Announcement Announcement Module
Collapse
No announcement yet.
Spring Security 3.1.3 Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring Security 3.1.3

    Hi all,

    I am working on Web Project, and I am newbie on Spring Security..

    I got everything working fine, but I would like to set role-prefix none...

    It was role-prefix="ROLE_"

    I set role-prefix="none"

    I just set it, but the roles are still coming with prefix "none"...

    tks

    Glauter Lemos

  • #2
    Set it to none "" not "none"...

    Next to that register a JIRA to mention that the documentation isn't conform the implementation.

    Comment


    • #3
      Here is the error if I let empty the role-prefix
      Code:
      Exception while loading the app : java.lang.IllegalStateException: ContainerBase.addChild: start: org.apache.catalina.LifecycleException: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChain#0' while setting bean property 'sourceList' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#0': Cannot resolve reference to bean 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0' while setting constructor argument with key [10]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [Administrador].
      if I set role-prefix="something" it works fine
      Last edited by Glauter; Feb 24th, 2013, 08:26 AM.

      Comment


      • #4
        Please use [ code][/code ] tags when posting code/xml/stacktraces that way it remains readable. lso please post the full stacktrace instead of a snippet.

        You left out the configuration so it is hard to tell if it is your configuration or spring security.

        Comment


        • #5
          Hi Marten, sorry about [CODE]

          This is my applicationContext.xml

          Code:
          <?xml version="1.0" encoding="UTF-8"?>
          <b:beans xmlns="http://www.springframework.org/schema/security"
                   xmlns:b="http://www.springframework.org/schema/beans"
                   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                   xsi:schemaLocation="http://www.springframework.org/schema/beans
                     http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                     http://www.springframework.org/schema/security
                     http://www.springframework.org/schema/security/spring-security-3.1.xsd">
           
              <http auto-config="true" access-denied-page="/acessoNegado.jsf" >
                 
                  <form-login login-page="/login.jsf" authentication-failure-url="/login.jsf?erro=true"/>
                 
                  <intercept-url pattern="/template/sistema/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
                  <intercept-url pattern="/login.jsf" access="IS_AUTHENTICATED_ANONYMOUSLY" />
                  <intercept-url pattern="/acessoNegado.jsf" access="IS_AUTHENTICATED_ANONYMOUSLY" />
                  <intercept-url pattern="/pages/sistema/index.jsf" access="ROLE_ADMINISTRADOR" />
                  <intercept-url pattern="/index.html" access="ROLE_ADMINISTRADOR" />
                  <intercept-url pattern="/index.jsf" access="ROLE_ADMINISTRADOR" />
              
                  <session-management>
                      <concurrency-control max-sessions="1" />
                  </session-management>
                  
              </http>
           
              <authentication-manager>
                  <authentication-provider>
                      <password-encoder hash="sha-256" />
                      <jdbc-user-service data-source-ref="dataSource" role-prefix="ROLE_"
                                         users-by-username-query="SELECT username, password, enable FROM usuario WHERE username=?"
                                         authorities-by-username-query="SELECT username, authority FROM usuario_role WHERE  
                  username=?"/>
                  </authentication-provider>
              </authentication-manager>
              
              <b:bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource" >
                  <b:property name="url" value="jdbc:postgresql://localhost:5432/MasterappBD" />
                  <b:property name="driverClassName" value="org.postgresql.Driver"/>
                  <b:property name="username" value="postgres" />
                  <b:property name="password" value="d22m05" />
              </b:bean>
              
              <b:bean id="userDetailsService"
                      class="org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl">
                  <b:property name="dataSource" ref="dataSource" />
              </b:bean>
              
              
              
           
          </b:beans>

          This is my web.xml

          Code:
          <?xml version="1.0" encoding="UTF-8"?>
          <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
              
              <context-param>
                  <param-name>javax.faces.PROJECT_STAGE</param-name>
                  <param-value>Development</param-value>
              </context-param>
              
              <context-param>
                  <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
                  <param-value>server</param-value>
                  <!-- server é o padrão -->
              </context-param>
              
              <servlet>
                  <servlet-name>Faces Servlet</servlet-name>
                  <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
                  <load-on-startup>1</load-on-startup>
              </servlet>
          
