Announcement Announcement Module
Collapse
No announcement yet.
Help!! InMemoryDaoImpl does not work. Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Help!! InMemoryDaoImpl does not work.

    Configure the imMemoryImpl as below
    Code:
    <bean id="inMemoryImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
    		<property name="userMap">
    			<value>
    			  scott=wombat,enabled,ROLE_TELLER
    			</value>
    		</property>
    </bean>
    but it doesn't work. When i type the user name "scott" and password "wombat" in the login page it always throw a Bad credentials exception.
    I disable the scott as this:
    Code:
    <bean id="inMemoryImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
    		<property name="userMap">
    			<value>
    			  scott=wombat,disable,ROLE_TELLER
    			</value>
    		</property>
    </bean>
    when i type scott to login ,it will throw a disable creentials exception
    but after i enable scott , It totally doen't work throw bad credentials again.
    I almost get crazy and have no idea.
    What goes wrong??..
    below is the whole code
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
    
    <beans>
    	<!-- ======================== FILTER CHAIN ======================= -->
    	<!--  if you wish to use channel security, add "channelProcessingFilter," in front
    		of "httpSessionContextIntegrationFilter" in the list below -->
    	<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
    		<property name="filterInvocationDefinitionSource">
    			<value>
    				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT
    				/**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,basicProcessingFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
    			</value>
    		</property>
    	</bean>
    
    	<!-- ======================== AUTHENTICATION ======================= -->
    
    	<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
    		<property name="providers">
    			<list>
    				<ref local="daoAuthenticationProvider" />
    				<ref local="anonymousAuthenticationProvider" />
    				<ref local="rememberMeAuthenticationProvider" />
    			</list>
    		</property>
    	</bean>
        <!-- 
    	<bean id="jdbcDaoImpl" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
    		<property name="dataSource">
    			<ref bean="dataSource" />
    		</property>
    	</bean>-->
    
    	<bean id="inMemoryImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
    		<property name="userMap">
    			<value>
    			  scott=wombat,enabled,ROLE_TELLER
    			</value>
    		</property>
    	</bean>
    
    	<bean id="passwordEncoder" class="org.acegisecurity.providers.encoding.Md5PasswordEncoder" />
    
    	<bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
    		<property name="userDetailsService">
    			<ref local="inMemoryImpl" />
    		</property>
    		<property name="userCache">
    			<ref local="userCache" />
    		</property>
    		<property name="passwordEncoder">
    			<ref local="passwordEncoder" />
    		</property>
    	</bean>
    
    	<bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean" />
    
    	<bean id="userCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
    		<property name="cacheManager">
    			<ref local="cacheManager" />
    		</property>
    		<property name="cacheName">
    			<value>userCache</value>
    		</property>
    	</bean>
    
    	<bean id="userCache" class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
    		<property name="cache">
    			<ref local="userCacheBackend" />
    		</property>
    	</bean>
    
    	<!-- Automatically receives AuthenticationEvent messages -->
    	<bean id="loggerListener" class="org.acegisecurity.event.authentication.LoggerListener" />
    
    	<bean id="basicProcessingFilter" class="org.acegisecurity.ui.basicauth.BasicProcessingFilter">
    		<property name="authenticationManager">
    			<ref local="authenticationManager" />
    		</property>
    		<property name="authenticationEntryPoint">
    			<ref local="basicProcessingFilterEntryPoint" />
    		</property>
    	</bean>
    
    	<bean id="basicProcessingFilterEntryPoint" class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint">
    		<property name="realmName">
    			<value>Contacts Realm</value>
    		</property>
    	</bean>
    
    	<bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
    		<property name="key">
    			<value>foobar</value>
    		</property>
    		<property name="userAttribute">
    			<value>anonymousUser,ROLE_ANONYMOUS</value>
    		</property>
    	</bean>
    
    	<bean id="anonymousAuthenticationProvider" class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
    		<property name="key">
    			<value>foobar</value>
    		</property>
    	</bean>
    
    	<bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"></bean>
    
    	<bean id="rememberMeProcessingFilter" class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">
    		<property name="authenticationManager">
    			<ref local="authenticationManager" />
    		</property>
    		<property name="rememberMeServices">
    			<ref local="rememberMeServices" />
    		</property>
    	</bean>
    
    	<bean id="rememberMeServices" class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices">
    		<property name="userDetailsService">
    			<ref local="inMemoryImpl" />
    		</property>
    		<property name="key">
    			<value>springRocks</value>
    		</property>
    	</bean>
    
