Simple and LDAP authentication

[fish.knows]

Hi,
I working on this app and I've run into a problem when I want to use both "simple" authentication (from db) and LDAP based authentication. I've tried
both separately and they all work but when I put them together they don't.

Code:

<intercept-url pattern="/**"  access="ROLE_USER,ROLE_ADMIN,ROLE_MYCOMP-ADMINISTRATORS,ROLE_MYCOMP-RESOURCES"/>
	
	............
		
<ldap-server id="ldapServer" url="ldap://10.1.0.2:389/OU=myGroup,DC=mycomp,DC=com"
                 manager-dn="userATmycomp.com" 
                 manager-password="******"/>
   
<ldap-user-service id="ldap-user-service" 
                       server-ref="ldapServer" 
                       user-search-filter="(userPrincipalName={0})" />
        			       
<ldap-authentication-provider server-ref="ldapServer" 
                       group-search-base="CN=MYCOMP-Resources" 
                       group-search-filter="(member={0})"
                       user-search-base="OU=People" 
					   user-search-filter="(userPrincipalName={0})"
					   role-prefix="ROLE_" />
	
<authentication-provider>
        <password-encoder hash="md5" base64="true"/>
        <jdbc-user-service data-source-ref="dataSource"
            authorities-by-username-query="SELECT RTRIM(username) as username, RTRIM(authority) as authority from cm_user u WHERE u.username =?" users-by-username-query="SELECT RTRIM(username) as username, RTRIM(password) as password,enabled from cm_user WHERE username=?"/>
</authentication-provider>

and I'm getting something like:

Code:

 More than one UserDetailsService registered. Please use a specific Id in your configuration.

Is there any solution using only xml configuration?

Thanks.

[borutb]

I am having a very similar issue - with dao and openid.

[fish.knows]

I've simply solved the problem by changing <http> part:

Code:

<http auto-config="false" access-denied-page="/accessDenied.jsp">
        <intercept-url pattern="/login*" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
        <intercept-url pattern="/css/*" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
        <intercept-url pattern="/js/*" access="IS_AUTHENTICATED_ANONYMOUSLY"/>

  ..................

        <form-login login-page="/login.jsp"
            authentication-failure-url="/login.jsp?login_error=1"
            default-target-url="/home.htm" always-use-default-target="true"/> 
        
        <logout logout-success-url="/login.jsp"/>
        <http-basic />
        <anonymous />
        <concurrent-session-control max-sessions="1" expired-url="/login.jsp?concurrent=true"/>
    </http>

and I've also added user-service-ref to authentication-provider

Code:

<authentication-provider user-service-ref="jdbcUserService">
        <password-encoder hash="md5" base64="true"/>
</authentication-provider>
    
<beans:bean id="jdbcUserService" class="org.springframework.security.userdetails.jdbc.JdbcDaoImpl">
        <beans:property name="dataSource" ref="dataSource" />
        <beans:property name="usersByUsernameQuery"
            value="SELECT RTRIM(username) as username, RTRIM(password) as password,enabled from cm_user WHERE username=?" />
        <beans:property name="authoritiesByUsernameQuery"
            value="SELECT RTRIM(username) as username, RTRIM(authority) as authority from cm_user u WHERE u.username =?" />
</beans:bean>

I now everything is like it should be.