Announcement Announcement Module
Collapse
No announcement yet.
Why I keep getting "AuthenticationCredentialsNotFoundException" Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Why I keep getting "AuthenticationCredentialsNotFoundException"

    I've played with Acegi for a day but still can't get my first application running, keep getting AuthenticationCredentialsNotFoundException

    Here's the output from my console
    Code:
    2006-May-22 15:21:59 DEBUG FilterInvocationDefinitionSourceEditor:73 - Detected PATTERN_TYPE_APACHE_ANT directive; using Apache Ant style path expressions
    2006-May-22 15:21:59 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 1: 
    2006-May-22 15:21:59 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 2: CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    2006-May-22 15:21:59 DEBUG FilterInvocationDefinitionSourceEditor:106 - Line 2: Instructing mapper to convert URLs to lowercase before comparison
    2006-May-22 15:21:59 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 3: PATTERN_TYPE_APACHE_ANT
    2006-May-22 15:21:59 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 4: /**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterSecurityInterceptor
    2006-May-22 15:21:59 DEBUG PathBasedFilterInvocationDefinitionMap:77 - Added Ant path: /**; attributes: [httpSessionContextIntegrationFilter, authenticationProcessingFilter, anonymousProcessingFilter, exceptionTranslationFilter, filterSecurityInterceptor]
    2006-May-22 15:21:59 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 5: 
    2006-May-22 15:21:59  INFO UserMap:87 - Adding user [org.acegisecurity.userdetails.User@f43bd000: Username: ren; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_USER]
    2006-May-22 15:21:59 DEBUG FilterInvocationDefinitionSourceEditor:73 - Detected PATTERN_TYPE_APACHE_ANT directive; using Apache Ant style path expressions
    2006-May-22 15:21:59 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 1: 
    2006-May-22 15:21:59 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 2: CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    2006-May-22 15:21:59 DEBUG FilterInvocationDefinitionSourceEditor:106 - Line 2: Instructing mapper to convert URLs to lowercase before comparison
    2006-May-22 15:21:59 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 3: PATTERN_TYPE_APACHE_ANT
    2006-May-22 15:21:59 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 4: /login.jsp*=ROLE_ANONYMOUS,ROLE_USER
    2006-May-22 15:21:59 DEBUG PathBasedFilterInvocationDefinitionMap:77 - Added Ant path: /login.jsp*; attributes: [ROLE_ANONYMOUS, ROLE_USER]
    2006-May-22 15:21:59 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 5: /**=ROLE_USER
    2006-May-22 15:21:59 DEBUG PathBasedFilterInvocationDefinitionMap:77 - Added Ant path: /**; attributes: [ROLE_USER]
    2006-May-22 15:21:59 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 6: 
    2006-May-22 15:21:59  INFO AbstractSecurityInterceptor:271 - Validated configuration attributes
    2006-May-22 15:21:59 DEBUG HttpSessionEventPublisher:75 - Received ServletContextEvent: javax.servlet.ServletContextEvent[source=org.apache.catalina.core.ApplicationContextFacade@10ab09f]
    2006-May-22 15:21:59 DEBUG HttpSessionEventPublisher:118 - Using context: org.springframework.web.context.support.XmlWebApplicationContext: display name [Root WebApplicationContext]; startup date [Mon May 22 15:21:59 EST 2006]; root of context hierarchy; config locations [/WEB-INF/config/spring/acegi-security.xml]
    
    2006-May-22 15:29:39 DEBUG PathBasedFilterInvocationDefinitionMap:113 - Converted URL to lowercase, from: '/login.jsp'; to: '/login.jsp'
    2006-May-22 15:29:39 DEBUG PathBasedFilterInvocationDefinitionMap:126 - Candidate is: '/login.jsp'; pattern is /login.jsp*; matched=true
    2006-May-22 15:29:39 DEBUG AbstractSecurityInterceptor:301 - Secure object: FilterInvocation: URL: /login.jsp?; ConfigAttributes: [ROLE_ANONYMOUS, ROLE_USER]
    2006-May-22 15:29:39 ERROR [jsp]:260 - Servlet.service() for servlet jsp threw exception
    org.acegisecurity.AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext
    	at org.acegisecurity.intercept.AbstractSecurityInterceptor.credentialsNotFound(AbstractSecurityInterceptor.java:414)
    	at org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:308)
    	at org.acegisecurity.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:113)
    	at org.acegisecurity.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:79)
    	at org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:120)
    	at
    I keep getting the same exception.

