Bad Sql Grammar Exception

[lingan]

Hi All ,

I have duplicated the JdbcDaoImpl ,DaoAuthenticationProvider , AuthenticationDao so that my userByUsernameQuery takes two parameters to retrieve the uname/Pword .
Since i dont need to strict any user on basis of url after loging in i have made the following changes to this method ,

Code:

 public UserDetails loadUserByUsername(String company_sk ,List credentials)
        throws UsernameNotFoundException, DataAccessException
		    {

	    		String paramss[] =new String[]{company_sk,(String)credentials.get(0)};
		    	List users = usersByUsernameMapping.execute(paramss);
		        if(users.size() == 0)
		            throw new UsernameNotFoundException("User not found");
		        UserDetails user = (UserDetails)users.get(0);

		        //List dbAuths = authoritiesByUsernameMapping.execute(user.getUsername());
		      //  System.out.println("GrantedAuthority-->"+dbAuths);
		        //if(dbAuths.size() == 0)
		       // {
		       //     throw new UsernameNotFoundException("User has no GrantedAuthority");
		       // } else
		       // {
		            GrantedAuthority arrayAuths[] = new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_TELLER")};
		          //  addCustomAuthorities(user.getUsername(), dbAuths);
		            //arrayAuths = (GrantedAuthority[])(GrantedAuthority[])dbAuths.toArray(arrayAuths);
		            return new User(user.getUsername(), user.getPassword(), user.isEnabled(), true, true, true, arrayAuths);
		      //  }

		    }

As this just a start i am not using any securityEnforcementFilter
So my filter chain proxy looks like this

Code:

<bean id="filterChainProxy" class="net.sf.acegisecurity.util.FilterChainProxy">
		<property name="filterInvocationDefinitionSource">
			<value>
				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
				PATTERN_TYPE_APACHE_ANT
				/**=httpSessionContextIntegrationFilter, authenticationProcessingFilter
			</value>
		</property>
	</bean>

the passwords are getting authenticated fine and even a successAuthentication token is created but Finally ,the Acegi throws a error like this

Code:

org.springframework.jdbc.BadSqlGrammarException: executing PreparedStatementCallback; bad SQL grammar [SELECT USERNAME, PASSWORD from USERS]; nested exception is java.sql.SQLException: ORA-00942: table or view does not exist

	org.springframework.jdbc.support.SQLErrorCodeSQLExceptionTranslator.translate(SQLErrorCodeSQLExceptionTranslator.java:223)
	org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:456)
	org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:491)
	org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:522)
	org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:543)
	org.springframework.jdbc.object.SqlQuery.execute(SqlQuery.java:114)
	org.springframework.jdbc.object.SqlQuery.execute(SqlQuery.java:124)
	org.springframework.jdbc.object.SqlQuery.execute(SqlQuery.java:139)
	com.springapp.db.UserInfoDaoJdbc.getUserInfoList(UserInfoDaoJdbc.java:22)
	com.springapp.bean.UserInfoManager.getUserInfoList(UserInfoManager.java:18)
	com.springapp.controller.SpringappController.handleRequest(SpringappController.java:29)
	org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter

Any Help??

I also need to make sure if it is possible more than one parameter in the authorityByUserNameQuery ??
Thanx ,
Lingan

[stevehodpriest]

Lingan,

As I mentioned in another thread this I think is a Spring Jdbc problem. As you notice from the stack trace net.sf.acegisecurity package is not mentioned.
As a guess, as you don't have the query to hand, I would say that your parameters that you pass (eg Types.VARCHAR) may not be that correct mappings for the sql table you are querying. But please refer to the spring jdbc forums instead.
Although I haven't tried it, the AuthorityByUserNameQuery should be able to handle as many parameters as you want it to. It is just a Spring Jdbc query.

[lingan]

Hi Steve,
I made changes to the following and its working fine.
Now i can pass four parameters in my authentication Query .

AuthenticationProcessingFilter.java
DaoAuthenticationProvider.java
AuthenticationDao.java
CustomJdbcImpl(Duplicate of JdbcDaoImpl)
CustomJdbcImpl.loadUserByUsername

Thanx steve .


Regards ,
Lingan

[lingan]

Hi Steve ,

My application need is as follows.

1.
I will have menu's which show up all submenu's but leads the users to respective pages based on user privilege.I think for this i can go about using the authorization at http request level using the
net.sf.acegisecurity.intercept.web.FilterSecurityI nterceptor and defining my own objectDefinitonSource .
is this right??
2.
based on the user's privilege i need to disable or enable certain GUI like buttons ,for this do i only have to hard code using the tags u had already mentioned to me ?? moreover do i have to use ACL ???

In other words ,I just need to diasable certains HyperLinks , Buttons ,... based on the Authentication ,in this case should i have to do something with ACL or is this possible with the Auth-Tags itself

regards ,
Lingan

[stevehodpriest]

What you want to do is disable front end components so use the tags