Announcement Announcement Module
Collapse
No announcement yet.
Aspect not woven when using Spring MVC + Spring Security Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Aspect not woven when using Spring MVC + Spring Security

    Hi all,

    I've some problems to make Spring MVC + Spring AOP work together.

    When i'm running tests aop works fine but doesn't on Tomcat/Jboss server.

    My aop config is declared in the applicationContext.xml, aop classes (@Aspect + @Component) are in the com.company.fmk.framework package.

    applicationContext.xml :
    Code:
        <import resource="applicationContext-infrastructure.xml"/>
        <import resource="applicationContext-security.xml"/>
    
        <context:component-scan base-package="com.company.fmk.framework, com.company.fmk.repository,
        com.company.fmk.security, com.company.fmk.service" />
    
        <aop:aspectj-autoproxy />
    applicationContext-security.xml (irrelevant ?) :
    Code:
    	<security:http pattern="/static/**" security="none" />
    
    	<security:http use-expressions="true" auto-config="false" entry-point-ref="linkForbiddenEntryPoint">
    		<security:intercept-url pattern="/authError.html" access="permitAll"/>
    		<security:intercept-url pattern="/**" access="hasAnyRole('ROLE_USER','ROLE_ADMIN')" />
    		<security:custom-filter position="PRE_AUTH_FILTER" ref="preAuthFilter" />
    		<security:logout invalidate-session="true" logout-url="/logout" />
    	</security:http>
    
    	<bean id="preAuthenticationProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
    		<property name="preAuthenticatedUserDetailsService" ref="userAuthenticationService" />
    	</bean>
    
    	<bean id="preAuthFilter" class="com.sopragroup.fmk.security.RequestAuthenticationFilter">
    		<property name="authenticationManager" ref="authenticationManager" />
    	</bean>
    
    	<security:authentication-manager alias="authenticationManager">
    		<security:authentication-provider ref="preAuthenticationProvider" />
    	</security:authentication-manager>
    dispatcher-servlet.xml :
    Code:
     
        <context:component-scan base-package="com.company.fmk.web"/>
        <mvc:default-servlet-handler/>
        <mvc:annotation-driven />
    ...
    some thymeleaf conf
     ...
    web.xml :

    Code:
        <context-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>classpath:META-INF/spring/applicationContext.xml</param-value>
        </context-param>
    
        <listener>
            <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
        </listener>
        <listener>
            <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
        </listener>
        <listener>
            <listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
        </listener>
    
        <servlet>
            <servlet-name>dispatcher</servlet-name>
            <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
            <load-on-startup>1</load-on-startup>
        </servlet>
        <servlet-mapping>
            <servlet-name>dispatcher</servlet-name>
            <url-pattern>/</url-pattern>
        </servlet-mapping>
    
        <filter>
            <filter-name>springSecurityFilterChain</filter-name>
            <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
        </filter>
        <filter-mapping>
            <filter-name>springSecurityFilterChain</filter-name>
            <url-pattern>/*</url-pattern>
        </filter-mapping>
    I can't understand what i'm doing wrong, i've read 10 post about Spring mvc + Spring aop problems but i was unable to find a suitable solution.

    I would greatly appreciate if someone could help me.

    Thanks for any suggestions.

  • #2
    And what doesn't work? Just stating it doesn't work isn't very precise... What did you expect to happen that doesn't happen.

    Comment


    • #3
      Thanks for your answer, i'll try to make it clear despite of my terrible english.

      Actually, i have two aspects for now, one for login users actions on service layer and one for translating exceptions.

      Both aspects works fine when i'm running JUnit tests (no displatcher-servlet or security) but when i deploy the application, i'm no longer abble to intercept these methods.

      I was expecting that my aspects were added to the service layer methods like in the tests environnement.

      Comment

      Working...
      X