Announcement Announcement Module
Collapse
No announcement yet.
(newbie) config problem: Authentication object is null Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • (newbie) config problem: Authentication object is null

    Hi,
    I've got a small problem, and I think it's probably an easy one to sort out for someone who is more experienced in configuring ACEGI, but I ran out of ideas... please help...

    The web application I'm maintaining only needed to allow users to login via a login form, but now it had to be extended with a web service that needs to use BASIC authentication, so as far as I'm aware I need to use a FilterChainProxy to be able to configure different authentication methods for different URLs. At the moment the app is using ACEGI v0.6, and as far as I'm aware FilterChainProxies were introduced in v0.8. Upgrading ACEGI I therefore tried to follow the configuration of the contacts sample, and I got it working so far as I get to the login screen, but when I actually log in, I end up with a NullPointerException as the Authentication object in the SecureContext is null.

    Code:
    <context-param>
    		<param-name>contextConfigLocation</param-name>
    		<param-value>
    			/WEB-INF/applicationContext.xml 			
    			/WEB-INF/applicationContext-acegi-security.xml
    			[...]
    		</param-value>
    	</context-param>
    	
    	<filter>
            <filter-name>Acegi Filter Chain Proxy</filter-name>
            <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
            <init-param>
                <param-name>targetClass</param-name>
                <param-value>net.sf.acegisecurity.util.FilterChainProxy</param-value>
            </init-param>
    	</filter>
    
        <filter-mapping>
          <filter-name>Acegi Filter Chain Proxy</filter-name>
          <url-pattern>/*</url-pattern>
        </filter-mapping>
      		
    	<listener>		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    	</listener>
    	<listener>
    		<listener-class>[...]/listener-class>
    	</listener>
      <servlet>
        <servlet-name>aaa</servlet-name>   <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
      </servlet>
        
      <servlet-mapping>
        <servlet-name>aaa</servlet-name>
        <url-pattern>*.html</url-pattern>
      </servlet-mapping>
    
      <welcome-file-list>[...]</welcome-file-list>
    This is the content of applicationContext-acegi-security.xml:

    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
    
    <beans>
    	<!-- ======================== FILTER CHAIN ======================= -->
    		
    	<bean id="filterChainProxy" class="net.sf.acegisecurity.util.FilterChainProxy">
          <property name="filterInvocationDefinitionSource">
             <value>
    		    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    		    PATTERN_TYPE_APACHE_ANT
    			/**=httpSessionContextIntegrationFilter,formAuthenticationProcessingFilter,securityEnforcementFilter            
             </value>
          </property>
        </bean>
    	
    	<!-- ======================== AUTHENTICATION ======================= -->
    	
    	<!-- An access decision voter that reads ROLE_* configuration settings -->
    	<bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/>
    		
    	<bean id="authenticationManager" class="my.OwnAuthenticationManager">
    		<property name="userBusiness"><ref bean="userBusiness"/></property>
    	</bean>
    	
       <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
    
       <bean id="userCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
          <property name="cacheManager"><ref local="cacheManager"/></property>
          <property name="cacheName"><value>userCache</value></property>
       </bean>
    
       <bean id="userCache" class="net.sf.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
          <property name="cache"><ref local="userCacheBackend"/></property>
       </bean>
    
       	<bean id="httpSessionContextIntegrationFilter" class="net.sf.acegisecurity.context.HttpSessionContextIntegrationFilter">
    		<property name="context"><value>net.sf.acegisecurity.context.security.SecureContextImpl</value></property>
    	</bean>
    	<!-- ===================== HTTP REQUEST SECURITY ==================== -->
    	<bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter">
    		<property name="filterSecurityInterceptor"><ref bean="filterSecurityInterceptor" /></property>
    		<property name="authenticationEntryPoint"><ref bean="formLoginAuthenticationEntryPoint" /></property>
    	</bean>
    
    	<bean id="formAuthenticationProcessingFilter" class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
    		<property name="authenticationManager"><ref bean="authenticationManager"/></property>
    		<property name="authenticationFailureUrl"><value>/security/loginFailed.html</value></property>
    		<property name="defaultTargetUrl"><value>/security/loginSuccess.html</value></property>
    		<property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property>	
    	</bean>
    	<bean id="formLoginAuthenticationEntryPoint" class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
    		<property name="loginFormUrl"><value>/security/login.html</value></property>
    		<property name="forceHttps"><value>false</value></property>
    	</bean>
    
    	<bean id="accessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased">
       		<property name="allowIfAllAbstainDecisions"><value>false</value></property>
    		<property name="decisionVoters">
    		  <list>
    		    <ref bean="roleVoter"/>
    		  </list>
    		</property>
    	</bean>
    
    	<bean id="filterSecurityInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor">
    		<property name="authenticationManager"><ref bean="authenticationManager" /></property>
    		<property name="accessDecisionManager"><ref bean="accessDecisionManager" /></property>
    		<property name="objectDefinitionSource">
    			<value>
    				PATTERN_TYPE_APACHE_ANT
    		        /systemAdmin/**=ROLE_SYSTEM_ADMINISTRATOR
    		        /brokerAdmin/**=ROLE_BROKER_ADMINISTRATOR
    		        /brokerCustomer/**=ROLE_NON_AUTHORIZER_CUSTOMER
    		        /brokerAuthorizerCustomer/**=ROLE_AUTHORIZER_CUSTOMER
    		        /supplierAdmin/**=ROLE_SUPPLIER_ADMINISTRATOR
    			</value>
    		</property>
    	</bean>	
    </beans>
    This is the first time ever I have to do with ACEGI, so please let me know if I need to supply more information / details / source code...

    Any help / comments / critics welcomed and appreciated!

    Thanks a lot in advance,

    Jessica

  • #2
    Hi
    I saw your Config files and I couldnt find the userBusiness bean in acegi-security.xml file.
    Or may be i couldnt find it. just confirm to me that u did define this bean somewhere in the file or else it will throw a null pointer exception.


    <bean id="authenticationManager" class="my.OwnAuthenticationManager">
    <property name="userBusiness"><ref bean="userBusiness"/></property>
    </bean>

    Comment


    • #3
      Sorry, I didn't post all config files, and userBusiness is declared in a different one... Anyway, I don't know what I changed, but ACEGI is doing its work properly now...
      (won't touch it again )
      Thanks anyway!
      Jessica

      Comment

      Working...
      X