Announcement Announcement Module
Collapse
No announcement yet.
Configuration of Form login + Custom Authentication Provider Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Configuration of Form login + Custom Authentication Provider

    Could anyone give me some feedback on this? I always get a "org.springframework.security.AuthenticationCreden tialsNotFoundException: An Authentication object was not found in the SecurityContext" thrown. When switching from <form-login/> to <http-basic/>, it works so I think it is just form login configuration.
    Code:
    	<security:http lowercase-comparisons="false" >
    		<security:concurrent-session-control max-sessions="1" expired-url="/Login.jsp?error=2"/>
    		<security:form-login login-page="/Login.jsp" authentication-failure-url="/Login.jsp?error=1"/>
    		<security:logout invalidate-session="true" logout-url="/Logout.htm" logout-success-url="/Login.jsp?error=0"/>
    		<!-- security:http-basic/ -->
    		<!-- security:anonymous username="NONE" granted-authority=""/ -->
    		<security:intercept-url pattern="/secure/**" access="ROLE_CIM_USER"/>
    	</security:http>
    	
    	<bean id="authenticationProvider"
    		class="intellitime.spring.security.DatabaseUserAuthenticationProvider">
    	    <property name="dataSource" ref="rawDataSource"/>
    	    <security:custom-authentication-provider/>
    	</bean>

  • #2
    Modification

    Still having trouble, but not the same...I don't seem to get the username and password for auth...however my provider is now being asked to authenticate. I thought I only had to attempt access to a secure page to get the attempt to authenticate.

    Snippet of Login.jsp
    Code:
    <form name="Login" method="post" action="${pageContext.request.contextPath}/j_spring_security_check">
    <table>
    	<tr>
    		<td align="right">
    			User Name
    		</td>
    		<td align="left">
    			<input type="text" id="j_username"/>
    		</td>
    	</tr>
    	<tr>
    		<td align="right">
    			Password
    		</td>
    		<td align="left">
    			<input type="password" id="j_password"/>
    		</td>
    	</tr>
    	<tr>
    		<td colspan="2" align="center">
    			<input type="submit" value="Log In"/>
    		</td>
    	</tr>
    </table>
    </form>

    Comment


    • #3
      So you need http-basic tag even when using form-login? That seems to have fixed it. I noticed the auto-config uses both, but for some reason I though that was something different. I thought basic and form logins were mutually exlusive, like basic and digest.

      Comment


      • #4
        No, you shouldn't need to include basic authentication to get form login to work. The form-login element should be sufficient by itself.

        Comment

        Working...
        X