Configuration for applying https to certain pages

[despot]

Hi to you all,

I need to configure Spring Security 2.0.5 to demand certain pages to go through https. I don't need any other functionality. I tried several times to configure but I am struggling for few days now, so I would like some tips from more experienced users.

In web.xml I have:

Code:

	<context-param>
		<param-name>contextConfigLocation</param-name>
		<param-value>
			/WEB-INF/applicationContext-security.xml
		</param-value>
	</context-param>
         <filter>
		<filter-name>filterChainProxy</filter-name>
		<filter-class>org.springframework.security.util.FilterChainProxy</filter-class>
	</filter>

	<filter-mapping>
		<filter-name>filterChainProxy</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

Than I supply the applicationContext-security.xml:

Code:

<?xml version="1.0" encoding="UTF-8"?>

<beans:beans xmlns="http://www.springframework.org/schema/security"
	xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">

	<beans:bean id="filterChainProxy"
		class="org.springframework.security.util.FilterChainProxy">
		<filter-chain-map path-type="ant">
			<filter-chain pattern="/**" filters="channelProcessingFilter" />
		</filter-chain-map>
	</beans:bean>

	<beans:bean id="channelProcessingFilter"
		class="org.springframework.security.securechannel.ChannelProcessingFilter">
		<beans:property name="channelDecisionManager" ref="channelDecisionManager" />
		<beans:property name="filterInvocationDefinitionSource">
			<filter-invocation-definition-source
				path-type="regex">
				<intercept-url pattern="/images/baBaaLogoWide.jpg"
					access="REQUIRES_SECURE_CHANNEL" />
				<intercept-url pattern="/url1.htm" access="REQUIRES_SECURE_CHANNEL" />
				<intercept-url pattern="/url2.htm" access="REQUIRES_SECURE_CHANNEL" />
				<intercept-url pattern="/.*" access="ANY_CHANNEL" 
/>
			</filter-invocation-definition-source>
		</beans:property>
	</beans:bean>
	<beans:bean id="channelDecisionManager"
		class="org.springframework.security.securechannel.ChannelDecisionManagerImpl">
		<beans:property name="channelProcessors">
			<beans:list>
				<beans:ref bean="secureChannelProcessor" />
				<beans:ref bean="insecureChannelProcessor" />
			</beans:list>
		</beans:property>
	</beans:bean>
	<beans:bean id="secureChannelProcessor"
		class="org.springframework.security.securechannel.SecureChannelProcessor" />
	<beans:bean id="insecureChannelProcessor"
		class="org.springframework.security.securechannel.InsecureChannelProcessor" />
</beans:beans>

If I specify the filter chain like this:

Code:

         filters="channelProcessingFilter"

than I get a NullPointerException and I guess I miss some required filters in the chain.
If I use:

Code:

        filters="channelProcessingFilter,authenticationProcessingFilter,exceptionTranslationFilter,filterSecurityInterceptor"

than I get

No bean named 'authenticationProcessingFilter' is defined

.

Do I need to define all these filters(beans) to create my functionality or can I do it in a simpler fashion? Am I in the right direction?

Regards,
Despot