref="ShibbolethHeaderFilter" position="PRE_AUTH_FILTER"/>


    </http>

    v
    <beans:bean id="http403ForbiddenEntryPoint" class="org.springframework.security.web.authentica tion.Http403ForbiddenEntryPoint" />

    <beans:bean id="ShibbolethHeaderFilter" class="org.springframework.security.web.authentica tion.preauth.RequestHeaderAuthenticationFilter">
    <beans:property name="principalRequestHeader" value="REMOTE_USER"/>
    <beans:property name="authenticationManager" ref="authenticationManager" />

    </beans:bean>



    <beans:bean id="preauthAuthProvider"
    class="org.springframework.security.web.authentica tion.preauth.PreAuthenticatedAuthenticationProvide r">
    <beans:property name="preAuthenticatedUserDetailsService" ref="myUserDetailsService" />
    </beans:bean>


    <authentication-manager alias="authenticationManager">
    <authentication-provider ref="preauthAuthProvider"/>
    </authentication-manager>

    <beans:bean class="com.auth.MyUserDetailsService" id="myUserDetailsService">
    <beans:property name="userDao" ref="userdbDaoImpl"/>
    </beans:bean>

    </beans:beans>

    ************************************************** *******

    Always get error message: No Authentication providers are found in the context.

    org.springframework.web.context.ContextLoader 2012-06-07 01:14:13,507 -- ERROR -- Context initialization failed
    org.springframework.beans.factory.BeanCreationExce ption: Error creating bean with name '_authenticationManager': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: No authentication providers were found in the application context
    at org.springframework.beans.factory.support.Abstract AutowireCapableBeanFactory.initializeBean(Abstract AutowireCapableBeanFactory.java:1338)
    at org.springframework.beans.factory.support.Abstract AutowireCapableBeanFactory.doCreateBean(AbstractAu towireCapableBeanFactory.java:473)
    at org.springframework.beans.factory.support.Abstract AutowireCapableBeanFactory$1.run(AbstractAutowireC apableBeanFactory.java:409)
    at java.security.AccessController.doPrivileged(Native Method)
    at org.springframework.beans.factory.support.Abstract AutowireCapableBeanFactory.createBean(AbstractAuto wireCapableBeanFactory.java:380)
    at org.springframework.beans.factory.support.Abstract BeanFactory$1.getObject(AbstractBeanFactory.java:2 64)
    at org.springframework.beans.factory.support.DefaultS ingletonBeanRegistry.getSingleton(DefaultSingleton BeanRegistry.java:222)
    at org.springframework.beans.factory.support.Abstract BeanFactory.doGetBean(AbstractBeanFactory.java:261 )
    at org.springframework.beans.factory.support.Abstract BeanFactory.getBean(AbstractBeanFactory.java:185)
    at org.springframework.beans.factory.support.Abstract BeanFactory.getBean(AbstractBeanFactory.java:164)
    at org.springframework.beans.factory.support.DefaultL istableBeanFactory.preInstantiateSingletons(Defaul tListableBeanFactory.java:429)
    at org.springframework.context.support.AbstractApplic ationContext.finishBeanFactoryInitialization(Abstr actApplicationContext.java:728)
    at org.springframework.context.support.AbstractApplic ationContext.refresh(AbstractApplicationContext.ja va:380)
    at org.springframework.web.context.ContextLoader.crea teWebApplicationContext(ContextLoader.java:255)
    at org.springframework.web.context.ContextLoader.init WebApplicationContext(ContextLoader.java:199)
    at org.springframework.web.context.ContextLoaderListe ner.contextInitialized(ContextLoaderListener.java: 45)
    at org.apache.catalina.core.StandardContext.listenerS tart(StandardContext.java:3843)
    at org.apache.catalina.core.StandardContext.start(Sta ndardContext.java:4350)
    at org.apache.catalina.core.ContainerBase.addChildInt ernal(ContainerBase.java:791)
    at org.apache.catalina.core.ContainerBase.addChild(Co ntainerBase.java:771)
    at org.apache.catalina.core.StandardHost.addChild(Sta ndardHost.java:525)
    at org.apache.catalina.startup.HostConfig.deployDescr iptor(HostConfig.java:626)
    at org.apache.catalina.startup.HostConfig.deployDescr iptors(HostConfig.java:553)
    at org.apache.catalina.startup.HostConfig.deployApps( HostConfig.java:488)
    at org.apache.catalina.startup.HostConfig.start(HostC onfig.java:1147)
    at org.apache.catalina.startup.HostConfig.lifecycleEv ent(HostConfig.java:311)
    at org.apache.catalina.util.LifecycleSupport.fireLife cycleEvent(LifecycleSupport.java:117)
    at org.apache.catalina.core.ContainerBase.start(Conta inerBase.java:1053)
    at org.apache.catalina.core.StandardHost.start(Standa rdHost.java:719)
    at org.apache.catalina.core.ContainerBase.start(Conta inerBase.java:1045)
    at org.apache.catalina.core.StandardEngine.start(Stan dardEngine.java:443)
    at org.apache.catalina.core.StandardService.start(Sta ndardService.java:516)
    at org.apache.catalina.core.StandardServer.start(Stan dardServer.java:710)
    at org.apache.catalina.startup.Catalina.start(Catalin a.java:578)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Nativ e Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Native MethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(De legatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.apache.catalina.startup.Bootstrap.start(Bootst rap.java:288)
    at org.apache.catalina.startup.Bootstrap.main(Bootstr ap.java:413)
    Caused by: java.lang.IllegalArgumentException: No authentication providers were found in the application context
    at org.springframework.util.Assert.notEmpty(Assert.ja va:268)


    Don't know why the authentication provider is not never invoked. Thanks for your help.

    Sam
    Last edited by samwillkingson; Jun 7th, 2012 at 12:41 AM.
    Reply With Quote Reply With Quote
  2. Jun 7th, 2012, 10:14 AM #2
    Rob Winch
    Rob Winch is offline Senior Member Spring Team
    Join Date
    Jan 2008
    Posts
    1,826

    Default

    What file(s) are you placing the configurations in. What does your web.xml look like? Have you tried enabling debug logging to ensure all your configuration is getting picked up?

    PS In the future please use code tags as this makes the post easier to read.
    Rob Winch - @rob_winch
    Spring Security Lead
    Pivotal
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules