Announcement Announcement Module
Collapse
No announcement yet.
Security 3.1, Cusomt UserDetailsService, Able to login only once Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Security 3.1, Cusomt UserDetailsService, Able to login only once

    Hi,

    Below is my security-applicationContext.xml
    Code:
    <beans xmlns="http://www.springframework.org/schema/beans"
    	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
            xmlns:security="http://www.springframework.org/schema/security"
    	xsi:schemaLocation="http://www.springframework.org/schema/beans
                               http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
                               http://www.springframework.org/schema/security
                               http://www.springframework.org/schema/security/spring-security-3.1.xsd">
    
    <security:http pattern="/css/*" security="none" /> <security:http pattern="/common/Index.*" security="none" />
    <security:http auto-config="true">
    <!-- Restrict access to ALL other pages --> <security:intercept-url pattern="/common/**" access="ROLE_USER" />
    <!-- Set the login page and what to do if login fails -->
    <security:form-login login-page="/common/Index.xhtm"
    default-target-url="/common/Welcome.xhtm" always-use-default-target="true"
    authentication-failure-url="/common/Index.xhtm?login_error=1" />
    <security:session-management session-authentication-error-url="/common/Index.xhtm?login_error=1" session-fixation-protection="newSession" />
    <security:logout logout-success-url="/common/Index.xhtm" invalidate-session="true" />
    </security:http>
    <security:authentication-manager>
    <security:authentication-provider user-service-ref="loginService">
    <security:password-encoder hash="plaintext" />
    </security:authentication-provider>
    </security:authentication-manager>
    <bean name="loginService" class="org.springtest.auth.UserAuthService" />
    </beans>
    Custom UserDetailsService class: UserAuthService
    Code:
    public class UserAuthService implements UserDetailsService {
    	
    	@Override
    	public UserDetails loadUserByUsername(String username)
    			throws UsernameNotFoundException {
    		UserDetails user = null;
    		try {
    			System.out.println("Inside Custom Service.");
    			System.out.println("username = "+username);
    			if (username.equals("ankur")) {
    				user = new org.springframework.security.core.userdetails.User(
    						username, "ankur", getAuthorities(1));
    			} else
    				throw new Exception();
    
    		} catch (Exception ex) {
    			System.out.println("Throw Exception");
    			throw new UsernameNotFoundException("User does not exists.");
    		}
    
    		return user;
    	}
    
    	public Collection<GrantedAuthority> getAuthorities(Integer access) {
    		List<GrantedAuthority> authList = new ArrayList<GrantedAuthority>(2);
    
    		authList.add(new GrantedAuthorityImpl("ROLE_USER"));
    
    		return authList;
    	}
    }
    When i deploy the application on Tomcat 6 server using maven, I am able to login first time only. When i logged out and tried again to login it simply redirect me to default login page withour any error message.

    Please help. Thanks

  • #2
    Issue Solved !!!

    It was a very small mistake. Not in configuration and not in custom UserDetailService.

    In login jsp i had form action as below

    Code:
    <form name="f" action="<c:url value='j_spring_security_check'/>"
    There is "/" missing in url. I just added it
    Code:
    <form name="f" action="<c:url value='/j_spring_security_check'/>"
    Now its working perfect !!!

    Comment

    Working...
    X