Announcement Announcement Module
Collapse
No announcement yet.
Not granted any authorities Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Not granted any authorities

    Hi folks,

    I have the following problem: I implemented the AuthenticationDao interface and I get the correct information of my user in the database, but acegi informs that I not having authorization to enter in the site.
    Somebody would know to say the reason?

    My development environment setup is:

    /WEB-INF/applicationContext-Acegi.xml
    <?xml version="1.0" encoding="UTF-8"?>

    <!DOCTYPE beans PUBLIC
    "-//SPRING//DTD BEAN//EN"
    "http://www.springframework.org/dtd/spring-beans.dtd">

    <beans>
    <bean id="authenticationDao"
    class="....classes.dao.hibernate.AuthenticationHib ernateDao">
    <property name="sessionFactory">
    <ref bean="sessionFactory" />
    </property>
    </bean>
    <bean id="filterInvocationInterceptor"
    class="net.sf.acegisecurity.intercept.web.FilterSe curityInterceptor">
    <property name="authenticationManager">
    <ref bean="authenticationManager"/>
    </property>
    <property name="accessDecisionManager">
    <ref bean="accessDecisionManager"/>
    </property>
    <property name="objectDefinitionSource">
    <value>CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISO N
    PATTERN_TYPE_APACHE_ANT
    /secure/**=ROLE_USER</value>
    </property>
    </bean>
    <bean id="daoAuthenticationProvider"
    class="net.sf.acegisecurity.providers.dao.DaoAuthe nticationProvider">
    <property name="authenticationDao">
    <ref bean="authenticationDao"/>
    </property>
    <property name="userCache">
    <ref bean="userCache"/>
    </property>
    </bean>
    <bean id="userCache"
    class="net.sf.acegisecurity.providers.dao.cache.Eh CacheBasedUserCache">
    </bean>
    <bean id="authenticationManager"
    class="net.sf.acegisecurity.providers.ProviderMana ger">
    <property name="providers">
    <list>
    <ref bean="daoAuthenticationProvider"/>
    </list>
    </property>
    </bean>
    <bean id="roleVoter"
    class="net.sf.acegisecurity.vote.RoleVoter"/>
    <bean id="accessDecisionManager"
    class="net.sf.acegisecurity.vote.AffirmativeBased" >
    <property name="allowIfAllAbstainDecisions">
    <value>false</value>
    </property>
    <property name="decisionVoters">
    <list>
    <ref bean="roleVoter"/>
    </list>
    </property>
    </bean>
    <bean id="authenticationProcessingFilter"
    class="net.sf.acegisecurity.ui.webapp.Authenticati onProcessingFilter">
    <property name="authenticationManager">
    <ref bean="authenticationManager"/>
    </property>
    <property name="authenticationFailureUrl">
    <value>/login.jsp?login_error=1</value>
    </property>
    <property name="defaultTargetUrl">
    <value>/</value>
    </property>
    <property name="filterProcessesUrl">
    <value>/loginAction.do</value>
    </property>
    </bean>
    <bean id="securityEnforcementFilter"
    class="net.sf.acegisecurity.intercept.web.Security EnforcementFilter">
    <property name="filterSecurityInterceptor">
    <ref bean="filterInvocationInterceptor"/>
    </property>
    <property name="authenticationEntryPoint">
    <ref bean="authenticationProcessingFilterEntryPoint"/>
    </property>
    </bean>
