Spring Security 2.0.4 with spring 2.5 and Crowd 2.0.7

**shibani** · Sep 14th, 2010, 03:23 AM

Hi,

I am using Spring Security 2.0.4 with spring 2.5 and Crowd 2.0.7 for authentication. I have followed the URL http://confluence.atlassian.com/disp...pring+Security for all the configurations.

My applicationContext-security.xml configuration is as below

Code:

<http auto-config="false" >
		<intercept-url pattern='/login.htm*' filters='none' />
		<intercept-url pattern='/component.htm*' filters='none' />
		<intercept-url pattern='/superPackage.htm*' access='ROLE_USER' />
		<form-login login-page='/login.htm' />
		<anonymous granted-authority="" key="" username=""/>
	</http>

	<authentication-provider user-service-ref="crowdUserDetailsService"></authentication-provider>
	<beans:bean id="crowdUserDetailsService"
		class="com.atlassian.crowd.integration.springsecurity.user.CrowdUserDetailsServiceImpl">
		<beans:property name="authenticationManager" ref="crowdAuthenticationManager" />
		<beans:property name="groupMembershipManager" ref="crowdGroupMembershipManager" />
		<beans:property name="userManager" ref="crowdUserManager" />
		<beans:property name="authorityPrefix" value="ROLE_" />
	</beans:bean>
	<beans:bean id="crowdAuthenticationProvider"
		class="com.atlassian.crowd.integration.springsecurity.RemoteCrowdAuthenticationProvider">
		<custom-authentication-provider />
		<beans:constructor-arg ref="crowdAuthenticationManager" />
		<beans:constructor-arg ref="httpAuthenticator" />
		<beans:constructor-arg ref="crowdUserDetailsService" />
	</beans:bean>

I am able to secure the url /superPackage.htm* and when I hit this URL i am redirected back to login.htm; which is fine.

But when I give the credentials which are configured in Crowd it does not take me to the /superPackage.htm* page rather it stays back in the same page.

I have set auto-config="false" as otherwise it tries to ask Crowd to get the password for the user and throws Exception("Not giving you password")

auto-config="false" does not throw any exception; but i have enabled the logs for them log4j.logger.org.springframework.security=DEBUG; so in my log I am getting the below exceptions log

Note: All the below replies from shibani are part of one post; seggregated into multiple as it was not allowing for more number of lines.

**shibani** · Sep 14th, 2010, 03:26 AM

2010-09-14 13:50:24,833 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:205] - Converted URL to lowercase, from: '/login.htm'; to: '/login.htm'
2010-09-14 13:50:24,833 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:212] - Candidate is: '/login.htm'; pattern is /login.htm*; matched=true
2010-09-14 13:50:24,833 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:165] - has an empty filter list
2010-09-14 13:50:24,833 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][com.pearson.conanweb.web.LoginController.createCom mand:362] - Creating new command of class [com.pearson.conanweb.domain.Login]
2010-09-14 13:50:24,833 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][com.pearson.conanweb.web.LoginController.processFo rmSubmission:266] - No errors -> processing submit
2010-09-14 13:50:24,833 INFO [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][com.pearson.conanweb.web.LoginController.onSubmit: 32] - Validated users... Login successful
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:205] - Converted URL to lowercase, from: '/superpackage.htm'; to: '/superpackage.htm'
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:212] - Candidate is: '/superpackage.htm'; pattern is /login.htm*; matched=false
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:205] - Converted URL to lowercase, from: '/superpackage.htm'; to: '/superpackage.htm'
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:212] - Candidate is: '/superpackage.htm'; pattern is /component.htm*; matched=false
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:205] - Converted URL to lowercase, from: '/superpackage.htm'; to: '/superpackage.htm'
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:212] - Candidate is: '/superpackage.htm'; pattern is /**; matched=true
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /superPackage.htm at position 1 of 7 in additional filter chain; firing Filter: 'org.springframework.security.context.HttpSessionC ontextIntegrationFilter[ order=200; ]'
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.context.HttpSessionCo ntextIntegrationFilter.readSecurityContextFromSess ion:286] - HttpSession returned null object for SPRING_SECURITY_CONTEXT
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.context.HttpSessionCo ntextIntegrationFilter.doFilterHttp:209] - New SecurityContext instance will be associated with SecurityContextHolder
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /superPackage.htm at position 2 of 7 in additional filter chain; firing Filter: 'org.springframework.security.ui.webapp.Authentica tionProcessingFilter[ order=700; ]'
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /superPackage.htm at position 3 of 7 in additional filter chain; firing Filter: 'org.springframework.security.wrapper.SecurityCont extHolderAwareRequestFilter[ order=1100; ]'
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.ui.savedrequest.Saved Request.propertyEquals:314] - pathInfo: both null (property equals)
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.ui.savedrequest.Saved Request.propertyEquals:314] - queryString: both null (property equals)
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.ui.savedrequest.Saved Request.propertyEquals:330] - requestURI: arg1=/conan-web-0.0.2-SNAPSHOT/superPackage.htm; arg2=/conan-web-0.0.2-SNAPSHOT/superPackage.htm (property equals)
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.ui.savedrequest.Saved Request.propertyEquals:330] - serverPort: arg1=7001; arg2=7001 (property equals)
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.ui.savedrequest.Saved Request.propertyEquals:330] - requestURL: arg1=http://172.21.74.110:7001/conan-web-0.0.2-SNAPSHOT/superPackage.htm; arg2=http://172.21.74.110:7001/conan-web-0.0.2-SNAPSHOT/superPackage.htm (property equals)
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.ui.savedrequest.Saved Request.propertyEquals:330] - scheme: arg1=http; arg2=http (property equals)
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.ui.savedrequest.Saved Request.propertyEquals:330] - serverName: arg1=172.21.74.110; arg2=172.21.74.110 (property equals)
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.ui.savedrequest.Saved Request.propertyEquals:330] - contextPath: arg1=/conan-web-0.0.2-SNAPSHOT; arg2=/conan-web-0.0.2-SNAPSHOT (property equals)
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.ui.savedrequest.Saved Request.propertyEquals:330] - servletPath: arg1=/superPackage.htm; arg2=/superPackage.htm (property equals)
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.wrapper.SavedRequestA wareWrapper.<init>:102] - Wrapper replaced; SavedRequest was: SavedRequest[http://172.21.74.110:7001/conan-web-...erPackage.htm]
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /superPackage.htm at position 4 of 7 in additional filter chain; firing Filter: 'org.springframework.security.providers.anonymous. AnonymousProcessingFilter[ order=1300; ]'
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.providers.anonymous.A nonymousProcessingFilter.doFilterHttp:93] - Populated SecurityContextHolder with anonymous token:

**shibani** · Sep 14th, 2010, 03:26 AM

'org.springframework.security.providers.anonymous. AnonymousAuthenticationToken@69ee86bb: Principal: roleAnonymous; Password: [PROTECTED]; Authenticated: true; Details: org.springframework.security.ui.WebAuthenticationD etails@21a2c: RemoteIpAddress: 172.21.74.13; SessionId: q0LDMPqGbnBvZhSzVqGY8PGqmfh2tvl51xBTnQY4vqhqP1hKGJ CS!-722554646!1284450884551; Granted Authorities: ROLE_ANONYMOUS'
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /superPackage.htm at position 5 of 7 in additional filter chain; firing Filter: 'org.springframework.security.ui.ExceptionTranslat ionFilter[ order=1400; ]'
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /superPackage.htm at position 6 of 7 in additional filter chain; firing Filter: 'org.springframework.security.ui.SessionFixationPr otectionFilter[ order=1600; ]'
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /superPackage.htm at position 7 of 7 in additional filter chain; firing Filter: 'org.springframework.security.intercept.web.Filter SecurityInterceptor@54ec84'
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.intercept.web.Default FilterInvocationDefinitionSource.lookupAttributes: 196] - Converted URL to lowercase, from: '/superpackage.htm'; to: '/superpackage.htm'
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.intercept.web.Default FilterInvocationDefinitionSource.lookupUrlInMap:22 4] - Candidate is: '/superpackage.htm'; pattern is /superpackage.htm*; matched=true
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.intercept.AbstractSec urityInterceptor.beforeInvocation:250] - Secure object: FilterInvocation: URL: /superPackage.htm; ConfigAttributes: [ROLE_USER]
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.intercept.AbstractSec urityInterceptor.authenticateIfRequired:313] - Previously Authenticated: org.springframework.security.providers.anonymous.A nonymousAuthenticationToken@69ee86bb: Principal: roleAnonymous; Password: [PROTECTED]; Authenticated: true; Details: org.springframework.security.ui.WebAuthenticationD etails@21a2c: RemoteIpAddress: 172.21.74.13; SessionId: q0LDMPqGbnBvZhSzVqGY8PGqmfh2tvl51xBTnQY4vqhqP1hKGJ CS!-722554646!1284450884551; Granted Authorities: ROLE_ANONYMOUS
2010-09-14 13:50:24,848 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.ui.ExceptionTranslati onFilter.handleException:158] - Access is denied (user is anonymous); redirecting to authentication entry point

**shibani** · Sep 14th, 2010, 03:27 AM

org.springframework.security.AccessDeniedException : Access is denied
at org.springframework.security.vote.AffirmativeBased .decide(AffirmativeBased.java:68)
at org.springframework.security.intercept.AbstractSec urityInterceptor.beforeInvocation(AbstractSecurity Interceptor.java:262)
at org.springframework.security.intercept.web.FilterS ecurityInterceptor.invoke(FilterSecurityIntercepto r.java:106)
at org.springframework.security.intercept.web.FilterS ecurityInterceptor.doFilter(FilterSecurityIntercep tor.java:83)
at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
at org.springframework.security.ui.SessionFixationPro tectionFilter.doFilterHttp(SessionFixationProtecti onFilter.java:67)
at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
at org.springframework.security.ui.ExceptionTranslati onFilter.doFilterHttp(ExceptionTranslationFilter.j ava:101)
at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
at org.springframework.security.providers.anonymous.A nonymousProcessingFilter.doFilterHttp(AnonymousPro cessingFilter.java:105)
at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
at org.springframework.security.wrapper.SecurityConte xtHolderAwareRequestFilter.doFilterHttp(SecurityCo ntextHolderAwareRequestFilter.java:91)
at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
at org.springframework.security.ui.AbstractProcessing Filter.doFilterHttp(AbstractProcessingFilter.java: 277)
at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
at org.springframework.security.context.HttpSessionCo ntextIntegrationFilter.doFilterHttp(HttpSessionCon textIntegrationFilter.java:235)
at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
at org.springframework.security.util.FilterChainProxy .doFilter(FilterChainProxy.java:175)
at org.springframework.web.filter.DelegatingFilterPro xy.invokeDelegate(DelegatingFilterProxy.java:183)
at org.springframework.web.filter.DelegatingFilterPro xy.doFilter(DelegatingFilterProxy.java:138)
at weblogic.servlet.internal.FilterChainImpl.doFilter (FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$Ser vletInvocationAction.doIt(WebAppServletContext.jav a:3684)
at weblogic.servlet.internal.WebAppServletContext$Ser vletInvocationAction.run(WebAppServletContext.java :3650)
at weblogic.security.acl.internal.AuthenticatedSubjec t.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Se curityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.sec uredExecute(WebAppServletContext.java:2268)
at weblogic.servlet.internal.WebAppServletContext.exe cute(WebAppServletContext.java:2174)
at weblogic.servlet.internal.ServletRequestImpl.run(S ervletRequestImpl.java:1446)
at weblogic.work.ExecuteThread.execute(ExecuteThread. java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java :173)

**shibani** · Sep 14th, 2010, 03:27 AM

2010-09-14 13:50:24,864 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.ui.ExceptionTranslati onFilter.sendStartAuthentication:200] - Authentication entry point being called; SavedRequest added to Session: SavedRequest[http://172.21.74.110:7001/conan-web-...erPackage.htm]
2010-09-14 13:50:24,864 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.context.HttpSessionCo ntextIntegrationFilter.doFilterHttp:255] - SecurityContextHolder now cleared, as request processing completed
2010-09-14 13:50:24,864 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:205] - Converted URL to lowercase, from: '/login.htm'; to: '/login.htm'
2010-09-14 13:50:24,864 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:212] - Candidate is: '/login.htm'; pattern is /login.htm*; matched=true
2010-09-14 13:50:24,864 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:165] - has an empty filter list
2010-09-14 13:50:24,864 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][com.pearson.conanweb.web.LoginController.showNewFo rm:337] - Displaying new form
2010-09-14 13:50:24,864 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][com.pearson.conanweb.web.LoginController.createCom mand:362] - Creating new command of class [com.pearson.conanweb.domain.Login]
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:205] - Converted URL to lowercase, from: '/css/portlet-specifics.css'; to: '/css/portlet-specifics.css'
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:212] - Candidate is: '/css/portlet-specifics.css'; pattern is /login.htm*; matched=false
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:205] - Converted URL to lowercase, from: '/css/portlet-specifics.css'; to: '/css/portlet-specifics.css'
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:212] - Candidate is: '/css/portlet-specifics.css'; pattern is /component.htm*; matched=false
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:205] - Converted URL to lowercase, from: '/css/portlet-specifics.css'; to: '/css/portlet-specifics.css'
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:212] - Candidate is: '/css/portlet-specifics.css'; pattern is /**; matched=true
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /css/portlet-specifics.css at position 1 of 7 in additional filter chain; firing Filter: 'org.springframework.security.context.HttpSessionC ontextIntegrationFilter[ order=200; ]'
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.context.HttpSessionCo ntextIntegrationFilter.readSecurityContextFromSess ion:286] - HttpSession returned null object for SPRING_SECURITY_CONTEXT
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.context.HttpSessionCo ntextIntegrationFilter.doFilterHttp:209] - New SecurityContext instance will be associated with SecurityContextHolder
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /css/portlet-specifics.css at position 2 of 7 in additional filter chain; firing Filter: 'org.springframework.security.ui.webapp.Authentica tionProcessingFilter[ order=700; ]'
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /css/portlet-specifics.css at position 3 of 7 in additional filter chain; firing Filter: 'org.springframework.security.wrapper.SecurityCont extHolderAwareRequestFilter[ order=1100; ]'
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.ui.savedrequest.Saved Request.propertyEquals:314] - pathInfo: both null (property equals)
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.ui.savedrequest.Saved Request.propertyEquals:314] - queryString: both null (property equals)
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.ui.savedrequest.Saved Request.propertyEquals:336] - requestURI: arg1=/conan-web-0.0.2-SNAPSHOT/superPackage.htm; arg2=/conan-web-0.0.2-SNAPSHOT/css/portlet-specifics.css (property not equals)
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.wrapper.SavedRequestA wareWrapper.<init>:117] - Wrapper not replaced; SavedRequest was: SavedRequest[http://172.21.74.110:7001/conan-web-...erPackage.htm]
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /css/portlet-specifics.css at position 4 of 7 in additional filter chain; firing Filter: 'org.springframework.security.providers.anonymous. AnonymousProcessingFilter[ order=1300; ]'
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.providers.anonymous.A nonymousProcessingFilter.doFilterHttp:93] - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.providers.anonymous. AnonymousAuthenticationToken@69ee86bb: Principal: roleAnonymous; Password: [PROTECTED]; Authenticated: true; Details: org.springframework.security.ui.WebAuthenticationD etails@21a2c: RemoteIpAddress: 172.21.74.13; SessionId: q0LDMPqGbnBvZhSzVqGY8PGqmfh2tvl51xBTnQY4vqhqP1hKGJ CS!-722554646!1284450884551; Granted Authorities: ROLE_ANONYMOUS'
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /css/portlet-specifics.css at position 5 of 7 in additional filter chain; firing Filter: 'org.springframework.security.ui.ExceptionTranslat ionFilter[ order=1400; ]'
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /css/portlet-specifics.css at position 6 of 7 in additional filter chain; firing Filter: 'org.springframework.security.ui.SessionFixationPr otectionFilter[ order=1600; ]'
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /css/portlet-specifics.css at position 7 of 7 in additional filter chain; firing Filter: 'org.springframework.security.intercept.web.Filter SecurityInterceptor@54ec84'
2010-09-14 13:50:24,880 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.intercept.web.Default FilterInvocationDefinitionSource.lookupAttributes: 196] - Converted URL to lowercase, from: '/css/portlet-specifics.css'; to: '/css/portlet-specifics.css'
2010-09-14 13:50:24,895 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.intercept.web.Default FilterInvocationDefinitionSource.lookupUrlInMap:22 4] - Candidate is: '/css/portlet-specifics.css'; pattern is /superpackage.htm*; matched=false
2010-09-14 13:50:24,895 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.intercept.AbstractSec urityInterceptor.beforeInvocation:241] - Public object - authentication not attempted
2010-09-14 13:50:24,895 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:374] - /css/portlet-specifics.css reached end of additional filter chain; proceeding with original chain
2010-09-14 13:50:24,895 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.ui.ExceptionTranslati onFilter.doFilterHttp:104] - Chain processed normally
2010-09-14 13:50:24,895 DEBUG [[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.context.HttpSessionCo ntextIntegrationFilter.doFilterHttp:255] - SecurityContextHolder now cleared, as request processing completed

**shibani** · Sep 14th, 2010, 03:29 AM

In crowd I have

a Directory named ConanDir,
a group named ConGroup,
a role named ROLE_USER and
a User named shibacon

all of them are mapped as required.

