Announcement Announcement Module
Collapse
No announcement yet.
why the 'authenticationProcessingFilterEntryPoint' can't be reached? Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • why the 'authenticationProcessingFilterEntryPoint' can't be reached?

    the index.jsp is showed instead of login.jsp defined in the 'authenticationProcessingFilterEntryPoint'. My configuration is as following:

    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
    <beans>

    <bean id="filterChainProxy"
    class="net.sf.acegisecurity.util.FilterChainProxy" >
    <property name="filterInvocationDefinitionSource">
    <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    PATTERN_TYPE_APACHE_ANT
    /**=httpSessionContextIntegrationFilter,authenticat ionProcessingFilter,remoteUserFilter,anonymousProc essingFilter,securityEnforcementFilter
    </value>
    </property>
    </bean>

    <bean id="remoteUserFilter"
    class="net.sf.acegisecurity.wrapper.ContextHolderA wareRequestFilter"/>

    <bean id="httpSessionContextIntegrationFilter"
    class="net.sf.acegisecurity.context.HttpSessionCon textIntegrationFilter">
    <property name="context">
    <value>
    net.sf.acegisecurity.context.security.SecureContex tImpl</value>
    </property>
    </bean>

    <bean id="authenticationManager"
    class="net.sf.acegisecurity.providers.ProviderMana ger">
    <property name="providers">
    <list>
    <ref local="daoAuthenticationProvider"/>
    <ref local="anonymousAuthenticationProvider"/>
    </list>
    </property>
    </bean>

    <bean id="jdbcDaoImpl"
    class="net.sf.acegisecurity.providers.dao.jdbc.Jdb cDaoImpl">
    <property name="dataSource">
    <ref bean="mysqlDataSource"/>
    </property>
    <property name="usersByUsernameQuery">
    <value>SELECT USERNAME, PASSWORD,ENABLED FROM user WHERE
    USERNAME=?</value>
    </property>
    <property name="authoritiesByUsernameQuery">
    <value> SELECT username,rolename FROM user_role ur where ur.username = ?
    </value>
    </property>
    </bean>

    <bean id="cacheManager"
    class="org.springframework.cache.ehcache.EhCacheMa nagerFactoryBean"/>

    <bean id="userCacheBackend"
    class="org.springframework.cache.ehcache.EhCacheFa ctoryBean">
    <property name="cacheManager">
    <ref local="cacheManager"/>
    </property>
    <property name="cacheName">
    <value>userCache</value>
    </property>
    </bean>

    <bean id="userCache"
    class="net.sf.acegisecurity.providers.dao.cache.Eh CacheBasedUserCache">
    <property name="cache">
    <ref local="userCacheBackend"/>
    </property>
    </bean>

    <bean id="daoAuthenticationProvider"
    class="net.sf.acegisecurity.providers.dao.DaoAuthe nticationProvider">
    <property name="authenticationDao">
    <ref local="jdbcDaoImpl"/>
    </property>

    <property name="userCache">
    <ref local="userCache"/>
    </property>

    </bean>

    <bean id="loggerListener"
    class="net.sf.acegisecurity.providers.dao.event.Lo ggerListener"/>

    <bean id="anonymousProcessingFilter"
    class="net.sf.acegisecurity.providers.anonymous.An onymousProcessingFilter">
    <property name="key">
    <value>anonymousUser</value>
    </property>
    <property name="userAttribute">
    <value>anonymousUser,AUTH_ANONYMOUS</value>
    </property>
    </bean>

    <bean id="anonymousAuthenticationProvider"
    class="net.sf.acegisecurity.providers.anonymous.An onymousAuthenticationProvider">
    <property name="key">
    <value>anonymousUser</value>
    </property>
    </bean>

    <bean id="authenticationProcessingFilter"
    class="net.sf.acegisecurity.ui.webapp.Authenticati onProcessingFilter">
    <property name="authenticationManager">
    <ref bean="authenticationManager"/>
    </property>
    <property name="authenticationFailureUrl">
    <value>/login.jsp?login_error=1</value>
    </property>
    <property name="defaultTargetUrl">
    <value>/login.jsp</value>
    </property>
    <property name="filterProcessesUrl">
    <value>/j_acegi_security_check</value>
    </property>
    </bean>

    <bean id="securityEnforcementFilter"
    class="net.sf.acegisecurity.intercept.web.Security EnforcementFilter">
    <property name="filterSecurityInterceptor">
    <ref local="filterInvocationInterceptor"/>
    </property>
    <property name="authenticationEntryPoint">
    <ref local="authenticationProcessingFilterEntryPoint"/>
    </property>
    </bean>

    <bean id="authenticationProcessingFilterEntryPoint"
    class="net.sf.acegisecurity.ui.webapp.Authenticati onProcessingFilterEntryPoint">
    <property name="loginFormUrl">
    <value>/login.jsp</value>
    </property>
    <property name="forceHttps">
    <value>false</value>
    </property>
    </bean>

    <bean id="filterInvocationInterceptor"
    class="net.sf.acegisecurity.intercept.web.FilterSe curityInterceptor">
    <property name="authenticationManager">
    <ref bean="authenticationManager"/>
    </property>
    <property name="accessDecisionManager">
    <ref local="httpRequestAccessDecisionManager"/>
    </property>
    <property name="objectDefinitionSource">
    <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    PATTERN_TYPE_APACHE_ANT /**/*.jpg=AUTH_ANONYMOUS
    /**/*.gif=AUTH_ANONYMOUS /**/*.png=AUTH_ANONYMOUS
    /login.jsp*=AUTH_ANONYMOUS /*=admin,user </value>
    </property>
    </bean>

    <bean id="httpRequestAccessDecisionManager"
    class="net.sf.acegisecurity.vote.AffirmativeBased" >
    <property name="allowIfAllAbstainDecisions">
    <value>false</value>
    </property>
    <property name="decisionVoters">
    <list>
    <ref bean="roleVoter"/>
    </list>
    </property>
    </bean>

    <bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter">
    <property name="rolePrefix">
    <value></value>
    </property>
    </bean>
    </beans>

  • #2
    Please post a debug-level log of what happens when you try to request a secured resource. I'd like to see whether an attempt is actually being made to access login.jsp and something is redirecting it to index.jsp instead.

    Comment


    • #3
      I found out why.
      It's all because of the auto-format function of xmlbuddy which the value of "objectDefinitionSource" became look like this:
      <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
      PATTERN_TYPE_APACHE_ANT /**/*.jpg=AUTH_ANONYMOUS
      /**/*.gif=AUTH_ANONYMOUS /**/*.png=AUTH_ANONYMOUS
      /login.jsp*=AUTH_ANONYMOUS /*=admin,user </value>

      when I correct it by hand to and return for each line like this, it all works fine.
      <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
      PATTERN_TYPE_APACHE_ANT
      /**/*.jpg=AUTH_ANONYMOUS
      /**/*.gif=AUTH_ANONYMOUS
      /**/*.png=AUTH_ANONYMOUS
      /login.jsp*=AUTH_ANONYMOUS
      /*=admin,user </value>

      Comment


      • #4
        Yes, you need those newline characters! You might want to use a CDATA block so XMLBuddy doesn't reformat...

        Comment

        Working...
        X