Announcement Announcement Module
Collapse
No announcement yet.
Spring Security Tomcat server does not start Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring Security Tomcat server does not start

    I am using Spring Security 2.0.1 and trying to authenticate using LDAP (IBM Active Directory v5.2.)

    I am not getting any error messages however Tomcat is not starting and gives error message: Timeout waiting for Tomcat v5.5 Server at localhost to start. Server did not start after 45s.

    The LDAP server is definitely running as I can login to another application using the same ldap server. Just don't know what is missing or going wrong, can anybody give me any clues ? Thanks in advance.

    This is my configuration file:

    <beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schem...-beans-2.0.xsd
    http://www.springframework.org/schema/securityhttp://www.springframework.org/schema/security/spring-security-2.0.1.xsd">

    <http>
    <intercept-url pattern="/" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
    <intercept-url pattern="/login.html" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
    <intercept-url pattern="/homePage.html" access="ROLE_ADMIN, ROLE_USER"/>
    <intercept-url pattern="/**" access="ROLE_ADMIN"/>
    <form-login login-page="/login.html"
    default-target-url="/homePage.html"
    authentication-failure-url="/login.html?login_error=1"/>
    <logout logout-success-url="/"/>
    </http>

    <beans:bean id="contextSource" class="org.springframework.security.ldap.DefaultSp ringSecurityContextSource">
    <beans:constructor-arg value="ldap://testserver:389/o=diamond"/>
    <beansroperty name="userDn" value="cn=root"/>
    <beansroperty name="password" value="diamond"/>
    </beans:bean>

    <beans:bean id="ldapAuthProvider" class="org.springframework.security.providers.ldap .LdapAuthenticationProvider">
    <custom-authentication-provider />
    <beans:constructor-arg>
    <beans:bean class="org.springframework.security.providers.ldap .authenticator.PasswordComparisonAuthenticator">
    <beans:constructor-arg ref="contextSource"/>
    <beansroperty name="userDnPatterns">
    <beans:list>
    <beans:value>uid={0},ou=users,ou=web,o=diamond</beans:value>
    </beans:list>
    </beansroperty>
    </beans:bean>
    </beans:constructor-arg>
    <beans:constructor-arg>
    <beans:bean class="org.springframework.security.ldap.populator .DefaultLdapAuthoritiesPopulator">
    <beans:constructor-arg ref="contextSource"/>
    <beans:constructor-arg value="ou=groups,ou=web,o=diamond"/>
    <beansroperty name="groupSearchFilter" value="(uniquemember=cn={1}*)"/>
    </beans:bean>
    </beans:constructor-arg>
    </beans:bean>

    </beans:beans>

  • #2
    Can you explain what you mean by

    "Tomcat is not starting and gives error message:" ?

    Where does the error message come from? Have you looked in the log, enabled debug logging?

    Why do you think Spring Security is the problem? Does it work if you aren't using LDAP?

    Comment


    • #3
      Spring Security and LDAP

      I am now getting some error messages as I must have put in some wrong values in the <intercept-url>. The error message now seem to be related to LDAP naming exception. I have spring ldap 1.2.1 in my classpath.