              <servlet-mapping>
                  <servlet-name>Faces Servlet</servlet-name>
                  <url-pattern>*.jsf</url-pattern>
                  <url-pattern>*.xhtml</url-pattern>
                  <url-pattern>*.html</url-pattern>
              </servlet-mapping>
          
              <session-config>
                  <session-timeout>
                      30
                  </session-timeout>
              </session-config>
              
              <welcome-file-list>
                  <welcome-file>/pages/sistema/index.jsf</welcome-file>
              </welcome-file-list>
              
              <context-param>
                  <param-name>primefaces.THEME</param-name>
                  <param-value>south-street</param-value>
              </context-param>
              
              <context-param>
                  <param-name>javax.faces.DATETIMECONVERTER_DEFAULT_TIMEZONE_IS_SYSTEM_TIMEZONE</param-name>
                  <param-value>true</param-value>
              </context-param>
              
              <!--SPRING SECURITY-->
              
              <listener>
                  <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
              </listener>
              
              <filter>
                  <filter-name>springSecurityFilterChain</filter-name>
                  <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
              </filter>
            
              <filter-mapping>
                  <filter-name>springSecurityFilterChain</filter-name>
                  <url-pattern>/*</url-pattern>
              </filter-mapping>
              
              <listener>
                  <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
              </listener>
              
              <!--/ESSE FILTRO É QUE CONTROLAR O MAXIMO DE USUARIO LOGADO POR SESSAO-->
              <listener>
                  <listener-class>
                      org.springframework.security.web.session.HttpSessionEventPublisher
                  </listener-class>
              </listener>
              
              
              <!--FECHA SPRING SECURITY-->
              
           
          </web-app>
          The project loads only if I set the role-prefix.. if I set it none or empty like role-prefix="" I for those erros..

          Comment


          • #6
            I don't know what is happening.. I can't reply any post... I tried to post all my code.. but when I click on "Post Reply".. The forum redirect me to forum's main page.

            Comment


            • #7
              This is my applicationContext.xml

              Code:
              <?xml version="1.0" encoding="UTF-8"?>
              <b:beans xmlns="http://www.springframework.org/schema/security"
                       xmlns:b="http://www.springframework.org/schema/beans"
                       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                       xsi:schemaLocation="http://www.springframework.org/schema/beans
                         http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                         http://www.springframework.org/schema/security
                         http://www.springframework.org/schema/security/spring-security-3.1.xsd">
               
                  <http auto-config="true" access-denied-page="/acessoNegado.jsf" >
                     
                      <form-login login-page="/login.jsf" authentication-failure-url="/login.jsf?erro=true"/>
                     
                      <intercept-url pattern="/template/sistema/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
                      <intercept-url pattern="/login.jsf" access="IS_AUTHENTICATED_ANONYMOUSLY" />
                      <intercept-url pattern="/acessoNegado.jsf" access="IS_AUTHENTICATED_ANONYMOUSLY" />
                      <intercept-url pattern="/pages/sistema/index.jsf" access="ROLE_ADMINISTRADOR" />
                      <intercept-url pattern="/index.html" access="ROLE_ADMINISTRADOR" />
                      <intercept-url pattern="/index.jsf" access="ROLE_ADMINISTRADOR" />
                  
                      <session-management>
                          <concurrency-control max-sessions="1" />
                      </session-management>
                      
                  </http>
               
                  <authentication-manager>
                      <authentication-provider>
                          <password-encoder hash="sha-256" />
                          <jdbc-user-service data-source-ref="dataSource" role-prefix="ROLE_"
                                             users-by-username-query="SELECT username, password, enable FROM usuario WHERE username=?"
                                             authorities-by-username-query="SELECT username, authority FROM usuario_role WHERE  
                      username=?"/>
                      </authentication-provider>
                  </authentication-manager>
                  
                  <b:bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource" >
                      <b:property name="url" value="jdbc:postgresql://localhost:5432/MasterappBD" />
                      <b:property name="driverClassName" value="org.postgresql.Driver"/>
                      <b:property name="username" value="postgres" />
                      <b:property name="password" value="d22m05" />
                  </b:bean>
                  
