Announcement Announcement Module
Collapse
No announcement yet.
Security 2.04 causes war in Weblogic10.3 deploy fail? Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Security 2.04 causes war in Weblogic10.3 deploy fail?

    We are porting from Tomcat to Weblogic 10.3. App runs fine in tomcat - looking to run in Weblogic with security settings at "Deployment Descriptors Only".

    A simple Spring MVC app deploys without issue in weblogic - however, when war has spring security, it fails:

    Here is server log in weblogic of the failure
    Code:
    Failure occurred in the execution of deployment request with ID '1248996275362' for task '1'. Error is: 'java.lang.NoClassDefFoundError: org/springframework/security/acls/sid/SidRetrievalStrategy' java.lang.NoClassDefFoundError: org/springframework/security/acls/sid/SidRetrievalStrategy at java.lang.Class.getDeclaredFields0(Native Method) at java.lang.Class.privateGetDeclaredFields(Class.java:2291) at java.lang.Class.getDeclaredFields(Class.java:1743) at weblogic.j2ee.dd.xml.BaseJ2eeAnnotationProcessor.getFields(BaseJ2eeAnnotationProcessor.java:965) at
    Here our spring security config:
    Code:
    	<security:http auto-config="true">
     		<security:intercept-url pattern="/login.*" filters="none"/> 		<security:intercept-url pattern="/ws/*" filters="none"/>   		<security:intercept-url pattern="/*jsp" access="ROLE_USER" />    	    	
        	<security:intercept-url pattern="/*do" access="ROLE_USER" />
        	<security:form-login login-page="/login.jsp" 
        		default-target-url="/welcome.do" 
        		always-use-default-target="true"
        		authentication-failure-url="/login.jsp?login_error=1" 
        	/>
        	<security:logout logout-success-url="/login.jsp" />
    	
         	    <security:concurrent-session-control max-sessions="1" 
        	   			exception-if-maximum-exceeded="false"
        	   			expired-url="/login.jsp"
        	   	/>
      
       	</security:http>
    There is very little documentation on how to keep your WAR file clean and not hooked into weblogic..

    Any tips for at least getting our app to deploy so we can move on to the next weblogic roadblock?

    thanks

  • #2
    update: Weblogic is more strict than tomcat when it comes to required Jars... was missing security-acls which weblogic enforced.

    Comment

    Working...
    X