I am not able to figure out the problem Please help me...
I am doubting on this part <intercept-url pattern='/superPackage.htm*' access='ROLE_USER' />. Does this role has nothing to do with the crowd created role? If no, how is this mapped with crowd user role?

Any suggestions would help a lot...

Sorry, for breaking the same post into multiples, as it was not allowing for long posts...

**shibani** · Sep 14th, 2010, 04:04 AM

Any Quick replies guys?

**shibani** · Sep 14th, 2010, 04:12 AM

Now I have commented the anonymous one and getting the below exception log

My applicationContext-security.xml configuration is as below

Code:

<http auto-config="false" >
		<intercept-url pattern='/login.htm*' filters='none' />
		<intercept-url pattern='/component.htm*' filters='none' />
		<intercept-url pattern='/superPackage.htm*' access='ROLE_USER' />
		<form-login login-page='/login.htm' />
		<!--	<anonymous granted-authority="" key="" username=""/>-->
	</http>

	<authentication-provider user-service-ref="crowdUserDetailsService"></authentication-provider>
	<beans:bean id="crowdUserDetailsService"
		class="com.atlassian.crowd.integration.springsecurity.user.CrowdUserDetailsServiceImpl">
		<beans:property name="authenticationManager" ref="crowdAuthenticationManager" />
		<beans:property name="groupMembershipManager" ref="crowdGroupMembershipManager" />
		<beans:property name="userManager" ref="crowdUserManager" />
		<beans:property name="authorityPrefix" value="ROLE_" />
	</beans:bean>
	<beans:bean id="crowdAuthenticationProvider"
		class="com.atlassian.crowd.integration.springsecurity.RemoteCrowdAuthenticationProvider">
		<custom-authentication-provider />
		<beans:constructor-arg ref="crowdAuthenticationManager" />
		<beans:constructor-arg ref="httpAuthenticator" />
		<beans:constructor-arg ref="crowdUserDetailsService" />
	</beans:bean>

**shibani** · Sep 14th, 2010, 04:12 AM

2010-09-14 14:42:02,801 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:205] - Converted URL to lowercase, from: '/login.htm'; to: '/login.htm'
2010-09-14 14:42:02,801 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:212] - Candidate is: '/login.htm'; pattern is /login.htm*; matched=true
2010-09-14 14:42:02,801 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:165] - has an empty filter list
2010-09-14 14:42:02,817 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][com.pearson.conanweb.web.LoginController.createCom mand:362] - Creating new command of class [com.pearson.conanweb.domain.Login]
2010-09-14 14:42:02,817 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][com.pearson.conanweb.web.LoginController.processFo rmSubmission:266] - No errors -> processing submit
2010-09-14 14:42:02,817 INFO [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][com.pearson.conanweb.web.LoginController.onSubmit: 32] - Validated users... Login successful
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:205] - Converted URL to lowercase, from: '/superpackage.htm'; to: '/superpackage.htm'
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:212] - Candidate is: '/superpackage.htm'; pattern is /login.htm*; matched=false
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:205] - Converted URL to lowercase, from: '/superpackage.htm'; to: '/superpackage.htm'
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:212] - Candidate is: '/superpackage.htm'; pattern is /component.htm*; matched=false
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:205] - Converted URL to lowercase, from: '/superpackage.htm'; to: '/superpackage.htm'
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .getFilters:212] - Candidate is: '/superpackage.htm'; pattern is /**; matched=true
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /superPackage.htm at position 1 of 6 in additional filter chain; firing Filter: 'org.springframework.security.context.HttpSessionC ontextIntegrationFilter[ order=200; ]'
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.context.HttpSessionCo ntextIntegrationFilter.readSecurityContextFromSess ion:286] - HttpSession returned null object for SPRING_SECURITY_CONTEXT
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.context.HttpSessionCo ntextIntegrationFilter.doFilterHttp:209] - New SecurityContext instance will be associated with SecurityContextHolder
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /superPackage.htm at position 2 of 6 in additional filter chain; firing Filter: 'org.springframework.security.ui.webapp.Authentica tionProcessingFilter[ order=700; ]'
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /superPackage.htm at position 3 of 6 in additional filter chain; firing Filter: 'org.springframework.security.wrapper.SecurityCont extHolderAwareRequestFilter[ order=1100; ]'
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.wrapper.SavedRequestA wareWrapper.<init>:117] - Wrapper not replaced; SavedRequest was: null
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /superPackage.htm at position 4 of 6 in additional filter chain; firing Filter: 'org.springframework.security.ui.ExceptionTranslat ionFilter[ order=1400; ]'
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /superPackage.htm at position 5 of 6 in additional filter chain; firing Filter: 'org.springframework.security.ui.SessionFixationPr otectionFilter[ order=1600; ]'
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.util.FilterChainProxy .doFilter:385] - /superPackage.htm at position 6 of 6 in additional filter chain; firing Filter: 'org.springframework.security.intercept.web.Filter SecurityInterceptor@13e0146'
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.intercept.web.Default FilterInvocationDefinitionSource.lookupAttributes: 196] - Converted URL to lowercase, from: '/superpackage.htm'; to: '/superpackage.htm'
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.intercept.web.Default FilterInvocationDefinitionSource.lookupUrlInMap:22 4] - Candidate is: '/superpackage.htm'; pattern is /superpackage.htm*; matched=true
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.intercept.AbstractSec urityInterceptor.beforeInvocation:250] - Secure object: FilterInvocation: URL: /superPackage.htm; ConfigAttributes: [ROLE_USER]
2010-09-14 14:42:02,833 DEBUG [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'][org.springframework.security.ui.ExceptionTranslati onFilter.handleException:150] - Authentication exception occurred; redirecting to authentication entry point

