security:authorize tags not working

[dzmitry]

Just tried again. I saw this problem when deploying app to springsource dm server 2.0 from springsource tool suite. However, if I ran app from command line "mvn tomcat:run", this time security is run successfully.

However, after login, and logoff, and login again, this time app shows me blank screen (from both IE and firefox), I have to refresh the page to get app showing, but this could be roo RC3 related, not security related.

I had a similar problem after deploying .war to tomcat...
By default, Roo generates configuration of Spring Security which includes use sha-256.
But, at packaging in war, sha-256 provider is not added.

I have fixed this issue by adding of dependency to pom.xml

Code:

...
 <repositories>
...
        <repository>
            <id>org.maven.repo1</id>
            <name>org.maven.repo1</name>
            <url>http://repo1.maven.org/maven2</url>
        </repository>
...
 </repositories>
...
<dependencies>
...
          <dependency>
            <groupId>commons-codec</groupId>
            <artifactId>commons-codec</artifactId>
            <version>1.4</version>
         </dependency>
...
</dependencies>
...

To see the reason of magic problems, disable your error pages.
webmvc-config.xml:

Code:

    <bean class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
        <!--<property name="exceptionMappings">
            ...
        </property>-->
    </bean>

Exceptions are not logged, when are processed by error pages.
So, there is ClassNotFoundException in my case.

[asheikh]

Hi,

Always when something doesn't work it is my mistake.
this time, I have had the following configuration in web.xml

Code:

	<filter>
		<filter-name>springSecurityFilterChain</filter-name>
		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
	</filter>

	<filter-mapping>
		<filter-name>springSecurityFilterChain</filter-name>
		<url-pattern>/micro*</url-pattern>
	</filter-mapping>

and if I access http://localhost:8080/somict/micro/partner security tag and urlrewrite both work

but if I access the url http://localhost:8080/somict/partner security tag and urlrewrite don't work together because the security filter is not started since the url doesn't have /micro* pattern

I know it is an obvious thing, but I hope that may help someone ;-)

[Ben Alex]

Thanks for sharing. Indeed the filter security chain is almost always just *, as it internally performs filtering of paths it is interested in.

[digz6666]

Hello there!

Could someone please post fullly working demo app with spring security and urlrewrite?

I can't get it working Tried for 5-6 hours.


Edit:

I've done by following way:
http://forum.springsource.org/showpo...34&postcount=5