      SEVERE: Servlet.service() for servlet default threw exception
      java.lang.VerifyError: (class: org/springframework/ldap/support/LdapUtils, method: convertLdapException signature: (Ljavax/naming/NamingExceptionLorg/springframework/ldap/NamingException Wrong return type in function
      at org.springframework.ldap.core.LdapTemplate.execute WithContext(LdapTemplate.java:786)
      at org.springframework.ldap.core.LdapTemplate.execute ReadOnly(LdapTemplate.java:771)
      at org.springframework.security.ldap.SpringSecurityLd apTemplate.retrieveEntry(SpringSecurityLdapTemplat e.java:113)
      at org.springframework.security.providers.ldap.authen ticator.PasswordComparisonAuthenticator.authentica te(PasswordComparisonAuthenticator.java:82)
      at org.springframework.security.providers.ldap.LdapAu thenticationProvider.authenticate(LdapAuthenticati onProvider.java:229)
      at org.springframework.security.providers.ProviderMan ager.doAuthentication(ProviderManager.java:195)
      at org.springframework.security.AbstractAuthenticatio nManager.authenticate(AbstractAuthenticationManage r.java:46)
      at org.springframework.security.ui.webapp.Authenticat ionProcessingFilter.attemptAuthentication(Authenti cationProcessingFilter.java:81)
      at org.springframework.security.ui.AbstractProcessing Filter.doFilterHttp(AbstractProcessingFilter.java: 249)
      at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
      at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :371)
      at org.springframework.security.ui.logout.LogoutFilte r.doFilterHttp(LogoutFilter.java:87)
      at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
      at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :371)
      at org.springframework.security.ui.SessionFixationPro tectionFilter.doFilterHttp(SessionFixationProtecti onFilter.java:68)
      at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
      at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :371)
      at org.springframework.security.context.HttpSessionCo ntextIntegrationFilter.doFilterHttp(HttpSessionCon textIntegrationFilter.java:235)
      at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
      at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :371)
      at org.springframework.security.util.FilterChainProxy .doFilter(FilterChainProxy.java:174)
      at org.springframework.web.filter.DelegatingFilterPro xy.invokeDelegate(DelegatingFilterProxy.java:183)
      at org.springframework.web.filter.DelegatingFilterPro xy.doFilter(DelegatingFilterProxy.java:138)
      at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:215)
      at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:188)
      at org.apache.catalina.core.StandardWrapperValve.invo ke(StandardWrapperValve.java:213)
      at org.apache.catalina.core.StandardContextValve.invo ke(StandardContextValve.java:174)
      at org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java:127)
      at org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:117)
      at org.apache.catalina.core.StandardEngineValve.invok e(StandardEngineValve.java:108)
      at org.apache.catalina.connector.CoyoteAdapter.servic e(CoyoteAdapter.java:174)
      at org.apache.coyote.http11.Http11Processor.process(H ttp11Processor.java:874)
      at org.apache.coyote.http11.Http11BaseProtocol$Http11 ConnectionHandler.processConnection(Http11BaseProt ocol.java:665)
      at org.apache.tomcat.util.net.PoolTcpEndpoint.process Socket(PoolTcpEndpoint.java:528)
      at org.apache.tomcat.util.net.LeaderFollowerWorkerThr ead.runIt(LeaderFollowerWorkerThread.java:81)
      at org.apache.tomcat.util.threads.ThreadPool$ControlR unnable.run(ThreadPool.java:689)
      at java.lang.Thread.run(Thread.java:595)

      Comment


      • #4
        Spring Security and LDAP

        I just found out what the problem what, there were 2 versions of spring ldap in the classpath, version 1.2.1 and 1.1.2. Removed the later one and seemed to get rid of the error messages.

        Authentication seems to be fine, but i can't seem to get the authorisation to work. It gives error message bad credentials. Can you see anything wrong in the config ?

        In my LDAP the structure is like this:

        The user is:

        dn: cn=test.ml,ou=users,ou=web,o=diamond
        sn: test.ml
        uid: test.ml
        cn: test.ml
        userPassword: bbb

        The user belong to these group:

        dn: cn=HelpDesk,ou=groups,ou=web,o=diamond
        objectclass: groupOfUniqueNames
        objectclass: top
        cn: HelpDesk
        description: Help Desk
        businesscategory: staff
        uniquemember: cn=test.helpdesk, ou=users, ou=web, o=diamond
        uniquemember: cn=test.ml,ou=users,ou=web,o=diamond

        dn: cn=Adviser,ou=groups,ou=web,o=diamond
        objectclass: groupOfUniqueNames
        objectclass: top
        cn: Adviser
        description: Adviser
        businesscategory: staff
        uniquemember: cn=test.adviser, ou=users, ou=web, o=diamond
        uniquemember: cn=test.ml,ou=users,ou=web,o=diamond

        The mapping i got is:

        <beans:bean id="ldapAuthProvider" class="org.springframework.security.providers.ldap .LdapAuthenticationProvider">
        <custom-authentication-provider />
        <beans:constructor-arg>
        <beans:bean class="org.springframework.security.providers.ldap .authenticator.PasswordComparisonAuthenticator">
        <beans:constructor-arg ref="contextSource"/>
        <beansroperty name="userDnPatterns">
        <beans:list>
        <beans:value>cn={0},ou=users,ou=web,o=diamond</beans:value>
        </beans:list>
        </beansroperty>
        </beans:bean>
        </beans:constructor-arg>
        <beans:constructor-arg>
        <beans:bean class="org.springframework.security.ldap.populator .DefaultLdapAuthoritiesPopulator">
        <beans:constructor-arg ref="contextSource"/>
        <beans:constructor-arg value="ou=groups,ou=web,o=diamond"/>
        <beansroperty name="groupSearchFilter" value="(uniquemember=cn={0}*)"/>
        </beans:bean>
        </beans:constructor-arg>
        </beans:bean>

        Comment

        Working...
        X