Announcement Announcement Module
Collapse
No announcement yet.
Spring MVC + Spring Security + Hibernate Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring MVC + Spring Security + Hibernate

    I tried searching for a similar error in both Google and the forums without much success.

    I had a working Spring MVC application that used Hibernate to retrieve a "User" object from a MySql database, along with associated roles.
    I passed this on to a view as a model and it worked fine.

    I also had spring security working using an in-memory authenticaion provider (defined directly in the security context file.)

    When i attempted to implement UserDetails in my User POJO and create a custom UserDetailsService I get an exception.

    I am new to Spring and hibernate development. Any help would be appreciated.

    from Tomcat log files:
    Code:
    Aug 31, 2009 2:23:48 PM org.springframework.web.context.ContextLoader initWebApplicationContext
    SEVERE: Context initialization failed
    org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_filterChainProxyPostProcessor': Initialization of bean failed; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.transaction.config.internalTransactionAdvisor': Cannot create inner bean '(inner bean)' of type [org.springframework.transaction.interceptor.TransactionInterceptor] while setting bean property 'transactionInterceptor'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)': Cannot resolve reference to bean 'transactionManager' while setting bean property 'transactionManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'transactionManager' defined in ServletContext resource [/WEB-INF/applicationContext.xml]: Cannot resolve reference to bean 'sessionFactory' while setting bean property 'sessionFactory'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sessionFactory' defined in ServletContext resource [/WEB-INF/applicationContext.xml]: Invocation of init method failed; nested exception is org.hibernate.PropertyNotFoundException: Could not find a setter for property accountNonExpired in class springmvc.domain.User
    User.java:
    Code:
    package springmvc.domain;
    
    import java.io.Serializable;
    import java.util.HashSet;
    import java.util.Set;
    import javax.persistence.Column;
    import javax.persistence.Entity;
    import javax.persistence.FetchType;
    import javax.persistence.GeneratedValue;
    import javax.persistence.GenerationType;
    import javax.persistence.Id;
    import javax.persistence.JoinColumn;
    import javax.persistence.JoinTable;
    import javax.persistence.OneToMany;
    import javax.persistence.Table;
    import org.springframework.security.GrantedAuthority;
    import org.springframework.security.GrantedAuthorityImpl;
    import org.springframework.security.userdetails.UserDetails;
    
    @Entity
    @Table(name="pmsusers")
    public class User implements UserDetails,Serializable
    {
        private int id;
        private String username;
        private String password;
        private String firstName;
        private String lastName;
        private String uiName;
        private boolean enabled;
        private Set<Role> roles = new HashSet<Role>();
    
        @Column(name="enabled")
        public boolean isEnabled()
        {
            return enabled;
        }
        public void setEnabled(boolean enabled)
        {
            this.enabled = enabled;
        }
    
        @Column(name="firstName")
        public String getFirstName()
        {
            return firstName;
        }
        public void setFirstName(String firstName)
        {
            this.firstName = firstName;
        }
    
        @Id
        @GeneratedValue(strategy=GenerationType.IDENTITY)
        @Column(name="id")
        public int getId()
        {
            return id;
        }
        public void setId(int id)
        {
            this.id = id;
        }
    
        @Column(name="lastName")
        public String getLastName()
        {
            return lastName;
        }
        public void setLastName(String lastName)
        {
            this.lastName = lastName;
        }
    
        @Column(name="password")
        public String getPassword()
        {
            return password;
        }
        public void setPassword(String password)
        {
            this.password = password;
        }
    
        @Column(name="uiName")
        public String getUiName()
        {
            return uiName;
        }
        public void setUiName(String uiName)
        {
            this.uiName = uiName;
        }
    
        @Column(name="username")
        public String getUsername()
        {
            return username;
        }
        public void setUsername(String username)
        {
            this.username = username;
        }
    
        @OneToMany(fetch=FetchType.EAGER)
        @JoinTable(
            name="pmsuserroles",
            joinColumns={@JoinColumn(name="userId")},
            inverseJoinColumns={@JoinColumn(name="roleId")}
        )
        public Set<Role> getRoles()
        {
            return roles;
        }
    
        public void setRoles(Set<Role> roles)
        {
            this.roles = roles;
        }
    
        public GrantedAuthority[] getAuthorities()
        {
            GrantedAuthority[] authorities = new GrantedAuthority[1];
            authorities[0] = new GrantedAuthorityImpl("ROLE_USER");
    
            return authorities;
        }
    
        public boolean isAccountNonExpired()
        {
            return true;
        }
    
