Results 1 to 4 of 4

Thread: Configuration of Form login + Custom Authentication Provider

  1. Jun 6th, 2008, 03:03 PM #1
    pbdavey
    pbdavey is offline Member
    Join Date
    May 2008
    Posts
    48

    Default Configuration of Form login + Custom Authentication Provider

    Could anyone give me some feedback on this? I always get a "org.springframework.security.AuthenticationCreden tialsNotFoundException: An Authentication object was not found in the SecurityContext" thrown. When switching from <form-login/> to <http-basic/>, it works so I think it is just form login configuration.
    Code:
    	<security:http lowercase-comparisons="false" >
		<security:concurrent-session-control max-sessions="1" expired-url="/Login.jsp?error=2"/>
		<security:form-login login-page="/Login.jsp" authentication-failure-url="/Login.jsp?error=1"/>
		<security:logout invalidate-session="true" logout-url="/Logout.htm" logout-success-url="/Login.jsp?error=0"/>
		<!-- security:http-basic/ -->
		<!-- security:anonymous username="NONE" granted-authority=""/ -->
		<security:intercept-url pattern="/secure/**" access="ROLE_CIM_USER"/>
	</security:http>
	
	<bean id="authenticationProvider"
		class="intellitime.spring.security.DatabaseUserAuthenticationProvider">
	    <property name="dataSource" ref="rawDataSource"/>
	    <security:custom-authentication-provider/>
	</bean>
  2. Jun 6th, 2008, 03:56 PM #2
    pbdavey
    pbdavey is offline Member
    Join Date
    May 2008
    Posts
    48

    Default Modification

    Still having trouble, but not the same...I don't seem to get the username and password for auth...however my provider is now being asked to authenticate. I thought I only had to attempt access to a secure page to get the attempt to authenticate.

    Snippet of Login.jsp
    Code:
    <form name="Login" method="post" action="${pageContext.request.contextPath}/j_spring_security_check">
<table>
	<tr>
		<td align="right">
			User Name
		</td>
		<td align="left">
			<input type="text" id="j_username"/>
		</td>
	</tr>
	<tr>
		<td align="right">
			Password
		</td>
		<td align="left">
			<input type="password" id="j_password"/>
		</td>
	</tr>
	<tr>
		<td colspan="2" align="center">
			<input type="submit" value="Log In"/>
		</td>
	</tr>
</table>
</form>
  3. Jun 9th, 2008, 10:45 AM #3
    pbdavey
    pbdavey is offline Member
    Join Date
    May 2008
    Posts
    48

    Default

    So you need http-basic tag even when using form-login? That seems to have fixed it. I noticed the auto-config uses both, but for some reason I though that was something different. I thought basic and form logins were mutually exlusive, like basic and digest.
  4. Jun 9th, 2008, 10:48 AM #4
    Luke Taylor
    Luke Taylor is offline Senior Member Acegi Security System TeamSpring Team
    Join Date
    Aug 2004
    Location
    Glasgow, Scotland
    Posts
    3,449

    Default

    No, you shouldn't need to include basic authentication to get form login to work. The form-login element should be sufficient by itself.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules