Authentication not happening

**knkpchari** · Sep 9th, 2010, 02:51 AM

Hi,

my xx-security.xml is as below:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:d="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation=" http://www.springframework.org/schema/context http://www.springframework.org/schem...ontext-3.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schem...-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schem...curity-3.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd">



<alias name="filterChainProxy" alias="springSecurityFilterChain"/>

<bean id="filterChainProxy" class="org.springframework.security.web.FilterChai nProxy">
<d:filter-chain-map path-type="ant" >
<d:filter-chain pattern="/**" filters="
httpSessionContextIntegrationFilter,
securityContextPersistenceFilter,
logoutFilter,
formLoginFilter,
authenticationProcessingFilter,
basicAuthenticationFilter,
securityContextHolderAwareRequestFilter,
exceptionTranslationFilter,
filterSecurityInterceptor"/>
</d:filter-chain-map>
</bean>

<bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.web.context.Ht tpSessionContextIntegrationFilter"/>

<bean id="securityContextPersistenceFilter"
class="org.springframework.security.web.context.Se curityContextPersistenceFilter">
<property name='securityContextRepository'>
<bean class='org.springframework.security.web.context.Ht tpSessionSecurityContextRepository'>
<property name='allowSessionCreation' value='true' />
</bean>
</property>
</bean>

<bean id="basicAuthenticationFilter"
class="org.springframework.security.web.authentica tion.www.BasicAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationEntryPoint" ref="authenticationEntryPoint" />
</bean>

<bean id="authenticationEntryPoint" class="org.springframework.security.web.authentica tion.www.BasicAuthenticationEntryPoint">
<property name="realmName" value="Spring Web Realm" />
</bean>



<bean id="authenticationProcessingFilter" class="org.springframework.security.web.authentica tion.UsernamePasswordAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="filterProcessesUrl" value="/j_spring_security_check"/>
</bean>

<bean id="logoutFilter" class="org.springframework.security.web.authentica tion.logout.LogoutFilter">
<constructor-arg value="/logged_out.htm" />
<constructor-arg>
<list><bean class="org.springframework.security.web.authentica tion.logout.SecurityContextLogoutHandler" /></list>
</constructor-arg>
</bean>

<bean id="formLoginFilter" class="org.springframework.security.web.authentica tion.UsernamePasswordAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationSuccessHandler">
<bean class="org.springframework.security.web.authentica tion.SavedRequestAwareAuthenticationSuccessHandler ">
<property name="defaultTargetUrl" value="/" />
</bean>
</property>
<property name="sessionAuthenticationStrategy">
<bean class="org.springframework.security.web.authentica tion.session.SessionFixationProtectionStrategy" />
</property>
</bean>

<bean id="authenticationManager" class="org.springframework.security.authentication .ProviderManager">
<property name="providers">
<list>
<ref bean="authenticationProvider" />
</list>
</property>
</bean>

<bean id="authenticationProvider" class="org.springframework.security.authentication .dao.DaoAuthenticationProvider">
<property name="userDetailsService" ref="userService" />
</bean>

<bean id="userService" class="org.springframework.security.core.userdetai ls.jdbc.JdbcDaoImpl">
<property name="dataSource">
<ref bean="dataSource"/>
</property>
<property name="usersByUsernameQuery">
<value>
SELECT u.login_id, password, u.record_status FROM user_master u WHERE u.login_id=?
</value>
</property>

<property name="authoritiesByUsernameQuery">
<value>
SELECT u.login_id, r.role_name FROM rbac_user_role ur, user_master u, rbac_role_m r WHERE ur.user_id = u.id and ur.role_id = r.id and u.login_id=?
</value>
</property>
</bean>

<bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.web.servletapi .SecurityContextHolderAwareRequestFilter"/>



<bean id="exceptionTranslationFilter" class="org.springframework.security.web.access.Exc eptionTranslationFilter">
<property name="authenticationEntryPoint">
<bean class="org.springframework.security.web.authentica tion.LoginUrlAuthenticationEntryPoint">
<property name="loginFormUrl" value="/login.htm"/>
</bean>
</property>
</bean>

<bean id="filterSecurityInterceptor" class="org.springframework.security.web.access.int ercept.FilterSecurityInterceptor">
<property name="authenticationManager" ref="authenticationManager" />
<property name="accessDecisionManager" ref="accessDecisionManager" />
<property name="securityMetadataSource">
<d:filter-security-metadata-source>

<d:intercept-url pattern="/NSCConf.htm" access="ROLE_USER" />
</d:filter-security-metadata-source>
</property>
</bean>

<bean id="accessDecisionManager" class="org.springframework.security.access.vote.Af firmativeBased">
<property name="decisionVoters">
<list>
<bean class="org.springframework.security.access.vote.Ro leVoter"/>
<bean class="org.springframework.security.access.vote.Au thenticatedVoter"/>
</list>
</property>
</bean>




