Announcement Announcement Module
Collapse
No announcement yet.
AuthenticationCredentialsNotFoundException: An Authentication object was not found in Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Are you certain that authentication is occuring successfully? Can you add some logging to LoginBusinnessImpl and the post the entire log of submitting an authentication request?

    Comment


    • #17
      Originally posted by Rob Winch View Post
      Are you certain that authentication is occuring successfully? Can you add some logging to LoginBusinnessImpl and the post the entire log of submitting an authentication request?
      I've debugged the class LoginBusinessImpl and I've arrived until class ProviderManager. The debug fails in this point:

      Code:
      if (result == null && parent != null) {
                  // Allow the parent to try.
                  try {
                      result = parent.authenticate(authentication);
                  } catch (ProviderNotFoundException e) {
                      // ignore as we will throw below if no other exception occurred prior to calling parent and the parent
                      // may throw ProviderNotFound even though a provider in the child already handled the request
                  } catch (AuthenticationException e) {
                      lastException = e;
                  }
              }
      Because parent is null...The attribute parent is AuthenticationManager object. i.e. Spring Security doesn't recognize my AuthenticationManager...I dont' understand why happen this...

      Comment


      • #18
        The parent doesn't need to be non-null if an AuthenticationProvider already authenticated it. What happens at this point:

        Code:
        result = provider.authenticate(authentication);
        You are likely getting a stacktrace here. Can you provide the stacktrace?


        You might also eliminate some issues by trying the following configuration temporarily:

        Code:
        <authentication-manager alias="authenticationManager" >
         <authentication-provider>
            <user-service>
              <user username="admin" password="secret" authorities="ROLE_USER,ROLE_ADMIN"/>
            </user-service>
          </authentication-provider>
        </authentication-manager>
        Then try to authenticate with the username admin and the password secret. If this works, we can assume there is something wrong with the UserDetailsService.

        Comment


        • #19
          Originally posted by Rob Winch View Post
          The parent doesn't need to be non-null if an AuthenticationProvider already authenticated it. What happens at this point:

          Code:
          result = provider.authenticate(authentication);
          You are likely getting a stacktrace here. Can you provide the stacktrace?
          This must log:

          Code:
          DEBUG org.springframework.security.authentication.ProviderManager  - Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider
          The objet pass from object null to objeto non-null


          You might also eliminate some issues by trying the following configuration temporarily:

          Originally posted by Rob Winch View Post
          Code:
          <authentication-manager alias="authenticationManager" >
           <authentication-provider>
              <user-service>
                <user username="admin" password="secret" authorities="ROLE_USER,ROLE_ADMIN"/>
              </user-service>
            </authentication-provider>
          </authentication-manager>
          Then try to authenticate with the username admin and the password secret. If this works, we can assume there is something wrong with the UserDetailsService.
          I've tried logging on and still I get the same error:

          Code:
          DEBUG org.springframework.security.web.FilterChainProxy  - /a1/ at position 8 of 8 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
           getAttributes
          url: /a1/
          Url 1: /a1/
          DEBUG org.mybatis.spring.SqlSessionUtils  - Creating a new SqlSession
           DEBUG org.mybatis.spring.SqlSessionUtils  - SqlSession [org.apache.ibatis.session.defaults.DefaultSqlSession@161f77c] was not registered for synchronization because synchronization is not active
           DEBUG org.springframework.jdbc.datasource.DataSourceUtils  - Fetching JDBC Connection from DataSource
           DEBUG org.mybatis.spring.transaction.SpringManagedTransaction  - JDBC Connection [jdbc:sqlserver://inpedesa01:1433;selectMethod=direct;lastUpdateCount=true;databaseName=TEMPLATE;, UserName=sa, Microsoft SQL Server 2005 JDBC Driver] will not be managed by Spring
           DEBUG com.indra.contratos.model.persistence.InterceptorMapper.listRolUrlApplication  - ooo Using Connection [jdbc:sqlserver://inpedesa01:1433;selectMethod=direct;lastUpdateCount=true;databaseName=TEMPLATE;, UserName=sa, Microsoft SQL Server 2005 JDBC Driver]
           DEBUG com.indra.contratos.model.persistence.InterceptorMapper.listRolUrlApplication  - ==>  Preparing: { CALL SP_LIST_ROL_URL_SISTEMA ( ? ,? ) } 
           DEBUG com.indra.contratos.model.persistence.InterceptorMapper.listRolUrlApplication  - ==> Parameters: 93(Integer), /a1/(String)
           DEBUG org.mybatis.spring.SqlSessionUtils  - Closing non transactional SqlSession [org.apache.ibatis.session.defaults.DefaultSqlSession@161f77c]
           DEBUG org.springframework.jdbc.datasource.DataSourceUtils  - Returning JDBC Connection to DataSource
           DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /a1/; Attributes: [SYS_ADMIN]
           DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor  - Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@905571d8: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@0: RemoteIpAddress: 127.0.0.1; SessionId: 1E2E5D65FDEDEC9FBC431105AF1562A4; Granted Authorities: ROLE_ANONYMOUS
           DEBUG org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
           DEBUG org.springframework.security.access.vote.AffirmativeBased  - Voter: [email protected]99, returned: -1
           DEBUG org.springframework.security.web.access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
           org.springframework.security.access.AccessDeniedException: Access is denied
          	at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:83)
          	at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:206)
          	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:115)
          	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)
          	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
          	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
          	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
          	at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103)
          	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
          	at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
          	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
          	at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
          	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
          	at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
          	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
          	at org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:125)
          	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
          	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
          	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
          	at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
          	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
          	at org.springframework.security.config.debug.DebugFilter.invokeWithWrappedRequest(DebugFilter.java:69)
          	at org.springframework.security.config.debug.DebugFilter.doFilter(DebugFilter.java:58)
          	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
          	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
          	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
          	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
          	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
          	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
          	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
          	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
          	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
          	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
          	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861)
          	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:606)
          	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
          	at java.lang.Thread.run(Unknown Source)
          This is my XML file of coniguration.

          http://pastebin.com/0wZJ3icw

          Comment


          • #20
            This is my XMl file of configuration

            Code:
            <?xml version="1.0" encoding="ISO-8859-1"?>
            
            <beans:beans 
            	xmlns="http://www.springframework.org/schema/security"
                xmlns:beans="http://www.springframework.org/schema/beans"
                xmlns:util="http://www.springframework.org/schema/util"
                xmlns:p="http://www.springframework.org/schema/p"  
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                xsi:schemaLocation=
                	"http://www.springframework.org/schema/beans 
                	http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
            		http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.1.xsd
            		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
            
                <beans:bean id="accessDeniedHandler" class="org.springframework.security.web.access.AccessDeniedHandlerImpl">
            		<beans:property name="errorPage" value="/login.xhtml"/>
            	</beans:bean>
            	
            	<beans:bean id="roleHierarchy"	class="org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl">
            		<beans:property name="hierarchy">
            			<beans:value>
            				SYS_ADMIN > AUDITOR
            				AUDITOR > GERENTE
            				GERENTE > JEFE_PROYECTO
            				JEFE_PROYECTO > COLABORADOR
            				COLABORADOR > JEFE_ALMACEN
            				JEFE_ALMACEN > USUARIO
            			</beans:value>
            		</beans:property>
            	</beans:bean>
            	
            	<beans:bean id="roleHierarchyVoter" class="org.springframework.security.access.vote.RoleHierarchyVoter">
            		<beans:constructor-arg ref="roleHierarchy" />
            		<beans:property name="rolePrefix" value="" />
                </beans:bean>
            
            	<beans:bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
                   <beans:constructor-arg>
                       <beans:list>
                            <beans:ref bean="roleHierarchyVoter"/>
                       </beans:list>
                   </beans:constructor-arg>
                </beans:bean>
            
            	<beans:bean id="securityMetadataSource" class="com.indra.contratos.application.security.InterceptorApplicationService"/>
            	
            	<beans:bean class="com.indra.contratos.application.security.FilterInvocationSecurityMetadataSourcePostProcessor">
            	    <beans:property name="securityMetadataSource">
            	        <beans:bean class="com.indra.contratos.application.security.InterceptorApplicationService"/>
            	    </beans:property>
            	</beans:bean>
            	
            	<http pattern="/pages/accessDenied.xhtml" security="none"/>
            	<http pattern="/login.xhtml" security="none"/>
            	<http pattern="/l/" security="none"/>
            	<http pattern="/resources/**" security="none"/>
            	<http pattern="/javax.faces.resource/**" security="none"/>
            	
                <http auto-config="false" 
                	entry-point-ref="authenticationEntryPoint"
            		access-decision-manager-ref="accessDecisionManager"
            		authentication-manager-ref="authenticationManager"
                	>
                    
                    <custom-filter position="CONCURRENT_SESSION_FILTER" ref="concurrencyFilter" />
            
            		<access-denied-handler ref="accessDeniedHandler"/>
            		
                    <session-management session-authentication-strategy-ref="sas" />
            
                </http>
                
                <beans:bean id="authenticationEntryPoint"  
                    class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"
                    p:loginFormUrl="/login.xhtml" />
                
                <beans:bean id="concurrencyFilter"
            		class="org.springframework.security.web.session.ConcurrentSessionFilter">
            		<beans:property name="sessionRegistry" ref="sessionRegistry" />
            		<beans:property name="expiredUrl" value="/login.xhtml" />
            	</beans:bean>
                
                <beans:bean id="sas" 
                    class="org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy">
            	  	<beans:constructor-arg name="sessionRegistry" ref="sessionRegistry" />
            	  	<beans:property name="maximumSessions" value="1" />
            	</beans:bean>
            	
            	<beans:bean id="sessionRegistry"
            	    class="org.springframework.security.core.session.SessionRegistryImpl" /> 
            
            	<beans:bean id="passwordEncoder" 
            	    class="org.springframework.security.authentication.encoding.Md5PasswordEncoder" />
            	
                <authentication-manager id="authenticationManager" alias="authenticationManager" >
                    <authentication-provider>
            	    <user-service>
            	      <user  name="admin" password="secret" authorities="SYS_ADMIN, USUARIO"/>
            	    </user-service>
            	  </authentication-provider>
                </authentication-manager>
            </beans:beans>

            Comment


            • #21
              I have resolved my problem. The problem was here:

              Code:
              	<http pattern="/pages/accessDenied.xhtml" security="none" />
              	<http pattern="/login.xhtml" security="none"/>
              	<http pattern="/l/" security="none"/>
              	<http pattern="/resources/**" security="none"/>
              	<http pattern="/javax.faces.resource/**" security="none"/>
              The first three interceptors caused problems

              Finally It kept so:

              Code:
              	<http pattern="/resources/**" security="none"/>
              	<http pattern="/javax.faces.resource/**" security="none"/>
              The first interceptor have corresponded to Access Denied page. The other two interceptors have corresponded to Login Page.

              The problem was that my user always was as ROLE_ANONYMUS and my homepage only was able for users with role "SYS_ADMIN". This have happened because los interceptors of my login page had security="none". The filters always ignored.

              Nevertheless there is still a problem. When user with role distinct to "SYS_ADMIN" tries to login on happen a exception

              Code:
              DEBUG org.springframework.security.web.access.ExceptionTranslationFilter  - Access is denied (user is not anonymous); delegating to AccessDeniedHandler
               org.springframework.security.access.AccessDeniedException: Access is denied
              	at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:83)
              	at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:206)
              	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:115)
              	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)
              	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
              	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
              	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
              	at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103)
              	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
              	at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
              	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
              	at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
              	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
              	at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
              	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
              	at org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:125)
              	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
              	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
              	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
              	at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
              	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
              	at org.springframework.security.config.debug.DebugFilter.invokeWithWrappedRequest(DebugFilter.java:69)
              	at org.springframework.security.config.debug.DebugFilter.doFilter(DebugFilter.java:58)
              	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
              	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
              	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
              	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
              	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
              	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
              	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
              	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
              	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
              	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
              	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861)
              	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:606)
              	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
              	at java.lang.Thread.run(Unknown Source)

              Although happen in debug mode
              Last edited by Cesar M. Casasola; Mar 19th, 2013, 08:50 PM.

              Comment


              • #22
                It sounds like your user does not have the proper roles. What roles does this user have? What roles are required for this URL? Also ensure that the roles the user has starts with ROLE_

                Comment

                Working...
                X