Announcement Announcement Module
Collapse
No announcement yet.
nullpointer with @Autowired AuthenticationManager Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • nullpointer with @Autowired AuthenticationManager

    This is making me crazy - am trying to integrate a custom Auth bean and i am getting this a null pointer error when i reference my autowired auth manager.



    my bean
    Code:
    /*
     * To change this template, choose Tools | Templates
     * and open the template in the editor.
     */
    package com.security;
    
    import java.io.IOException;
    import javax.annotation.ManagedBean;
    import javax.annotation.Resource;
    import javax.enterprise.context.RequestScoped;
    import javax.faces.application.FacesMessage;
    import javax.faces.context.ExternalContext;
    import javax.faces.context.FacesContext;
    import javax.inject.Inject;
    import javax.inject.Named;
    import org.springframework.beans.factory.annotation.Qualifier;
    import javax.servlet.ServletException;
    import javax.servlet.http.HttpServletRequest;
    import javax.servlet.http.HttpServletResponse;
    import javax.servlet.http.HttpSession;
    import javax.validation.constraints.Size;
    import org.springframework.beans.factory.annotation.Autowired;
    import org.springframework.security.authentication.AuthenticationManager;
    import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
    import org.springframework.security.core.Authentication;
    import org.springframework.security.core.AuthenticationException;
    import org.springframework.security.core.context.SecurityContextHolder;
    
    import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
    import org.springframework.security.web.savedrequest.SavedRequest;
    import org.springframework.stereotype.Component;
    
    
    @RequestScoped
    @Component
    @Named
    public class AuthenticationBean {
        @Autowired
        @Qualifier("authenticationManager")
        protected AuthenticationManager authenticationManager ;
        
        @Size(min =1, message = "Username cannot be empty")
        private String username;
        
        @Size(min =1, message = "password cannot be empty")
        private String password;
        
        public AuthenticationBean(){}
        
        
        public String login() throws IOException, ServletException{
            try{
                Authentication request = new UsernamePasswordAuthenticationToken(this.username, this.password);            
                Authentication result = authenticationManager.authenticate(request);
                SecurityContextHolder.getContext().setAuthentication(result);
            } catch(AuthenticationException e) {
                FacesContext.getCurrentInstance().addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR, e.getMessage(), e.getMessage()));
                return null;
            }
            
            HttpServletRequest request = (HttpServletRequest)FacesContext.getCurrentInstance().getExternalContext().getRequest();
            HttpServletResponse  response = (HttpServletResponse )FacesContext.getCurrentInstance().getExternalContext().getResponse();
            HttpSession session = request.getSession(false);        
            SavedRequest savedRequest = new HttpSessionRequestCache().getRequest(request, response);
            ExternalContext context = FacesContext.getCurrentInstance().getExternalContext();
            //DefaultSavedRequest defaultSavedReqest = (DefaultSavedRequest) context.getSessionMap().get(savedRequest);        
            context.redirect(savedRequest.getRedirectUrl());        
            FacesContext.getCurrentInstance().responseComplete();
            return null;        
        }
        
        
        
        
        
        
    
        public String getUsername() {
            return username;
        }
    
        public void setUsername(String username) {
            this.username = username;
        }
    
        public String getPassword() {
            return password;
        }
    
        public void setPassword(String password) {
            this.password = password;
        } 
        
        
    }

    my app context:
    Code:
    
    
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <beans xmlns="http://www.springframework.org/schema/beans"
      xmlns:security="http://www.springframework.org/schema/security"
      xmlns:context="http://www.springframework.org/schema/context" 
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:schemaLocation="http://www.springframework.org/schema/beans
              http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
              http://www.springframework.org/schema/context 
              http://www.springframework.org/schema/context/spring-context-3.1.xsd
              http://www.springframework.org/schema/security
              http://www.springframework.org/schema/security/spring-security-3.1.xsd">
    
    
    
    
        <security:http pattern="/resources/**" security="none" />
        
        
        <context:component-scan base-package="com.security, org.springframework.security" />
        <context:annotation-config/>
    
    
        <security:http use-expressions="true" access-denied-page="/errors/accessDenied.xhtml">
            <security:form-login login-page="/login.xhtml" default-target-url="/" />
            <security:intercept-url pattern="/admin/**" access="hasRole('ROLE_ADMIN')" />     
            <security:intercept-url pattern="/errors/**" access="permitAll" />
            <security:logout logout-url="/index.xhtml" invalidate-session="true" />
        </security:http>
    
    
        <security:global-method-security secured-annotations="enabled" jsr250-annotations="enabled" />
    
    
    
    
        <security:authentication-manager alias="authenticationManager">
            <security:authentication-provider>
                <security:user-service>
                    <security:user name="admin" password="admin" authorities="ROLE_ADMIN" />
                    <security:user name="user" password="user" authorities="ROLE_USER" />
                </security:user-service>
            </security:authentication-provider>
        </security:authentication-manager>

    The bean must see AM in my context because if i change the alias of the AuthenticationManager in my context the app wont compile. pls advise....

  • #2
    And what is this bean exactly? Spring, JSF, CDI?! You have so many annotations on your bean it is hard to tell. If it is CDI or JSF your Spring annotations are basically useless if it is a spring bean (which I doubt) you would get an exception.

    Judging by your annotations I suggest a read of the JSF part of the reference guide.

    Comment


    • #3
      I am using JSF2 my beans are using CDI (@Named)

      I have a working version that is not using Autowired, but i would like to eventually be able to use the autowired feature.

      Comment

      Working...
      X