        public boolean isAccountNonLocked()
        {
            return true;
        }
    
        public boolean isCredentialsNonExpired()
        {
            return true;
        }
    }
    from applicationContext.xml:
    Code:
        <!-- Hibernate Support -->
        <bean id="sessionFactory" class="org.springframework.orm.hibernate3.LocalSessionFactoryBean">
            <property name="dataSource" ref="dataSource" />
            <property name="configLocation" value="WEB-INF/hibernate.cfg.xml" />
            <property name="configurationClass" value="org.hibernate.cfg.AnnotationConfiguration" />
            <property name="hibernateProperties">
                <props>
                    <prop key="hibernate.dialect">org.hibernate.dialect.MySQLDialect</prop>
                </props>
            </property>
        </bean>
        <!-- DAO -->
        <bean id="userDao" class="springmvc.repository.UserDao" >
            <property name="hibernateTemplate" ref="hibernateTemplate" />
        </bean>
        <bean id="myUserDetailsService" class="springmvc.security.MyUserDetailsService">
            <property name="userDao" ref="userDao" />
        </bean>
    from security-applicationContext.xml:
    Code:
        <sec:http auto-config="true">
            <sec:intercept-url pattern="/**" access="ROLE_USER" />
        </sec:http>
    
        <sec:authentication-provider user-service-ref="myUserDetailsService" />
    from MyUserDetailsService.java
    Code:
    package springmvc.security;
    
    import org.springframework.dao.DataAccessException;
    import org.springframework.security.userdetails.UserDetails;
    import org.springframework.security.userdetails.UserDetailsService;
    import org.springframework.security.userdetails.UsernameNotFoundException;
    import springmvc.domain.User;
    import springmvc.repository.IUserDao;
    
    public class MyUserDetailsService implements UserDetailsService
    {
        private IUserDao userDao;
    
        public void setUserDao(IUserDao userDao)
        {
            this.userDao = userDao;
        }
    
        public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException
        {
            User user = userDao.getUserByUsername(username);
    
            if(user == null)
                throw new UsernameNotFoundException("Username not found");
    
            return user;
        }
    
    }

  • #2
    im no expert but in my case, i made my methods @Transient, like this:



    PHP Code:
        @Transient
        
    public GrantedAuthority[] getAuthorities()
        {
            
    GrantedAuthority[] authorities = new GrantedAuthority[1];
            
    authorities[0] = new GrantedAuthorityImpl("ROLE_USER");

            return 
    authorities;
        }
        
        @
    Transient
        
    public boolean isAccountNonExpired()
        {
            return 
    true;
        }

        @
    Transient
        
    public boolean isAccountNonLocked()
        {
            return 
    true;
        }

        @
    Transient
        
    public boolean isCredentialsNonExpired()
        {
            return 
    true;
        } 
    or you can persist them in your db.

    -marckun

    Comment


    • #3
      Originally posted by marcKun View Post
      im no expert but in my case, i made my methods @Transient, like this:


      or you can persist them in your db.

      -marckun
      Thank you so much. Works like a charm now.

      Comment


      • #4
        Another method would be defining the JPA mappings on the variables instead of the methods.
        This way you do not need to define the methods transient.

        Example
        Code:
        	@Id
        	@GeneratedValue
        	private long id;
        	@Column
        	private String username;  
        	@Column
        	private String password; 
        
        My getters for security
        
        	/* (non-Javadoc)
        	 * @see org.springframework.security.core.userdetails.UserDetails#isAccountNonExpired()
        	 */
        	public boolean isAccountNonExpired() {
        		// Not implemented in further detail.
        		return true;
        	}
        
        	/* (non-Javadoc)
        	 * @see org.springframework.security.core.userdetails.UserDetails#isAccountNonLocked()
        	 */
        	public boolean isAccountNonLocked() {
        		// Not implemented in further detail.
        		return true;
        	}
        
        	/* (non-Javadoc)
        	 * @see org.springframework.security.core.userdetails.UserDetails#isCredentialsNonExpired()
        	 */
        	public boolean isCredentialsNonExpired() {
        		// Not implemented in further detail.
        		return true;
        	}

        Kind regards,

        Marc de Kwant

        Comment


        • #5
          Originally posted by m.de.kwant View Post
          Another method would be defining the JPA mappings on the variables instead of the methods.
          This way you do not need to define the methods transient.

          Kind regards,

          Marc de Kwant
          Good to know. Thank you.

          Comment

          Working...
          X