    	<bean id="rememberMeAuthenticationProvider" class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
    		<property name="key">
    			<value>springRocks</value>
    		</property>
    	</bean>
    
    	<!-- ===================== HTTP REQUEST SECURITY ==================== -->
    
    	<bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
    		<property name="authenticationEntryPoint">
    			<ref local="authenticationProcessingFilterEntryPoint" />
    		</property>
    	</bean>
    
    	<bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
    		<property name="authenticationManager">
    			<ref bean="authenticationManager" />
    		</property>
    		<property name="authenticationFailureUrl">
    			<value>/acegilogin.jsp?login_error=1</value>
    		</property>
    		<property name="defaultTargetUrl">
    			<value>/</value>
    		</property>
    		<property name="filterProcessesUrl">
    			<value>/j_acegi_security_check</value>
    		</property>
    		<property name="rememberMeServices">
    			<ref local="rememberMeServices" />
    		</property>
    	</bean>
    
    	<bean id="authenticationProcessingFilterEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
    		<property name="loginFormUrl">
    			<value>/acegilogin.jsp</value>
    		</property>
    		<property name="forceHttps">
    			<value>false</value>
    		</property>
    	</bean>
    
    	<bean id="httpRequestAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
    		<property name="allowIfAllAbstainDecisions">
    			<value>false</value>
    		</property>
    		<property name="decisionVoters">
    			<list>
    				<ref bean="roleVoter" />
    			</list>
    		</property>
    	</bean>
    
    	<bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter" />
    
    
    	<!-- Note the order that entries are placed against the objectDefinitionSource is critical.
    		The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL.
    		Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with LEAST SPECIFIC (ie a/.*) expressions last -->
    	<bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
    		<property name="authenticationManager">
    			<ref bean="authenticationManager" />
    		</property>
    		<property name="accessDecisionManager">
    			<ref local="httpRequestAccessDecisionManager" />
    		</property>
    		<property name="objectDefinitionSource">
    			<value>
    				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT 
    				/index.html=ROLE_TELLER			</value>
    		</property>
    	</bean>
    </beans>
    Last edited by bladefenix; Apr 11th, 2006, 03:30 AM.

  • #2
    I think the parsing of the "userMap" property does not trim whitespaces. So maybe try this:
    Code:
    <property name="userMap">
        <value>scott=wombat,enabled,ROLE_TELLER</value>
    </property>
    Or, alternatively
    Code:
    <property name="userMap" value="scott=wombat,enabled,ROLE_TELLER"/>
    Regards,
    Andreas

    Comment


    • #3
      Forget about the blanks. I just saw you are using a password encoder. This would also require that the password retrieved by the dao is encoded as well. So you have to dpecify the MD5 hash of your password in the userMap.

      For testing you might also just remove the encoder to ensure that everything works.

      Regards,
      Andreas

      Comment


      • #4
        OK It work! after i remove the password encoder
        Thanks you Andreas!!
        You just like a angel from the heaven. You save me much..

        Damn the password encoder..
        I spend totally half a day to deal with this problem...

        Fortunately It work now.. thank you very much.

        Comment


        • #5
          Originally posted by bladefenix
          OK It work! after i remove the password encoder
          Thanks you Andreas!!
          You just like a angel from the heaven. You save me much..

          Damn the password encoder..
          I spend totally half a day to deal with this problem...

          Fortunately It work now.. thank you very much.
          lol, read the docs first

          you can use md5-hashed passwords too on your acegi configuration file
          Code:
          <bean id="userDetailsService" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
              <property name="userMap">
                <value>
                  admin=7de38f3c3d3baa7ca58a366f09577586,ROLE_ADMIN
                </value>
              </property>
            </bean>
          
          <bean id="passwordEncoder" class="org.acegisecurity.providers.encoding.Md5PasswordEncoder"/>
          
            <!-- DAO for InMemoryAuthentication -->
            <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
              <property name="userDetailsService"><ref bean="userDetailsService"/></property>
            	<property name="passwordEncoder"><ref local="passwordEncoder"/></property>
            </bean>
          The password for admin is 'secrets'. It's safer to use passwords on plaintext this way.

          You can generate correct md5 passwords by using commons-codec
          Code:
          DigestUtils.md5Hex("secrets")

          Comment


          • #6
            Thank you feenixx
            You are right!I will follow your advise

            Comment

            Working...
            X