Announcement Announcement Module
Collapse
No announcement yet.
UNABLE to make securityContextHolderAwareRequestFilter work correctly Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • UNABLE to make securityContextHolderAwareRequestFilter work correctly

    I am using acegi 1.0.1, i configured the filterchainproxy as follow

    <bean class="org.acegisecurity.util.FilterChainProxy" id="filterChainProxy">
    <property name="filterInvocationDefinitionSource">
    <value>CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISO N
    PATTERN_TYPE_APACHE_ANT
    /**=httpSessionContextIntegrationFilter,authenticat ionProcessingFilter,securityContextHolderAwareRequ estFilter,anonymousProcessingFilter,exceptionTrans lationFilter,filterInvocationInterceptor</value>
    </property>
    </bean>

    the authentication seems ok and the debbug shows :
    17:42:35,109 DEBUG AuthenticationProcessingFilter:373 -
    Authentication success: org.acegisecurity.providers.UsernamePasswordAuthen [email protected]:
    Username: [email protected]: Username: bouayame; Password: [PROTECTED];
    Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true;
    Granted Authorities: CREATE_STAFF, EDIT_ACCOUNT, ROLE_OK, ROLE_USER, VIEW_PAYMENTS, VIEW_STAFF;
    Password: [PROTECTED]; Authenticated: true; Details: [email protected] aa08:

    RemoteIpAddress: 127.0.0.1; SessionId: 1051CEB0DDC4E40F76636B7665FEC813; Granted Authorities: CREATE_STAFF, EDIT_ACCOUNT, ROLE_OK, ROLE_USER, VIEW_PAYMENTS, VIEW_STAFF



    ................. but just after when securityContextHolderAwareRequestFilter is called , i got the following error:

    17:42:35,484 DEBUG FilterChainProxy:269 - /pages/protected/test.jsf at position 2 of 6 in additional filter chain; firing Filter: 'org.acegisecurity.wrapper.SecurityContextHolderAw [email protected]'
    17:42:35,484 DEBUG SavedRequestAwareWrapper:107 - Wrapper not replaced; SavedRequest was: null

    then just after that the anonymousProcessingFilter get called and .... It overwrite the securitycontext of the authentication, i finally ends with a username:anonymousUser and nothing works

    17:42:35,484 DEBUG FilterChainProxy:269 - /pages/protected/test.jsf at position 3 of 6 in additional filter chain; firing Filter: 'org.acegisecurity.providers.anonymous.AnonymousPr [email protected]'
    17:42:35,484 DEBUG AnonymousProcessingFilter:118 - SecurityContextHolder not populated with anonymous token, as it already contained: 'org.acegisecurity.providers.anonymous.AnonymousAu [email protected]: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: [email protected] : RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
    17:42:35,484 DEBUG FilterChainProxy:269 - /pages/protected/test.jsf at position 4 of 6 in additional filter chain; firing Filter: '[email protected] 768b0a'
    17:42:35,484 DEBUG FilterChainProxy:269 - /pages/protected/test.jsf at position 5 of 6 in additional filter chain; firing Filter: 'org.acegisecurity.intercept.web.FilterSecurityInt [email protected]'
    17:42:35,484 DEBUG FilterChainProxy:269 - /pages/protected/test.jsf at position 6 of 6 in additional filter chain; firing Filter: 'org.acegisecurity.ui.webapp.AuthenticationProcess [email protected]'
    17:42:35,484 DEBUG FilterChainProxy:260 - /pages/protected/test.jsf reached end of additional filter chain; proceeding with original chain
    3

    Am i missing something ?? I tried a downgrade to 1.0.0RC2 and it is the same beahavior

    Please Help....

  • #2
    Add in ...

    When i try to access to a secured path like:

    <bean class="org.acegisecurity.intercept.web.FilterSecur ityInterceptor" id="filterInvocationInterceptor">
    <property name="authenticationManager">
    <ref bean="authenticationManager"/>
    </property>
    <property name="accessDecisionManager">
    <ref bean="httpRequestAccessDecisionManager"/>
    </property>
    <property name="objectDefinitionSource">
    <value>CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISO N
    \A/pages/protected/admin.*\Z=ROLE_ADMIN
    \A/pages/protected/user.*\Z=ROLE_USER
    \A/pages/protected/.*\Z=ROLE_OK
    </value>
    </property>
    </bean>

    I got the following error:
    org.acegisecurity.AuthenticationCredentialsNotFoun dException: An Authentication object was not found in the SecurityContext
    at org.acegisecurity.intercept.AbstractSecurityInterc eptor.credentialsNotFound(AbstractSecurityIntercep tor.java:414)
    at org.acegisecurity.intercept.AbstractSecurityInterc eptor.beforeInvocation(AbstractSecurityInterceptor .java:308)
    at org.acegisecurity.intercept.web.FilterSecurityInte rceptor.invoke(FilterSecurityInterceptor.java:113)
    at org.acegisecurity.intercept.web.FilterSecurityInte rceptor.doFilter(FilterSecurityInterceptor.java:79 )
    at org.acegisecurity.util.FilterToBeanProxy.doFilter( FilterToBeanProxy.java:120)
    at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:202)
    at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:173)
    at org.apache.catalina.core.StandardWrapperValve.invo ke(StandardWrapperValve.java:213)
    at org.apache.catalina.core.StandardContextValve.invo ke(StandardContextValve.java:178)
    at org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java:126)
    at org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:105)
    at org.apache.catalina.core.StandardEngineValve.invok e(StandardEngineValve.java:107)
    at org.apache.catalina.connector.CoyoteAdapter.servic e(CoyoteAdapter.java:148)
    at org.apache.coyote.http11.Http11Processor.process(H ttp11Processor.java:869)
    at org.apache.coyote.http11.Http11BaseProtocol$Http11 ConnectionHandler.processConnection(Http11BaseProt ocol.java:667)
    at org.apache.tomcat.util.net.PoolTcpEndpoint.process Socket(PoolTcpEndpoint.java:527)
    at org.apache.tomcat.util.net.LeaderFollowerWorkerThr ead.runIt(LeaderFollowerWorkerThread.java:80)
    at org.apache.tomcat.util.threads.ThreadPool$ControlR unnable.run(ThreadPool.java:684)
    at java.lang.Thread.run(Thread.java:595)

    Comment


    • #3
      Problem solved...

      Actually i solved the issue, the problem was not on the order of the fiters inside the filterChainProxy... My real problem was comming from the fact that i was declaring the FilterSecurityInterceptor also in the web.xml.
      I do believe it was making twice the call to that filter leading to erasing the SecurityContext.

      Anyway, thank you for your Help
      By the way.. I am using acegi with JSF MyFaces.... If Someone have hard time making them integrated ... do not hesitate...

      Sincerly yours ....
      Edit/Delete Message

      Comment

      Working...
      X