Announcement Announcement Module
Collapse
No announcement yet.
How to link my custom authentication manager Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to link my custom authentication manager

    Hi,

    I'm currently developping a webapp with spring security 3.1 and hibernate jpa-2.0

    Before I deal with hibernate in the authentication process, I tried with in-memory configuration like that

    Code:
    <!-- 	<authentication-manager alias="authenticationManager"> -->
    <!-- 		<authentication-provider> -->
    <!-- 		<user-service> -->
    <!-- 			<user authorities="ROLE_USER" name="user" password="user"/> -->
    <!-- 			<user authorities="ROLE_ADMIN" name="admin" password="admin"/> -->
    <!-- 			<user authorities="ROLE_SM" name="sm" password="sm"/> -->
    <!-- 		</user-service> -->
    <!-- 		</authentication-provider> -->
    <!-- 	</authentication-manager> -->
    and it worked perfectly.

    Now I want to use what is in my DB. I followed those instructions : http://stackoverflow.com/questions/2...with-hibernate

    So I have a good "start-base".
    I have the classes : Assembler and UserDetailsService UserDetailsService use my Dao.

    in my project-security.xml I replaced the block above by
    Code:
    <beans:bean id="daoAuthenticationProvider"
               class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
      <beans:property name="userDetailsService" ref="userDetailsService"/>
    </beans:bean>
    
    <beans:bean id="authenticationManager"
        class="org.springframework.security.authentication.ProviderManager">
      <beans:property name="providers">
        <beans:list>
          <beans:ref local="daoAuthenticationProvider" />
        </beans:list>
      </beans:property>
    </beans:bean>
    
    <authentication-manager>
      <authentication-provider user-service-ref="userDetailsService"/>
    </authentication-manager>
    but at the execution I get an exception about the filterChains bean :

    Code:
    SEVERE: Context initialization failed
    org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChain#1' while setting bean property 'sourceList' with key [1]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#1': Cannot create inner bean '(inner bean)' of type [org.springframework.security.web.authentication.logout.LogoutFilter] while setting constructor argument with key [1]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#3': Cannot resolve reference to bean 'org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices#0' while setting constructor argument with key [1]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices#0': Cannot create inner bean '(inner bean)' while setting bean property 'userDetailsService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#4': Instantiation of bean failed; nested exception is org.springframework.beans.factory.BeanDefinitionStoreException: Factory method [org.springframework.security.core.userdetails.UserDetailsService org.springframework.security.config.http.UserDetailsServiceFactoryBean.cachingUserDetailsService(java.lang.String)] threw exception; nested exception is org.springframework.context.ApplicationContextException: No UserDetailsService registered.
    and I have no clues what to do with it. I didn't modify something about the filterChain or something else.

    Any ideas ?

    thanks.

  • #2
    Hi, if you'd like to use only DB, you can code something like:

    Code:
    <bean id="dataSource"
      class="org.springframework.jdbc.datasource.DriverManagerDataSource">
      <property name="driverClassName"
        value="org.apache.derby.jdbc.ClientDriver" />
      <property name="url"
        value="jdbc:derby://localhost:1527/app;create=true" />
      <property name="username" value="app" />
      <property name="password" value="app" />
    </bean>
    <authentication-manager>
      <authentication-provider>
        <jdbc-user-service data-source-ref="dataSource" />
      </authentication-provider>
    </authentication-manager>
    Review the configuration of filters in web.xml:

    Code:
    <filter>
      <filter-name>springSecurityFilterChain</filter-name>
      <filter-class>
        org.springframework.web.filter.DelegatingFilterProxy
      </filter-class>
    </filter>
    <filter-mapping>
      <filter-name>springSecurityFilterChain</filter-name>
      <url-pattern>/*</url-pattern>
    </filter-mapping>

    Comment


    • #3
      Hi,

      actually, I'm not using directly a DB, I use orm through hibernate.
      I've already found a lot of explication about how to connect a DB to the authentication-provider, but not about how to say to spring security how to deal with hibernate.

      And by the way, my filter about springSecurityFilterChain is quiet similar, but I post it anyway.

      Code:
          <filter>
              <filter-name>springSecurityFilterChain</filter-name>
              <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
          </filter>
      
          <filter-mapping>
            <filter-name>springSecurityFilterChain</filter-name>
            <url-pattern>/*</url-pattern>
            <dispatcher>REQUEST</dispatcher>
            <dispatcher>ERROR</dispatcher>
          </filter-mapping>
      Before my question goes deep like other questions about the same subject, maybe someone know something about a doc ? What I found in the spring security documentation is only about jdbc.

      Thanks !

      Comment

      Working...
      X