Resource Server: who calls the ResourceServerTokenServices implementation?

**OhadR** · Sep 21st, 2012, 11:44 AM

Sure, I have this

Code:

    <servlet>
        <servlet-name>spring</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>

    <servlet-mapping>
        <servlet-name>spring</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

o/w spring wouldn't have worked at all.

about the debug - well, I guess I do something wrong... I've added this to my log4j.properties:

Code:

log4j.logger.org.springframework.security=DEBUG, INFO, CONSOLE, LOGFILE

but when I run the rsc-server alone (without the client WAR and the authentication WAR) I do not see any debug logs. when I run other components (client and auth-provider), I get tons of debug logs but they are irrelevant and I don't see there the FilterChain prints

**Dave Syer** · Sep 21st, 2012, 11:56 AM

Try

Code:

log4j.category.org.springframework.security=DEBUG

**OhadR** · Sep 21st, 2012, 12:09 PM

Nothing.
I even tried adding this to my xml file:

<security:debug/>

Yet, I see no DEBUG outputs.

**Dave Syer** · Sep 21st, 2012, 12:11 PM

I guess you are not using log4j then? Can you push the whole app onto a gist or something, so I can take a look?

**OhadR** · Sep 21st, 2012, 12:51 PM

haleluyja

I setup the log4j, so i see now (among tons of debug logs

21 Sep 2012 20:26:35,925 [localhost-startStop-1] DEBUG servlet.handler.BeanNameUrlHandlerMapping - Rejected bean name 'oauth2ProtectedResourceFilter': no URL paths identified

21 Sep 2012 20:26:36,249 [localhost-startStop-1] DEBUG factory.support.DefaultListableBeanFactory - Returning cached instance of singleton bean 'oauth2ProtectedResourceFilter'

is this what you wanted to see? is there something else i should check ?

**OhadR** · Sep 23rd, 2012, 01:16 AM

Originally Posted by Dave Syer

See the sparklr2 sample for an example. Or any of the Spring Security samples.

BTW I've looked at the Sparklr2, and I don't see <oauth:resource-server> neither in applicationcontext.xml nor in springServlet.xml...

**Dave Syer** · Sep 23rd, 2012, 01:38 AM

Neither of those files exists at the moment (or in M6 that I remember). Are you sure you don't want to update to the latest codebase? Those logs you picked out are normal (the filter is not a controller). We need to see what happens when you hit your protected resource.

**OhadR** · Sep 23rd, 2012, 02:46 AM

Originally Posted by Dave Syer

We need to see what happens when you hit your protected resource.

Dave - thanks.
I got it. My bad. after trying to hit the resource, I got this:

************************************************** **********

Request received for '/welcome':

org.apache.catalina.connector.RequestFacade@13332e 85

servletPath:/welcome
pathInfo:null

Security filter chain: [] empty (bypassed by security='none')

************************************************** **********

23 Sep 2012 09:27:18,422 [http-bio-443-exec-1] DEBUG security.web.FilterChainProxy - /welcome has an empty filter list

So I understood that my filter chain is disabled. I went to the beans.XML and saw that I had there:

<security:http pattern="/welcome" security="none"/>

After commenting it out, chain is working and my filter is being called.

Thanks, and sorry for the bother :-)

__________________________________________________ ___________________

Thread: Resource Server: who calls the ResourceServerTokenServices implementation?

Thread Tools

Display

Tags for this Thread

Posting Permissions