**shibani** · Sep 14th, 2010, 04:13 AM

org.springframework.security.AuthenticationCredent ialsNotFoundException: An Authentication object was not found in the SecurityContext
at org.springframework.security.intercept.AbstractSec urityInterceptor.credentialsNotFound(AbstractSecur ityInterceptor.java:342)
at org.springframework.security.intercept.AbstractSec urityInterceptor.beforeInvocation(AbstractSecurity Interceptor.java:254)
at org.springframework.security.intercept.web.FilterS ecurityInterceptor.invoke(FilterSecurityIntercepto r.java:106)
at org.springframework.security.intercept.web.FilterS ecurityInterceptor.doFilter(FilterSecurityIntercep tor.java:83)
at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
at org.springframework.security.ui.SessionFixationPro tectionFilter.doFilterHttp(SessionFixationProtecti onFilter.java:67)
at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
at org.springframework.security.ui.ExceptionTranslati onFilter.doFilterHttp(ExceptionTranslationFilter.j ava:101)
at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
at org.springframework.security.wrapper.SecurityConte xtHolderAwareRequestFilter.doFilterHttp(SecurityCo ntextHolderAwareRequestFilter.java:91)
at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
at org.springframework.security.ui.AbstractProcessing Filter.doFilterHttp(AbstractProcessingFilter.java: 277)
at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
at org.springframework.security.context.HttpSessionCo ntextIntegrationFilter.doFilterHttp(HttpSessionCon textIntegrationFilter.java:235)
at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
at org.springframework.security.util.FilterChainProxy .doFilter(FilterChainProxy.java:175)
at org.springframework.web.filter.DelegatingFilterPro xy.invokeDelegate(DelegatingFilterProxy.java:183)
at org.springframework.web.filter.DelegatingFilterPro xy.doFilter(DelegatingFilterProxy.java:138)
at weblogic.servlet.internal.FilterChainImpl.doFilter (FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$Ser vletInvocationAction.doIt(WebAppServletContext.jav a:3684)
at weblogic.servlet.internal.WebAppServletContext$Ser vletInvocationAction.run(WebAppServletContext.java :3650)
at weblogic.security.acl.internal.AuthenticatedSubjec t.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Se curityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.sec uredExecute(WebAppServletContext.java:2268)
at weblogic.servlet.internal.WebAppServletContext.exe cute(WebAppServletContext.java:2174)
at weblogic.servlet.internal.ServletRequestImpl.run(S ervletRequestImpl.java:1446)
at weblogic.work.ExecuteThread.execute(ExecuteThread. java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java :173)

Thread: Spring Security 2.0.4 with spring 2.5 and Crowd 2.0.7

Thread Tools

Display

Spring Security 2.0.4 with spring 2.5 and Crowd 2.0.7

Posting Permissions