Unexpected login dialog
Hi,
I have a remote spring RCP client that is accessing a remoted spring service on my application server. When the application starts up the application displays a login dialog that delegates to a remoteAuthenticationManager. I have a second service being remoted (ClientService) that I am using to load Client objects from my data source. I have a .jsp page for testing on the server that essentially is a simple hello world page/controller that also loads the client list and tells me how long it took to load it. If I go to the .jsp page, I am prompted to login. Everything works as expected.
If I start up my remote application and login everything works fine...until i access the ClientService...then a dialog pops up that is not associated with my application that says: Authentication Required - Enter login details to access "Hydra Realm" on localhost/127.0.0.1.
This seems to be acting as if I am not logged in or something. Can anyone give me some advice on what might be wrong?
Here are my service remoting beans in my remoting-servlet.xml:
here is the important part of my security context:Code:<bean id="clientService" class="org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean"> <property name="serviceUrl" value="http://${hydra.server}/hydra/remoting/ClientService.html"/> <property name="serviceInterface" value="org.chd.hydra.service.ClientService"/> </bean> <bean id="remoteAuthenticationManager" class="org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean"> <property name="serviceUrl" value="http://${hydra.server}/hydra/remoting/RemoteAuthenticationManager.html"/> <property name="serviceInterface" value="org.springframework.security.providers.rcp.RemoteAuthenticationManager"/> </bean>
The requires-channel is there as when I'm not running on localhost I use https instead of http.Code:<http auto-config="false" create-session="always" once-per-request="false" realm="Hydra Realm"> <anonymous/> <http-basic/> <logout logout-url="/logout.html"/> <intercept-url pattern="/index.htm*" access="IS_AUTHENTICATED_ANONYMOUSLY"/> <intercept-url pattern="/remoting/RemoteAuthenticationManager.html" access="IS_AUTHENTICATED_ANONYMOUSLY" requires-channel="http"/> <intercept-url pattern="/remoting/**" access="ROLE_TECHIES" requires-channel="http"/> <intercept-url pattern="/secure/**" access="ROLE_DOMAIN ADMINS" requires-channel="http"/> </http>
here is the important parts of my web.xml:
and just in case here's my dispatcher-servlet:Code:<filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class> org.springframework.web.filter.DelegatingFilterProxy </filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> <listener> <listener-class> org.springframework.security.ui.session.HttpSessionEventPublisher </listener-class> </listener> <servlet> <servlet-name>dispatcher</servlet-name> <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> <load-on-startup>2</load-on-startup> </servlet> <servlet-mapping> <servlet-name>dispatcher</servlet-name> <url-pattern>*.html</url-pattern> </servlet-mapping> <servlet> <servlet-name>remoting</servlet-name> <servlet-class> org.springframework.web.servlet.DispatcherServlet </servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>remoting</servlet-name> <url-pattern>/remoting/*</url-pattern> </servlet-mapping>
the remote application is accessing the remoted services with this:Code:<context:component-scan base-package="org.chd.hydra.controller"/> <bean class="org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping"/> <bean id="helloController" class="org.chd.hydra.controller.HelloController"> <property name="helloService" ref="helloService"/> </bean> <bean name="indexController" class="org.springframework.web.servlet.mvc.ParameterizableViewController" p:viewName="index" /> <bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping"> <property name="mappings"> <props> <prop key="index.html">indexController</prop> <prop key="secure/hello.html">helloController</prop> </props> </property> </bean> <bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver" p:prefix="/WEB-INF/jsp/" p:suffix=".jsp" />
Again, this would be https if not on localhost.Code:<bean id="remoteAuthenticationManager" class="org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean"> <property name="serviceUrl" value="http://${hydra.server}/hydra/remoting/RemoteAuthenticationManager.html"/> <property name="serviceInterface" value="org.springframework.security.providers.rcp.RemoteAuthenticationManager"/> </bean> <bean id="clientService" class="org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean"> <property name="serviceUrl" value="http://${hydra.server}/hydra/remoting/ClientService.html"/> <property name="serviceInterface" value="org.chd.hydra.service.ClientService"/> </bean>
The remotAuthenticationManager works fine and my login has:
Granted Authorities: ROLE_TECHIES, ROLE_DOMAIN ADMINS, ROLE_CHD GROUP
so I should have the proper roles to access the service. Any help would be greatly appreciated.