                  <b:bean id="userDetailsService"
                          class="org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl">
                      <b:property name="dataSource" ref="dataSource" />
                  </b:bean>
                  
              
              </b:beans>

              Comment


              • #8
                This is my web.xml

                Code:
                <?xml version="1.0" encoding="UTF-8"?>
                <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
                    
                    <context-param>
                        <param-name>javax.faces.PROJECT_STAGE</param-name>
                        <param-value>Development</param-value>
                    </context-param>
                    
                    <context-param>
                        <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
                        <param-value>server</param-value>
                        <!-- server é o padrão -->
                    </context-param>
                    
                    <servlet>
                        <servlet-name>Faces Servlet</servlet-name>
                        <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
                        <load-on-startup>1</load-on-startup>
                    </servlet>
                
                    <servlet-mapping>
                        <servlet-name>Faces Servlet</servlet-name>
                        <url-pattern>*.jsf</url-pattern>
                        <url-pattern>*.xhtml</url-pattern>
                        <url-pattern>*.html</url-pattern>
                    </servlet-mapping>
                
                    <session-config>
                        <session-timeout>
                            30
                        </session-timeout>
                    </session-config>
                    
                    <welcome-file-list>
                        <welcome-file>/pages/sistema/index.jsf</welcome-file>
                    </welcome-file-list>
                    
                    <context-param>
                        <param-name>primefaces.THEME</param-name>
                        <param-value>south-street</param-value>
                    </context-param>
                    
                    <context-param>
                        <param-name>javax.faces.DATETIMECONVERTER_DEFAULT_TIMEZONE_IS_SYSTEM_TIMEZONE</param-name>
                        <param-value>true</param-value>
                    </context-param>
                    
                    <!--SPRING SECURITY-->
                    
                    <listener>
                        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
                    </listener>
                    
                    <filter>
                        <filter-name>springSecurityFilterChain</filter-name>
                        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
                    </filter>
                  
                    <filter-mapping>
                        <filter-name>springSecurityFilterChain</filter-name>
                        <url-pattern>/*</url-pattern>
                    </filter-mapping>
                    
                    <listener>
                        <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
                    </listener>
                    
                    <!--/ESSE FILTRO É QUE CONTROLAR O MAXIMO DE USUARIO LOGADO POR SESSAO-->
                    <listener>
                        <listener-class>
                            org.springframework.security.web.session.HttpSessionEventPublisher
                        </listener-class>
                    </listener>
                    
                    
                    <!--FECHA SPRING SECURITY-->
                  
                </web-app>
                The project loads only if I set something on role-prefix

                Comment


                • #9
                  You might want to switch to expressions instead of the old style. The old style uses the prefix to detect is the access element contains a role or not.

                  Code:
                      <http auto-config="true" access-denied-page="/acessoNegado.jsf" use-expressions="true">
                         
                          <form-login login-page="/login.jsf" authentication-failure-url="/login.jsf?erro=true"/>
                         
                          <intercept-url pattern="/template/sistema/**" access="isAnonymous()" />
                          <intercept-url pattern="/login.jsf" access="isAnonymous() />
                          <intercept-url pattern="/acessoNegado.jsf" access="isAnonymous()" />
                          <intercept-url pattern="/pages/sistema/index.jsf" access="hasRole('ADMINISTRADOR')" />
                          <intercept-url pattern="/index.html" access="hasRole('ADMINISTRADOR')" />
                          <intercept-url pattern="/index.jsf" access="hasRole('ROLE_ADMINISTRADOR')" />
                      
                          <session-management>
                              <concurrency-control max-sessions="1" />
                          </session-management>
                          
                      </http>

                  Comment


                  • #10
                    Still coming errors..

                    Unsupported configuration attributes: [isAnonymous(), hasRole('ADMINISTRADOR)].

                    to use these new tags like isAnonymous() or any else is necessary declare some namespace in the applicationContext.xml ?

                    Comment


                    • #11
                      Read my post...

                      Code:
                      <http auto-config="true" access-denied-page="/acessoNegado.jsf" use-expressions="true">

                      Comment


                      • #12
                        Solved, I just set use-expressions="true" and every things works fine the function is isAnonymous(), hasROle(''something'), role-prefix="" as none..

                        Comment

                        Working...
                        X