    Here's my web.xml
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
    	<display-name>Auscript Version 3</display-name>
    	
    	<context-param>
    		<param-name>contextConfigLocation</param-name>
    		<param-value>
    			/WEB-INF/config/spring/acegi-security.xml
    		</param-value>
    	</context-param>
    	
    	
    	
    	<filter>
    		<filter-name>Acegi HTTP Request Security Filter</filter-name>
    		<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
    		<init-param>
    			<param-name>targetClass</param-name>
    			<param-value>org.acegisecurity.intercept.web.FilterSecurityInterceptor</param-value>
    		</init-param>
    	</filter>
    
    	<filter-mapping>
    		<filter-name>Acegi HTTP Request Security Filter</filter-name>
    		<url-pattern>/*</url-pattern>
    	</filter-mapping>
    	
    	<listener>
    		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    	</listener>
    	
    	<listener>
            <listener-class>org.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class>
        </listener>
    My acegi-security.xml looks like
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
    
    <beans>
    	<bean id="filterChainProxy"
            class="org.acegisecurity.util.FilterChainProxy">
            <property name="filterInvocationDefinitionSource">
                <value>
                    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                    PATTERN_TYPE_APACHE_ANT
                    /**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterSecurityInterceptor
                </value>
            </property>
        </bean>
        
        <bean id="httpSessionContextIntegrationFilter"
            class="org.acegisecurity.context.HttpSessionContextIntegrationFilter" />
    
        <bean id="authenticationProcessingFilter"
            class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
            <property name="authenticationManager">
                <ref local="authenticationManager"/>
            </property>
    
            <property name="defaultTargetUrl">
                <value>/</value>
            </property>
    		
            <property name="filterProcessesUrl">
                <value>/j_acegi_security_check</value>
            </property>
    
            <property name="authenticationFailureUrl">
                <value>/login.jsp?login_error=1</value>
            </property>
        </bean>
    
        <bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
          <property name="key"><value>foobar</value></property>
    		<property name="userAttribute"><value>anonymousUser,ROLE_ANONYMOUS</value></property>
       </bean>
        
        <bean id="exceptionTranslationFilter"
            class="org.acegisecurity.ui.ExceptionTranslationFilter">
            <property name="authenticationEntryPoint">
                <ref local="authenticationEntryPoint" />
            </property>
        </bean>
        
        
        
        
    
    
    	<bean id="authenticationEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
    		<property name="loginFormUrl"><value>/login.jsp</value></property>
    		<property name="forceHttps"><value>false</value></property>
    	</bean>
          
    	<bean id="filterSecurityInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
    		<property name="authenticationManager"><ref bean="authenticationManager"/></property>
    		<property name="accessDecisionManager"><ref bean="httpRequestAccessDecisionManager"/></property>
    		<property name="objectDefinitionSource">
    			<value>
    				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    				PATTERN_TYPE_APACHE_ANT
    				/login.jsp*=ROLE_ANONYMOUS,ROLE_USER
    				/**=ROLE_USER
    			</value>
    		</property>
    	</bean>
    	
    	
    	<!-- ======================== AUTHENTICATION ======================= -->
    	<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
    		<property name="providers">
    			<list>
    				<ref local="daoAuthenticationProvider"/>
    			</list>
    		</property>
    	</bean>
    	
    	<bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
    		<property name="userDetailsService"><ref local="inMemoryDaoImpl"/></property>
    	</bean>
    	
    	<bean id="inMemoryDaoImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
    		<property name="userMap">
    			<value>
    				ren=ren,ROLE_USER
    			</value>
    		</property>
    	</bean>
       
       
       
       
       <bean id="httpRequestAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
          <property name="allowIfAllAbstainDecisions"><value>false</value></property>
          <property name="decisionVoters">
             <list>
                <ref bean="roleVoter"/>
             </list>
          </property>
       </bean>
       
       <!-- An access decision voter that reads ROLE_* configuration settings -->
       <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"/>
       
       
    </beans>

  • #2
    I would say the "targetClass" property of your filter definition should refer to "org.acegisecurity.util.FilterChainProxy" instead of FilterSecurityInterceptor.

    Regards,
    Andreas

    Comment


    • #3
      Thanks for pointing out

      Thanks, that was a stupid error, just couldn't see it my self, thanks for helping

      Comment

      Working...
      X