Custom security filter.
I have created my own Filter, Provider and Authentication manager. Now I am trying to hook them up in my program.
My bean configuration file looks like
In my web.xmlCode:<bean id="securityFilterChain" class="org.springframework.security.web.FilterChainProxy"> <constructor-arg> <list> <security:filter-chain pattern="/**" filters="authFilter" /> </list> </constructor-arg> </bean> <bean id="authFilter" class="com.secure.provider.OpenAuthenticationFilter"> <property name="authenticationManager" ref="authManager" /> </bean> <bean id="authManager" class="com.secure.provider.OpenAuthenticationManager"> <constructor-arg> <list> <ref bean="xmlAuthProvider" /> </list> </constructor-arg> </bean> <bean id="xmlAuthProvider" class="com.secure.provider.OpenXMLAuthenticationProvider"> <constructor-arg index="0"> <value>"classpath:configurations/UserConfig.xml"</value> </constructor-arg> </bean>
In my implementation for filterCode:<filter> <filter-name>securityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>securityFilterChain</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> </filter-mapping>
I guess I am still missing something to complete the hooking from any login page that shall post to the /process_credentials URI.Code:public class OpenAuthenticationFilter extends AbstractAuthenticationProcessingFilter { private final static String USERNAME_KEY = "username"; private final static String PASSWORD_KEY = "password"; private final static String ACTION_URL = "/process_credentials"; private String usernameParameter = USERNAME_KEY; private String passwordParameter = PASSWORD_KEY; protected OpenAuthenticationFilter() { super(ACTION_URL); } @Override public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException { if (!request.getMethod().equals("POST")) { throw new AuthenticationServiceException( "Authentication method not supported: " + request.getMethod()); } /** * Time to get the user name and password details in the token */ String username = (String) request.getAttribute(usernameParameter); String password = (String) request.getAttribute(passwordParameter); /** * Trimmed user name */ OpenAuthenticationToken authentication = new OpenAuthenticationToken( username.trim(), password); /** * More information about the object in details */ authentication.setDetails(request); return this.getAuthenticationManager().authenticate(authentication); } }
Totally lost, can someone help?
- Saurabh
Reply With Quote
Handler - Request Mapping not found.
Got it!
