Servlet mapping not work!

[duybinh0208]

Hi everybody,

Firstly, I can do single sign-on with saml2-sample with SSO Circle IDP.

Secondly, I have already a web app project and I want to build SSO funtion for this one. I try to do it by copy and paste some codes and resources from spring-security-saml2-sample into my project but my servlet-mapping seems to be not work correctly.

For example, before integrating saml2-sample to my project, i can go to my homepage is: "localhost:8080/ke" but after integrating its mapping has problem. Whenever I enter my homepage address into browser It always go to this link "http://localhost:8080/ke/saml/discovery/alias/defaultAlias?entityID=192.168.200.111&returnIDPara m=idp" instead of "localhost:8080/ke".

Please give me a solution for this problem.

Thanks and Regards.

[vsch]

Your front page probably requires authentication as it's secured (e.g. by <security:intercept-url pattern="/**" access="IS_AUTHENTICATED_FULLY"/> in your securityContext.xml). This automatically invokes the samlEntryPoint and redirects you to the URL you see.

Configure the <security:http> tag according to your needs - e.g. take away the front page in case it doesn't require authentication. You can also remove the entry-point-ref attribute if you don't want the SAML authentication to start automatically.

You can refer to the Spring Security manual for details on securing your website.

Vladimír Schäfer

[duybinh0208]

Thank you vsch. I see that in SecurityContext.xml has a section for configuration of Unsecured pages and then i just try to config some things like this <security:http security="none" pattern="/ke/**" />. It is because i want to go to my home page is localhost:8080/ke but it still not work. I also try to changes configuration in Secure pages section such as <security:intercept-url pattern="/saml/login/** but it still seems to be useless.

[vsch]

You can change your http:security from the original configuration to e.g.:

<!-- Secured pages -->
<security:http entry-point-ref="samlEntryPoint" use-expressions="true">
<security:intercept-url pattern="/**" access="permitAll"/>
<security:custom-filter before="FIRST" ref="metadataGeneratorFilter"/>
<security:custom-filter after="BASIC_AUTH_FILTER" ref="samlFilter"/>
</security:http>

This will allow free access to all of your pages and you can still start SAML authentication using a direct link to /saml/login

Configuration of "/ke/**" of the pattern won't work as /ke is contextPath of your application and can't be used in this definition. If you still can't get further you might want to post your whole configuration.

Vladimír Schäfer

[duybinh0208]

Thanks Vladimír Schäfer but it still not work and shows the message: No mapping found for HTTP request with URI [/gears/a/login] in DispatcherServlet with name 'spring'.

[duybinh0208]

I try to config some servlet mapping by my self (not the same with Vladimír Schäfer's method) and it works but it has a problem when i try to use mongo db in controller. For example: when i add the codes @Resource(name = "userService") private DBUser userService; in controller it throws exception org.springframework.beans.factory.BeanCreationExce ption: Error creating bean with name ... Injection of resource dependencies failed; nested exception is org.springframework.beans.factory.NoSuchBeanDefini tionException: No bean named 'userService' is defined. Anyone have an idea for this? Thanks & Regards.

[duybinh0208]

In my config file: mysvl-servlet.xml, i just add 2 lines of code like this <context:component-scan base-package="com.ke.service" /> <context:component-scan base-package="com.ke.controller" /> maybe it solves the exception No bean named 'userService' is defined but it shows No bean named 'mongoTemplate' is defined. Any solution for this problem?