</beans>

Thanks

**knkpchari** · Sep 9th, 2010, 02:52 AM

Hi,
I am getting the login page and when i am entering it is show this in server log:
DEBUG [org.springframework.security.web.FilterChainProxy] Converted URL to lowercase, from: '/login.htm'; to: '/login.htm'
DEBUG [org.springframework.security.web.FilterChainProxy] Candidate is: '/login.htm'; pattern is /**; matched=true
DEBUG [org.springframework.security.web.FilterChainProxy] /login.htm at position 1 of 9 in additional filter chain; firing Filter: 'org.springframework.security.web.context.HttpSess ionContextIntegrationFilter@1bf37e3'
DEBUG [org.springframework.security.web.context.HttpSessi onSecurityContextRepository] HttpSession returned null object for SPRING_SECURITY_CONTEXT
DEBUG [org.springframework.security.web.context.HttpSessi onSecurityContextRepository] No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@ 47ca2a. A new one will be created.
DEBUG [org.springframework.security.web.FilterChainProxy] /login.htm at position 2 of 9 in additional filter chain; firing Filter: 'org.springframework.security.web.context.Security ContextPersistenceFilter@383c13'
DEBUG [org.springframework.security.web.FilterChainProxy] /login.htm at position 3 of 9 in additional filter chain; firing Filter: 'org.springframework.security.web.authentication.l ogout.LogoutFilter@1f02c8a'
DEBUG [org.springframework.security.web.FilterChainProxy] /login.htm at position 4 of 9 in additional filter chain; firing Filter: 'org.springframework.security.web.authentication.U sernamePasswordAuthenticationFilter@fc265a'
DEBUG [org.springframework.security.web.FilterChainProxy] /login.htm at position 5 of 9 in additional filter chain; firing Filter: 'org.springframework.security.web.authentication.U sernamePasswordAuthenticationFilter@39f9e3'
DEBUG [org.springframework.security.web.FilterChainProxy] /login.htm at position 6 of 9 in additional filter chain; firing Filter: 'org.springframework.security.web.authentication.www.BasicAuthenticationFilter@44b17b'
DEBUG [org.springframework.security.web.FilterChainProxy] /login.htm at position 7 of 9 in additional filter chain; firing Filter: 'org.springframework.security.web.servletapi.Secur ityContextHolderAwareRequestFilter@1e01f19'
DEBUG [org.springframework.security.web.FilterChainProxy] /login.htm at position 8 of 9 in additional filter chain; firing Filter: 'org.springframework.security.web.access.Exception TranslationFilter@4666b6'
DEBUG [org.springframework.security.web.FilterChainProxy] /login.htm at position 9 of 9 in additional filter chain; firing Filter: 'org.springframework.security.web.access.intercept .FilterSecurityInterceptor@17050'
DEBUG [org.springframework.security.web.access.intercept. DefaultFilterInvocationSecurityMetadataSource] Converted URL to lowercase, from: '/login.htm'; to: '/login.htm'
DEBUG [org.springframework.security.web.access.intercept. DefaultFilterInvocationSecurityMetadataSource] Candidate is: '/login.htm'; pattern is /nscconf.htm; matched=false
DEBUG [org.springframework.security.web.access.intercept. FilterSecurityInterceptor] Public object - authentication not attempted
DEBUG [org.springframework.beans.factory.support.DefaultL istableBeanFactory] Returning cached instance of singleton bean 'org.apache.cxf.bus.spring.BusApplicationListener'
DEBUG [org.springframework.security.web.FilterChainProxy] /login.htm reached end of additional filter chain; proceeding with original chain
DEBUG [org.springframework.web.servlet.DispatcherServlet] DispatcherServlet with name 'mpower' processing POST request for [/rbac/login.htm]
DEBUG [org.springframework.web.servlet.mvc.annotation.Def aultAnnotationHandlerMapping] Mapping [/login.htm] to handler 'com.phoenix.rbac.controller.LoginController@1c90d 92'
DEBUG [org.springframework.web.bind.annotation.support.Ha ndlerMethodInvoker] Invoking request handler method: public org.springframework.web.servlet.ModelAndView com.phoenix.rbac.controller.LoginController.handle Request(javax.servlet.http.HttpServletRequest,java x.servlet.http.HttpServletResponse) throws java.lang.Exception
DEBUG [org.springframework.web.servlet.DispatcherServlet] Rendering view [org.springframework.web.servlet.view.JstlView: name 'login'; URL [/WEB-INF/jsp/login.jsp]] in DispatcherServlet with name 'mpower'
DEBUG [org.springframework.web.servlet.view.JstlView] Forwarding to resource [/WEB-INF/jsp/login.jsp] in InternalResourceView 'login'
DEBUG [org.springframework.web.servlet.DispatcherServlet] Successfully completed request
DEBUG [org.springframework.beans.factory.support.DefaultL istableBeanFactory] Returning cached instance of singleton bean 'org.apache.cxf.bus.spring.BusApplicationListener'
DEBUG [org.springframework.security.web.access.ExceptionT ranslationFilter] Chain processed normally
DEBUG [org.springframework.security.web.context.HttpSessi onContextIntegrationFilter] SecurityContextHolder now cleared, as request processing completed

Thanks

Thread: Authentication not happening

Thread Tools

Display

Authentication not happening

Posting Permissions