    <bean id="authenticationProcessingFilterEntryPoint"
    class="net.sf.acegisecurity.ui.webapp.Authenticati onProcessingFilterEntryPoint">
    <property name="loginFormUrl">
    <value>/login.jsp</value>
    </property>
    <property name="forceHttps">
    <value>false</value>
    </property>
    </bean>
    <bean id="autoIntegrationFilter"
    class="net.sf.acegisecurity.ui.AutoIntegrationFilt er"/>
    </beans>
    /WEB-INF/web.xml
    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
    <web-app>
    <context-param>
    <param-name>webAppRootKey</param-name>
    <param-value>applog.root</param-value>
    </context-param>
    <context-param>
    <param-name>log4jConfigLocation</param-name>
    <param-value>/WEB-INF/classes/log4j.properties</param-value>
    </context-param>
    <context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>/WEB-INF/applicationContext.xml /WEB-INF/applicationContext-Acegi.xml</param-value>
    </context-param>
    <filter>
    <filter-name>Acegi Authentication Processing Filter</filter-name>
    <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
    <init-param>
    <param-name>targetClass</param-name>
    <param-value>net.sf.acegisecurity.ui.webapp.Authenticatio nProcessingFilter</param-value>
    </init-param>
    </filter>
    <filter>
    <filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
    <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
    <init-param>
    <param-name>targetClass</param-name>
    <param-value>net.sf.acegisecurity.ui.AutoIntegrationFilte r</param-value>
    </init-param>
    </filter>
    <filter>
    <filter-name>Acegi HTTP Request Security Filter</filter-name>
    <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
    <init-param>
    <param-name>targetClass</param-name>
    <param-value>net.sf.acegisecurity.intercept.web.SecurityE nforcementFilter</param-value>
    </init-param>
    </filter>
    <filter-mapping>
    <filter-name>Acegi Authentication Processing Filter</filter-name>
    <url-pattern>/*</url-pattern>
    </filter-mapping>
    <filter-mapping>
    <filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
    <url-pattern>/*</url-pattern>
    </filter-mapping>
    <filter-mapping>
    <filter-name>Acegi HTTP Request Security Filter</filter-name>
    <url-pattern>/*</url-pattern>
    </filter-mapping>
    <listener>
    <listener-class>org.springframework.web.util.Log4jConfigList ener</listener-class>
    </listener>
    <listener>
    <listener-class>org.springframework.web.context.ContextLoade rListener</listener-class>
    </listener>
    <servlet>
    <servlet-name>action</servlet-name>
    <servlet-class>org.apache.struts.action.ActionServlet</servlet-class>
    <init-param>
    <param-name>config</param-name>
    <param-value>/WEB-INF/struts-config.xml</param-value>
    </init-param>
    <init-param>
    <param-name>debug</param-name>
    <param-value>2</param-value>
    </init-param>
    <load-on-startup>2</load-on-startup>
    </servlet>
    <servlet-mapping>
    <servlet-name>action</servlet-name>
    <url-pattern>/do/*</url-pattern>
    </servlet-mapping>
    <session-config>
    <session-timeout>20</session-timeout>
    </session-config>
    <!-- taglibs -->
    </web-app>
    ....classes.dao.hibernate.AuthenticationHibernateD ao
    package ....classes.dao.hibernate;

