PreAuth variable header not found in request
Hi,
I am attempting to configure an app to use the RequestHeaderPreAuthenticatedProcessingFilter to allow authentication by SiteMinder. This appears to be very straight forward, however, I'm having a real problem with the principalRequestHeader variable.
I've configured spring as such:
And the error I get after I successfully authenticate with SiteMinder (and the request is passed to spring to find the header variable)Code:<!-- ======================== FILTER CHAIN ======================= --> <bean id="springSecurityFilterChain" class="org.springframework.security.util.FilterChainProxy"> <property name="filterInvocationDefinitionSource"> <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /**=httpSessionContextIntegrationFilter,siteminderFilter,logoutFilter,adminAuthenticationProcessingFilter,learnerAuthenticationProcessingFilter,siteLearnerAuthenticationProcessingFilter,exceptionTranslationFilter </value> </property> </bean> <!-- ======================== UP Custom Siteminder Bean ===================== --> <bean id="siteminderFilter" class="org.springframework.security.ui.preauth.header.RequestHeaderPreAuthenticatedProcessingFilter"> <sec:custom-filter position="PRE_AUTH_FILTER" /> <property name="principalRequestHeader" value="SMUSER" /> <property name="authenticationManager" ref="authenticationManager" /> </bean> <bean id="preauthAuthProvider" class="org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationProvider"> <sec:custom-authentication-provider /> <property name="preAuthenticatedUserDetailsService"> <bean id="userDetailsServiceWrapper" class="org.springframework.security.userdetails.UserDetailsByNameServiceWrapper"> <property name="userDetailsService" ref="userDetailsService"/> </bean> </property> </bean> <sec:authentication-manager alias="authenticationManager" /> <bean id="userDetailsService" name="userDetailsService" class="com.plateausystems.elms.bo.userprofile.impl.AdminUserSecurityDetailsServiceImpl"> <property name="userProfileService" ref="module.userprofile.UserProfileService"/> </bean>
We have gone as far as proxying our Apache to JBoss call to make sure the SMUSER variable is there, and it is. As a further test I put the header variable 'user-agent' in the config and that worked. It's clearly able to get something from the header any ideas why it can't find SMUSER?Code:06/21/2010 14:22:07 ERROR # [ajp-0.0.0.0-8009-1] [LMS:ContainerBase] - Servlet.service() for servlet default threw exception org.springframework.security.ui.preauth.PreAuthenticatedCredentialsNotFoundException: SMUSER header not found in request. at org.springframework.security.ui.preauth.header.RequestHeaderPreAuthenticatedProcessingFilter.getPreAuthenticatedPrincipal(RequestHeaderPreAuthenticatedProcessingFilter.java:42) at org.springframework.security.ui.preauth.AbstractPreAuthenticatedProcessingFilter.doAuthenticate(AbstractPreAuthenticatedProcessingFilter.java:69) at org.springframework.security.ui.preauth.AbstractPreAuthenticatedProcessingFilter.doFilterHttp(AbstractPreAuthenticatedProcessingFilter.java:58) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:371) at org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:174) at org.springframework.security.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:99)
We are using spring security 2.0.0
Thanks for you time,
Jason
