Configuring Pre-Authentication in Spring Security 3.1.0

[carcaret]

Hi!

I'm trying to configure pre-authentication in my webapp using Spring Security 3.1.0 but having some issues.

I've been searching the internet and found a couple of examples, that nearly work, but something is missing.

I want to authenticate with an LDAP provider in our Weblogic server using j_security_check, and then grant the roles within my app.

It looks like the authentication is going fine, but then I face two problems:

Once the authentication succeeds, I'm not getting redirected anywhere. Where should I specify that once authenticated, I should go to some URL?
My AuthenticationUserDetailsService is never getting called.

Here are my spring-security.xml

Code:

<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" 
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schem...-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">

<http auto-config="false" use-expressions="true" entry-point-ref="preAuthenticatedProcessingFilterEntryPoint">
    <intercept-url pattern="/login/**" access="permitAll"/>
    <intercept-url pattern="/**" access="ROLE_USER" />
    <custom-filter position="PRE_AUTH_FILTER" ref="preAuthFilter"/>

</http>

<beans:bean id="inMemoryAuthenticationUserDetailsService"
           class="myapp.web.authentication.CustomAuthenticationUserDetailsService"/>

<beans:bean id="preAuthenticatedProcessingFilterEntryPoint"
            class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint"/>

<beans:bean id="preAuthenticatedAuthenticationProvider"
            class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
    <beans:property name="preAuthenticatedUserDetailsService" ref="inMemoryAuthenticationUserDetailsService"/>
</beans:bean>

<beans:bean id="simpleAttributes2GrantedAuthoritiesMapper"
            class="org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper">
    <beans:property name="attributePrefix" value=""/>
</beans:bean>

<beans:bean id="webXmlMappableAttributesRetriever"
            class="org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever"/>

<beans:bean id="j2eeBasedPreAuthenticatedWebAuthenticationDetailsSource"
            class="org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource">
    <beans:property name="mappableRolesRetriever" ref="webXmlMappableAttributesRetriever"/>
    <beans:property name="userRoles2GrantedAuthoritiesMapper" ref="simpleAttributes2GrantedAuthoritiesMapper"/>
</beans:bean>

<beans:bean id="preAuthFilter"
            class="org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter">
    <beans:property name="authenticationManager" ref="appControlAuthenticationManager"/>
    <beans:property name="authenticationDetailsSource"
                    ref="j2eeBasedPreAuthenticatedWebAuthenticationDetailsSource"/>
</beans:bean>

<authentication-manager alias="appControlAuthenticationManager">
    <authentication-provider ref="preAuthenticatedAuthenticationProvider"/>
</authentication-manager>

my web.xml

Code:

<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<display-name>Penelope11g</display-name>

<welcome-file-list>
    <welcome-file>/jsp/index.jsp</welcome-file>
</welcome-file-list>

<servlet>
    <servlet-name>spring</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
    <servlet-name>spring</servlet-name>
    <url-pattern>*.html</url-pattern>
</servlet-mapping>

<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>
        /WEB-INF/spring-servlet.xml,
        /WEB-INF/spring-security.xml
    </param-value>
</context-param>

<listener>
    <listener-class>
        org.springframework.web.context.ContextLoaderListener
    </listener-class>
</listener> 

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>
     org.springframework.web.filter.DelegatingFilterProxy
    </filter-class>
</filter> 

<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/jsp/*</url-pattern>
</filter-mapping>

<security-constraint>
    <web-resource-collection>
        <web-resource-name>All Content</web-resource-name>
        <url-pattern>/jsp/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>ROLE_USER</role-name>
    </auth-constraint>
</security-constraint>

<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>DEFAULT</realm-name>
    <form-login-config>
        <form-login-page>/login/login.jsp</form-login-page>
        <form-error-page>/login/errorLogin.jsp</form-error-page>
    </form-login-config>
</login-config>

<security-role>
    <role-name>ROLE_USER</role-name>
</security-role>
<security-role>
    <role-name>ROLE_ADMIN</role-name>
</security-role>

and my login.jsp

Code:

<!DOCTYPE HTML>
<%@ page language="java" contentType="text/html;charset=ISO-8859-1"%>
<%@taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
<c:set var="path" value="${request.contextPath}" scope="request"/>
<html>
    <head>
    <title>Penelope: Login</title>
    <link type="text/css" href="../css/default/easyui.css" rel="stylesheet" />
    <link type="text/css" href="../css/icon.css" rel="stylesheet" />
    <script type="text/javascript" src="../js/jquery-1.7.2.min.js"></script>
    <script type="text/javascript" src="../js/jquery.easyui.min.js"></script>
    <script>
    $(document).ready(function() {
        $('#ventanaLogin').dialog({  
            modal:true,
            draggable:false,
            closable:false,
            height:250,
            width:300,
            buttons:[{
                text:'Aceptar',
                iconCls:'icon-ok',
                handler:function(){
                    $("#loginForm").submit();
                }
            }]
        }); 

        $("html").keydown(function(e){
            if(e.keyCode == '13')
            {
                $("#loginForm").submit();
            }
        });
    });
    </script>
</head>
<body>
    <div id="ventanaLogin" title="Login">  
        <form action="../j_security_check" id="loginForm" method="post">
            <table style="margin:30px;">
                <tr>
                    <td><label>Username</label></td>
                    <td><input type="text" id="usuario" name="j_username" tabindex="1"/></td>
                </tr>
                <tr>
                    <td><label>Password</label></td>
                    <td><input type="password" id="clave" name="j_password" tabindex="2"/></td>
                </tr>
            </table>
        </form>
    </div>      
</body>

Hope that's info enough to get some help. Thanks!!