Announcement Announcement Module
Collapse
No announcement yet.
Error 401 (HTTP Authentication required) Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Error 401 (HTTP Authentication required)

    Hello I'm having problems configuring Spring Security with JDBC authentication. When I try to load a page the authentication form is displayed, and authentication process seems to be OK. However, in the redirection to the page I get the next error message:
    Code:
    Estado HTTP 401 -
    
    type Informe de estado
    
    mensaje
    
    descripción Este requerimiento requiere autenticación HTTP ().
    Apache Tomcat/5.5.17

    The log file don't write any error. You can see it in the attachment file.


    My web.xml
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <web-app version="2.4" xmlns="...java.sun.com/xml/ns/j2ee" xmlns:xsi="...w3.org/2001/XMLSchema-instance" xsi:schemaLocation="...java.sun.com/xml/ns/j2ee ...java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
        
        <listener>
            <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
        </listener>
        
        
        <!--Acegi-->
        
        <context-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>
                /WEB-INF/applicationContext-security.xml
            </param-value>
        </context-param>
        
        <!-- Enables Spring Security -->
        <filter>
            <filter-name>springSecurityFilterChain</filter-name>
            <filter-class>
                org.springframework.web.filter.DelegatingFilterProxy
            </filter-class>
        </filter>
    
        <filter-mapping>
            <filter-name>springSecurityFilterChain</filter-name>
            <url-pattern>/*</url-pattern>
        </filter-mapping>
    
        <!--Fin Acegi-->
    
    ...

    My applicationContext-security.xml
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <beans xmlns="...springframework.org/schema/beans"
           xmlns:xsi="...w3.org/2001/XMLSchema-instance"
        xmlns:beans="...springframework.org/schema/beans"
           xmlns:security="...springframework.org/schema/security"
           xsi:schemaLocation="...springframework.org/schema/beans
                              ...springframework.org/schema/beans/spring-beans-2.5.xsd
                               ...springframework.org/schema/security
                               ...springframework.org/schema/security/spring-security-2.0.xsd">
    
        <security:global-method-security secured-annotations="enabled" />
        
        <security:http auto-config="true">
            <!-- Restrict URLs based on role -->
            <security:intercept-url pattern="/login*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
            <security:intercept-url pattern="/logoutSuccess*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
            
            <security:intercept-url pattern="/estilosASC/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
            <security:intercept-url pattern="/JavascriptAsc/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
            <security:intercept-url pattern="/imagenes/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
            
            <security:intercept-url pattern="/**" access="ROLE_ADMIN" />
    
            <!-- Override default login and logout pages -->
            <security:form-login login-page="/login.htm" 
                                 login-processing-url="/j_acegi_security_check.do" 
                                 default-target-url="/index.htm" 
                                 authentication-failure-url="/login.htm" />
            <security:logout logout-url="/logout" logout-success-url="/logout.jsp" />
        </security:http>
    
        <security:authentication-provider>
            <security:jdbc-user-service data-source-ref="dataSource" />
        </security:authentication-provider>
            <beans:bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
    <beans:property name="driverClassName" value="org.postgresql.Driver"/>
    <beans:property name="url" value="jdbc:postgresql://localhost/myDB"/>
    <beans:property name="username" value="user"/>
    <beans:property name="password" value="pass"/>
    </beans:bean>
    </beans>
    And the login form is:
    Code:
    <form action="j_acegi_security_check.do" method="post">
    	<input type="text" name="j_username">
    	<input type="password" name="j_password">
            <input type="submit">
    </form>
    What I'm doing wrong?

    Many thanks

  • #2
    Do you have any security constraints in your web.xml ?

    Comment


    • #3
      Originally posted by Luke Taylor View Post
      Do you have any security constraints in your web.xml ?
      I had an interceptor from my old authentication system and I didn't remember them. I've removed the interceptor and acegi is working now.
      Thank you

      Comment

      Working...
      X