Announcement Announcement Module
Collapse
No announcement yet.
Custom AuthenticationProvider hit only once Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Custom AuthenticationProvider hit only once

    Hi.
    I have a strange problem with custom AuthenticationProvider. So I created one and when I log for the first time it hits public Authentication authenticate. But if I will pass wrong username/password it will print and error and then if I try once again with proper username/password it doesn't hit authenticate.

    Here are my codes:
    security-context.xml
    Code:
        <http auto-config="true">
            <intercept-url pattern="/css/**" filters="none"/>
            <intercept-url pattern="/images/**" filters="none"/>
            <intercept-url pattern="/zul/login.zul*" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
            <intercept-url pattern="/zul/**" access="ROLE_USER"/>
    
            <form-login login-page="/zul/login.zul" default-target-url="/zul/test.zul"
                        authentication-failure-url="/zul/login.zul?login_error=1"/>
        </http>
    
        <beans:bean id="logProvider" class="LoginProvider"/>
    
        <authentication-manager>
            <authentication-provider ref="logProvider"/>
        </authentication-manager>
    authentication-provider - I can see in second time that I don't get red part printed
    Code:
    public class LoginProvider implements AuthenticationProvider {
    
        @Autowired
        private ServiceClient client;
    
        @Override
        public Authentication authenticate(Authentication authentication) throws AuthenticationException {
            System.out.println("test");
    
            String principal = (String) authentication.getPrincipal();
            String password = (String) authentication.getCredentials();
    
            AnagUser user = client.getUser(principal, password);
            Collection<GrantedAuthority> grantedAuthorities = new HashSet<GrantedAuthority>();
    
            if (user != null) {
               .....
            } else {
                throw new BadCredentialsException("Username/Password does not match for " + principal);
            }
    
            return new UsernamePasswordAuthenticationToken(user,
                    password,
                    grantedAuthorities);
    
        }
    
        @Override
        public boolean supports(Class<? extends Object> authentication) {
            return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));
        }
    }
    I'm autowiring a web service client in authentication-provider so here is bean:
    Code:
    <bean id="client" class="ServiceClient"
              factory-bean="clientFactory" factory-method="create"/>
    
        <bean id="clientFactory" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean">
            <property name="serviceClass"
                      value="ServiceClient"/>
            <property name="address" value="http://address?wsdl"/>
        </bean>
    I cannot find what am I doing wrong :/


    EDIT:
    Of course it can't work because of:
    Code:
    <intercept-url pattern="/zul/login.zul*" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
    <intercept-url pattern="/zul/**" access="ROLE_USER"/>
    For the second time it cannot access some parts of login.zul needed for authentication because of /zul/**
    Last edited by galgavu; Nov 25th, 2011, 11:13 AM.
Working...
X