Announcement Announcement Module
Collapse
No announcement yet.
Custom ExceptionTranslationFilter in Spring 2.0 Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Custom ExceptionTranslationFilter in Spring 2.0

    I'm trying to set up a custom ExceptionTranslationFilter in Spring 2.0, and I'm seeing the following error:

    org.springframework.security.config.SecurityConfig urationException: Filters 'org.springframework.security.ui.ExceptionTranslat ionFilter[ order=1400; ]' and 'org.springframework.security.ui.ExceptionTranslat ionFilter[ order=1400; ]' have the same 'order' value. When using custom filters, please make sure the positions do not conflict with default filters. Alternatively you can disable the default filters by removing the corresponding child elements from <http> and not avoiding the use of <http auto-config='true'>.

    I have auto-config set to 'false", and as far as I can tell I don't have any child elements in <http> that sets up a default ExceptionTranslationFilter. I can't figure why I'm getting this error.

    Here's my config:


    Code:
    <beans:beans>
    	<http auto-config="false" entry-point-ref="authenticationEntryPoint">
    		<intercept-url pattern="/acct/AccountInfo.do" access="ROLE_CUSTOMER" />
    	</http>
    	
    	<authentication-provider>  
    		<jdbc-user-service id="userService" data-source-ref="custDataSource"  
    			users-by-username-query="select cst_email username, cst_password password, '1' enabled from customer where cst_email = ?"  
    			authorities-by-username-query="select cst_email username, 'ROLE_CUSTOMER' authority from customer where cst_email = ?"/>  
    	</authentication-provider> 
    
    	 <authentication-manager alias="authenticationManager"/> 
    	 
    	 <beans:bean id="authenticationProcessingFilter" class="com.mycompany.security.MyCompanyAuthenticationProcessingFilter"> 
    	 	<custom-filter position="AUTHENTICATION_PROCESSING_FILTER"/> 
    		<beans:property name="authenticationManager" ref="authenticationManager"/> 
    		<beans:property name="authenticationFailureUrl" value="/SpringPreSignIn.do?retry=true" /> 
    		<beans:property name="defaultTargetUrl" value="/" />
    		<beans:property name="targetUrlResolver">
    		          <beans:bean id="targetUrlResolver" class="com.mycompany.security.MyCompanyTargetUrlResolver"/>
    		</beans:property>
    		<beans:property name="rememberMeServices" ref="rememberMeServices" />
    	 </beans:bean>
    	 
    	 <beans:bean id="authenticationEntryPoint" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
    		<beans:property name="loginFormUrl" value="/SpringPreSignIn.do"/>
    	</beans:bean>
    	
    	<beans:bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter">
    		<custom-filter position="LOGOUT_FILTER"/> 
    		<beans:constructor-arg value="/"/> 
    		<beans:constructor-arg>
    		<beans:list>
    		       <beans:ref bean="rememberMeServices"/>
    		       <beans:bean class="com.mycompany.security.MyCompanyLogoutHandler" />
    		       <beans:bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler"/>
    		</beans:list>
    		</beans:constructor-arg>
    		<beans:property name="filterProcessesUrl" value="/SignOut.do" />
    	</beans:bean>
      
    	<beans:bean id="rememberMeProcessingFilter" class="com.mycompany.security.MyCompanyRememberMeProcessingFilter">
      		<custom-filter position="REMEMBER_ME_FILTER"/> 
    		<beans:property name="rememberMeServices" ref="rememberMeServices"/>
    		<beans:property name="authenticationManager" ref="authenticationManager" />
    	</beans:bean>
      
    	<beans:bean id="rememberMeServices" class="org.springframework.security.ui.rememberme.TokenBasedRememberMeServices">
      		<beans:property name="userDetailsService" ref="userService"/>
    		<beans:property name="tokenValiditySeconds" value="60"/>
    		<beans:property name="key" value="springRocks"/>
    	</beans:bean>
    	
    	<beans:bean id="rememberMeAuthenticationProvider" class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider">
    		<beans:property name="key" value="springRocks"/>
    	</beans:bean>
    
    
    	<beans:bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
    		<custom-filter position="EXCEPTION_TRANSLATION_FILTER"/>
    		<beans:property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
    		<beans:property name="accessDeniedHandler">
    			<beans:bean class="org.springframework.security.ui.AccessDeniedHandlerImpl">
    				<beans:property name="errorPage" value="/network/PartnerPreSignup1.do"/>
    			</beans:bean>
    		</beans:property>
    	</beans:bean>
    </beans:beans>
    Any help would be greatly appreciated!

    Thanks in advance,

    Carissa

  • #2
    Strictly speaking, you can't supply your own ExceptionTranslationFilter if you're using the namespace. It may work if you put it after the existing one, but I wouldn't recommend relying on that.

    Comment

    Working...
    X