Announcement Announcement Module
Collapse
No announcement yet.
Another SecurityContextHolder.getContext().getAuthenticati on()==null problem Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Another SecurityContextHolder.getContext().getAuthenticati on()==null problem

    I've found several thread written by people, that tried to get user details and got null. But I havn't find answer situable to my case.
    I have an application that working with GWT and Spring. In new version my boss wanted to Integrate it with accegi login and password encryption. I did it, and now my application open html+JavaScript page, compiled from Java with GWT, only after acegi login.
    Now, I have another problem. My program need to know what user logged in. I wrote simple function at server side , that just call to SecurityContextHolder.getContext().getAuthenticati on() and returns principal username, but it doesn't work.
    I saw in debugger that function is called from client side, but getAuthentication() returns null.
    It seems strange, because the call is done after successful login. Is anybody know , how to solve it?

    my function fails at block code that same to code in 2.2 of acegi documentation:
    Code:
    public synchronized Employe getCurrentEmploye() {
            Object obj =
                    SecurityContextHolder.getContext().getAuthentication().getPrincipal();
            String username;
    if ( obj instanceof UserDetails ) {
                username= ( (UserDetails)obj ).getUsername();
            } else {
                username = obj.toString();
            }
    
            return
                    username!=null ?
                            employeDao.findByUsername( username ) :
                            null;
        }
    acegi configuration :
    Code:
    <beans>
    	<bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/>
    
        <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
    		<property name="authenticationManager" ref="authenticationManager"/>
    		<property name="authenticationFailureUrl" value="/gwt/login_error.html"/>
    		<property name="defaultTargetUrl" value="/"/>
    		<property name="filterProcessesUrl" value="/gwt/j_acegi_security_check"/>
    		<property name="rememberMeServices" ref="rememberMeServices"/>
    	</bean>
    
        <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
    		<property name="authenticationEntryPoint">
    			<bean class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
    				<property name="loginFormUrl" value="/gwt/acegilogin.html"/>
    				<property name="forceHttps" value="false"/>
    			</bean>
    		</property>
    	</bean>
    
        <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
    		<property name="authenticationManager" ref="authenticationManager"/>
    		<property name="accessDecisionManager">
    			<bean class="org.acegisecurity.vote.AffirmativeBased">
    				<property name="allowIfAllAbstainDecisions" value="false"/>
    				<property name="decisionVoters">
    					<list>
    						<bean class="org.acegisecurity.vote.RoleVoter"/>
    						<bean class="org.acegisecurity.vote.AuthenticatedVoter"/>
    					</list>
    				</property>
    			</bean>
    		</property>
    		<property name="objectDefinitionSource">
                <!-- -->
                <value><![CDATA[
    			    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    				PATTERN_TYPE_APACHE_ANT
    				/gwt/j_acegi_security_check=ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_SECTION_MANAGER,ROLE_USER
    				/gwt/login_error.html=ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_SECTION_MANAGER,ROLE_USER
    				/gwt/acegilogin.html=ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_SECTION_MANAGER,ROLE_USER
    				/gwt/logo.png=ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_SECTION_MANAGER,ROLE_USER
    				/gwt/**=ROLE_ADMIN,ROLE_SECTION_MANAGER,ROLE_USER,IS_AUTHENTICATED_REMEMBERED 
    			]]></value>
    		</property>
    	</bean>
    
        <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
    		<property name="providers">
    			<list>
    				<ref local="daoAuthenticationProvider"/>
    				<bean class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
    					<property name="key" value="changeThis"/>
    				</bean>
    				<bean class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
    					<property name="key" value="changeThis"/>
    				</bean>
    			</list>
    		</property>
    	</bean>
    
        <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
    		<property name="userDetailsService" ref="userDetailsDaoService"/>
            <property name="passwordEncoder" ref="passwordEncoder" />
        </bean>
    
    </beans>
    web.xml :
    Code:
                <servlet>
                    <servlet-name>spring</servlet-name>
                    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
                    <load-on-startup>-1</load-on-startup>
                </servlet>
    
                <servlet>
                    <servlet-name>ERService</servlet-name>
                    <servlet-class>il.co.entrypoint.service.ERServiceImpl</servlet-class>
                </servlet>
    
                <servlet-mapping>
                    <servlet-name>spring</servlet-name>
                    <url-pattern>/async/*</url-pattern>
                </servlet-mapping>
    
                <!-- http://static.springframework.org/spring/docs/2.0.x/reference/beans.html#beans-factory-scopes-other-web-configuration -->
                <listener>
                    <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
                </listener>
    
                <!-- http://static.springframework.org/spring/docs/2.0.x/reference/beans.html#context-create -->
                <listener>
                    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
                </listener>
    
                <filter>
                  <filter-name>Acegi Filter Chain Proxy</filter-name>
                  <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
                  <init-param>
                    <param-name>targetClass</param-name>
                    <param-value>org.acegisecurity.util.FilterChainProxy</param-value>
                  </init-param>
                </filter>
    
                <filter>
                    <filter-name>requestContextFilter</filter-name>
                    <filter-class>org.springframework.web.filter.RequestContextFilter</filter-class>
                </filter>
    
                <filter>
                    <filter-name>openSessionInView</filter-name>
                    <filter-class>org.springframework.orm.hibernate3.support.OpenSessionInViewFilter</filter-class>
                </filter>
    
               <filter-mapping>
                    <filter-name>Acegi Filter Chain Proxy</filter-name>
                    <url-pattern>/gwt/*</url-pattern>
               </filter-mapping>
    
                <filter-mapping>
                    <filter-name>requestContextFilter</filter-name>
                    <url-pattern>/gwt/*</url-pattern>
                    <url-pattern>/files/*</url-pattern>
                </filter-mapping>
    
                <filter-mapping>
                    <filter-name>openSessionInView</filter-name>
                    <servlet-name>ERService</servlet-name>
                    <dispatcher>REQUEST</dispatcher>
                    <dispatcher>FORWARD</dispatcher>
                    <dispatcher>INCLUDE</dispatcher>
                </filter-mapping>

  • #2
    Sorry about creatin new thread. I've working about this problem 10 hours and two minutes after I've posted it I solve this problem. It was becausein web.xml all GAT-Ajax requests have url pattern /async/* and this pattern was not included in Acegi Filter Chain mapping.

    Comment

    Working...
    X