Announcement Announcement Module
Collapse
No announcement yet.
Acegi+Spring+Hibernate Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Acegi+Spring+Hibernate

    For last few days i am trying to develop a demo webapplication using Acegi+Spring+Hibernate. I have taken latest version for all. For you help i have attached the source files with this post. My problem is whenever i submit the login form i get following error:

    org.hibernate.LazyInitializationException: could not initialize proxy - the owning Session was closed
    org.hibernate.proxy.AbstractLazyInitializer.initia lize(AbstractLazyInitializer.java:53)
    org.hibernate.proxy.AbstractLazyInitializer.getImp lementation(AbstractLazyInitializer.java:84)
    org.hibernate.proxy.CGLIBLazyInitializer.intercept (CGLIBLazyInitializer.java:134)
    example.model.Role$$EnhancerByCGLIB$$a82dd37c.toSt ring(<generated>)
    example.model.User.toString(User.java:113)
    java.lang.String.valueOf(String.java:2615)
    java.lang.StringBuffer.append(StringBuffer.java:22 0)
    example.dao.UserDaoHibernate.loadUserByUsername(Us erDaoHibernate.java:79)
    org.acegisecurity.providers.dao.DaoAuthenticationP rovider.retrieveUser(DaoAuthenticationProvider.jav a:87)
    org.acegisecurity.providers.dao.AbstractUserDetail sAuthenticationProvider.authenticate(AbstractUserD etailsAuthenticationProvider.java:115)
    org.acegisecurity.providers.ProviderManager.doAuth entication(ProviderManager.java:188)
    org.acegisecurity.AbstractAuthenticationManager.au thenticate(AbstractAuthenticationManager.java:45)
    org.acegisecurity.ui.webapp.AuthenticationProcessi ngFilter.attemptAuthentication(AuthenticationProce ssingFilter.java:71)
    org.acegisecurity.ui.AbstractProcessingFilter.doFi lter(AbstractProcessingFilter.java:199)
    org.acegisecurity.util.FilterChainProxy$VirtualFil terChain.doFilter(FilterChainProxy.java:274)
    org.acegisecurity.ui.logout.LogoutFilter.doFilter( LogoutFilter.java:106)
    org.acegisecurity.util.FilterChainProxy$VirtualFil terChain.doFilter(FilterChainProxy.java:274)
    org.acegisecurity.context.HttpSessionContextIntegr ationFilter.doFilter(HttpSessionContextIntegration Filter.java:229)
    org.acegisecurity.util.FilterChainProxy$VirtualFil terChain.doFilter(FilterChainProxy.java:274)
    org.acegisecurity.concurrent.ConcurrentSessionFilt er.doFilter(ConcurrentSessionFilter.java:95)
    org.acegisecurity.util.FilterChainProxy$VirtualFil terChain.doFilter(FilterChainProxy.java:274)
    org.acegisecurity.util.FilterChainProxy.doFilter(F ilterChainProxy.java:148)
    org.acegisecurity.util.FilterToBeanProxy.doFilter( FilterToBeanProxy.java:98)

    Please help me !!!!!!

  • #2
    Originally posted by fazahid View Post
    org.hibernate.LazyInitializationException: could not initialize proxy - the owning Session was closed
    org.hibernate.proxy.AbstractLazyInitializer.initia lize(AbstractLazyInitializer.java:53)
    org.hibernate.proxy.AbstractLazyInitializer.getImp lementation(AbstractLazyInitializer.java:84)
    org.hibernate.proxy.CGLIBLazyInitializer.intercept (CGLIBLazyInitializer.java:134)
    example.model.Role$$EnhancerByCGLIB$$a82dd37c.toSt ring(<generated>)
    example.model.User.toString(User.java:113)
    java.lang.String.valueOf(String.java:2615)
    java.lang.StringBuffer.append(StringBuffer.java:22 0)
    example.dao.UserDaoHibernate.loadUserByUsername(Us erDaoHibernate.java:79)
    I can't tell you exactly what is happening because I am not going to decompile your class files. However, this looks like a typical "lazy initialization" issue. It is not related to acegi at all - but is caused by how hibernate treats associations by default and the fact you are accesing the userDao directly - not through a spring tx proxy.

    Hibernate: When you find a user object in the db, by default, the associated role object will be an uninitialized proxy. You can't do much with the object once the hibernate session you found it with is out of scope.

    Spring TX and the HibernateTemplate: Note that your DaoAuthenticationProvider is accessing the dao directly. I am not sure how your dao is working with hibernate. If you using a hibernateTemplate, either newing one up in your class or by subclassing HibernateDaoSupport, you need to know the lifespan of the associated hibernate session is very different if the underlying hibernate template is accessed behind a spring tx proxy versus being accessed without any tx support. If you don't have a preexisting tx, the hibernate template will create a new hibernate session for each hibernate template operation and then close it. That means that the hibernate session that found your user, would no longer be available once the hibernate template returned it. Calling toString() on a lazy proxy associated to that user would then cause your issue.

    You should probably review all the hibernate docs for "lazy initialization" and walk through the hibernate template code. That will give you a much better sense of how the hibernate sessions are being treated and what that will cause.

    Carlos

    Comment


    • #3
      I would guess this is a pretty simply problem to fix. You haven't got a transaction around the dao and you are working with a Hibernate proxy. If you add the transaction and also call HibernateTemplate.initialize(..) with your found User, everything should be fine!

      Comment


      • #4
        Thanks a lot. Its' now working. Thanks a lot for your guidelines. What i made mistake is: i implemeted the UserDetailsService in the dao layer but my transaction was configured for service layer. Now i have implemented the UserDetailsService in the service layer and its workiing.

        NEW PROBLEM:
        =============
        After successfull authentication i don't get Authentication object in SecurityContextHolder. Can you help me why it is happening?

        The full source code is available as attachment.

        Comment


        • #5
          SecurityContextHolder.getContext().getAuthenticati on() returns null if used in JSP pages. But the same statement works fine in Action class.

          <authz:authentication operation="username"/> also works.

          So can anybody tell me whats wrong with me so that SecurityContextHolder.getContext().getAuthenticati on() is returning null in jsp pages.

          Comment


          • #6
            I would take a look at the acegi-security-sample-tutorial and compare what you have with that. It works, so it shouldn't be too hard to spot any differences.

            Comment


            • #7
              thanks karldmoore.... I have tried my best but something is missing my eyes. So it would be great if u can help me out.

              Comment


              • #8
                Hi there

                I had the same problem that you were having. For example the authentication part was working but the jsp page was showing that the authentication object was null. After a considerable amount of head banging i decided to take the sample application and add the bits i needed which solved the problem.

                I agree with Kaldmoore, take a look at the sample tutorial and try to add your stuff into that and build it from there. The other option is to paste your context file and i can have a look at it.

                Not sure if that helped.

                Comment


                • #9
                  The problem here is it's hard for me to just look at it and instantly see what's wrong. Typically the easiest way, is just to compare what works e.g. the original example with what doesn't e.g. your project.

                  Comment

                  Working...
                  X