Spring security login page HTTP 404

[ranajyotic]

I am new to spring security I have configured it using security namespace but getting 404 when I try to access the website. Need help urgently please. Here are the details.
web.xml

Code:

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">

	<!-- The definition of the Root Spring Container shared by all Servlets and Filters -->
	<context-param>
		<param-name>contextConfigLocation</param-name>
		<param-value>/WEB-INF/spring/root-context.xml</param-value>
	</context-param>
	<context-param>
		<param-name>log4jConfigLocation</param-name>
		<param-value>classpath:log4j.xml</param-value>
	</context-param>
	<!-- Creates the Spring Container shared by all Servlets and Filters -->
	<listener>
		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
	</listener>
    <!-- Initializes log4j -->
    <listener>
        <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
    </listener>
    
    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
	<!-- Processes application requests -->
	<servlet>
		<servlet-name>formVilleServlet</servlet-name>
		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
		<init-param>
			<param-name>contextConfigLocation</param-name>
			<param-value>/WEB-INF/spring/appServlet/servlet-context.xml</param-value>
		</init-param>
		<load-on-startup>1</load-on-startup>
	</servlet>
		
	<servlet-mapping>
		<servlet-name>formVilleServlet</servlet-name>
		<url-pattern>/</url-pattern>
	</servlet-mapping>
</web-app>

root-context.xml

Code:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:mvc="http://www.springframework.org/schema/mvc"
	xmlns:security="http://www.springframework.org/schema/security"	
	xsi:schemaLocation="http://www.springframework.org/schema/beans 
	                    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
	                    http://www.springframework.org/schema/mvc
	                    http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd
	                    http://www.springframework.org/schema/security	                    
                        http://www.springframework.org/schema/security/spring-security-3.1.xsd">
	
	<!-- Root Context: defines shared resources visible to all other web components -->
	<mvc:resources location="/resources/**" mapping="/resources/"/>

    <security:http>        
        <security:intercept-url pattern="/login.jsp*" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
        <security:intercept-url pattern="/**" access="ROLE_USER"/>
        <security:form-login login-page="/login.jsp"/>
    </security:http>
        
    <bean id="securityDataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
        <property name="driverClassName" value="org.firebirdsql.jdbc.FBDriver"/>
        <property name="url" value="jdbc:firebirdsql://localhost:3050:../classes/FORMVILLE.FDB"/>
        <property name="username" value="FORMVILLE"/>
        <property name="password" value="formville"/>
    </bean>
    <security:authentication-manager>
        <security:authentication-provider>
            <security:jdbc-user-service data-source-ref="securityDataSource"/>
            <security:password-encoder hash="sha"/>
        </security:authentication-provider>        
    </security:authentication-manager>
</beans>

I am attaching the log4j log and the folder structure

[Rob Winch]

Try disabling Spring Security (i.e. remove the filter-mapping from the web.xml) and navigating to the login.jsp. Does it render or do you get a 404? If you still get a 404 it is probably an issue with the mapping to login.jsp.

[ranajyotic]

Try disabling Spring Security (i.e. remove the filter-mapping from the web.xml) and navigating to the login.jsp. Does it render or do you get a 404? If you still get a 404 it is probably an issue with the mapping to login.jsp.

I had a different page other than login.jsp initially which was rendering ok. So I don't think this is a mvc issue. Actually I kind of found a workaround. Not sure if this is the right thing to do. I had defined a controller for the login which then maps to the using ResourceBundleViewResolver. Now it works fine. I may have misunderstood the security documentation about the requirement of a controller. I was of the impression that the security framework would do the redirection automatically. So can you please tell me what is the right procedure for this?

[Rob Winch]

I had a different page other than login.jsp initially which was rendering ok. So I don't think this is a mvc issue. Actually I kind of found a workaround. Not sure if this is the right thing to do. I had defined a controller for the login which then maps to the using ResourceBundleViewResolver. Now it works fine. I may have misunderstood the security documentation about the requirement of a controller. I was of the impression that the security framework would do the redirection automatically. So can you please tell me what is the right procedure for this?

Spring Security does do the redirect but it will not forward to the jsp. This is up to Spring MVC setup (Spring Security knows nothing about your MVC tier...ie it could be Spring MVC, Struts, JSF, etc). The proper way is to ensure the URL you have configured for the login page renders without Spring Security enabled. The way you do this varies by your MVC technology.