    import ....classes.dao.hibernate.HibernateDAO;
    import ....classes.vo.MyUserVO;
    import net.sf.acegisecurity.UserDetails;
    import net.sf.acegisecurity.providers.dao.*;
    import org.apache.commons.logging.*;
    import org.springframework.dao.DataAccessException;
    import net.sf.acegisecurity.GrantedAuthorityImpl;
    import net.sf.acegisecurity.GrantedAuthority;

    public class AuthenticationHibernateDao extends HibernateDAO implements
    AuthenticationDao {

    private static Log log = LogFactory.getLog(AuthenticationHibernateDao.class );

    public UserDetails loadUserByUsername(String username) throws
    UsernameNotFoundException, DataAccessException {
    if (log.isInfoEnabled()) {
    log.info("User authentication for " + username);
    }
    MyUserVO myUser = new MyUserVO();
    myUser.setlogin(username);
    myUser = (MyUserVO) find(myUser, myUser.getlogin());
    if (myUser != null) {
    GrantedAuthority[] grantedAuthorities = {new GrantedAuthorityImpl("ROLE_USER")};
    return new User(myUser.getlogin(),
    myUser.getpassword(),
    true,
    grantedAuthorities);

    }
    if (log.isWarnEnabled()) {
    log.warn("User [" + username + "] not found!");
    }
    throw new UsernameNotFoundException("User [" + username +
    "] not found.");
    }
    }
    login.jsp
    <%@ page contentType="text/html; charset=iso-8859-1" %>
    <%@ taglib uri="/WEB-INF/struts-bean.tld" prefix="bean" %>
    <%@ taglib uri="/WEB-INF/struts-html.tld" prefix="html" %>
    <%@ taglib uri="/WEB-INF/struts-logic.tld" prefix="logic" %>
    <%@ taglib uri="/WEB-INF/c.tld" prefix="c" %>
    <%@ page import="net.sf.acegisecurity.ui.AbstractProcessing Filter" %>
    <%@ page import="net.sf.acegisecurity.AuthenticationExcepti on" %>
    <html:html>
    <head>
    <title><bean:message key="title.appName"/></title>
    <link href="tcisupply.css" rel="stylesheet" type="text/css">
    </head>
    <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
    <center>
    <table width="140" height="88" border="0" cellpadding="0" cellspacing="0" class="font1">
    <logic:messagesPresent>
    <tr>
    <td>
    <span id="errorsHeader"><bean:message key="errors.validation.header"/></span>
    <html:messages id="error">
    <li><c:out value="${error}"/></li>
    </html:messages>
    <hr>
    </td>
    </tr>
    </logic:messagesPresent>
    <c:if test="${not empty param.login_error}">
    <tr>
    <td>
    <font color="red">
    <bean:message key="error.login"/>
    </font>
    </td>
    </tr>
    </c:if>
    <c:if test="${empty param.login_error}">
    <tr>
    <td>
    <bean:message key="login.caption"/>
    </td>
    </tr>
    </c:if>
    <tr>
    <td height="1" width="140" align="justify" valign="top" class="font1">
    <form action="<html:rewrite page='/loginAction.do'/>" method="POST">
    <table>
    <tr>
    <td class="font1"><bean:message key="login.caption.login"/></td>
    <td><input type='text' name='j_username' size="15" maxlength="15"/></td>
    </tr>
    <tr>
    <td class="font1"><bean:message key="login.caption.password"/></td>
    <td><input type='password' name='j_password' size="15" maxlength="15"/></td>
    </tr>
    </table>
    <input name="Entrar" type="submit">
    <input name="Limpar" type="reset">
    </form>
    </td>
    </tr>
    </table>
    </center>
    </body>
    </html:html>
    /WEB-INF/applog.log
    DEBUG Thread-11 net.sf.acegisecurity.ui.AbstractProcessingFilter - Request is to process authentication
    DEBUG Thread-11 net.sf.acegisecurity.providers.ProviderManager - Authentication attempt using net.sf.acegisecurity.providers.dao.DaoAuthenticati onProvider
    DEBUG Thread-11 net.sf.ehcache.store.MemoryStore - ehCacheBasedUserCacheCache: MemoryStore miss for valentim
    DEBUG Thread-11 net.sf.ehcache.Cache - ehCacheBasedUserCache cache - Miss
    DEBUG Thread-11 net.sf.acegisecurity.providers.dao.cache.EhCacheBa sedUserCache - Cache hit: false; username: valentim
    INFO Thread-11 ....classes.dao.hibernate.AuthenticationHibernateD ao - User authentication for valentim
    INFO Thread-11 ....classes.dao.hibernate.HibernateDAO - Finding ValueObject [....classes.vo.MyUserVO@1b06a21[login=valentim]]
    DEBUG Thread-11 org.springframework.orm.hibernate.SessionFactoryUt ils - Opening Hibernate session
    DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - opened session
    DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - loading [....classes.vo.MyUserVO#valentim]
    DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - attempting to resolve [....classes.vo.MyUserVO#valentim]
    DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - object not resolved in any cache [....classes.vo.MyUserVO#valentim]
    DEBUG Thread-11 net.sf.hibernate.persister.EntityPersister - Materializing entity: [....classes.vo.MyUserVO#valentim]
    DEBUG Thread-11 net.sf.hibernate.impl.BatcherImpl - about to open: 0 open PreparedStatements, 0 open ResultSets
    DEBUG Thread-11 net.sf.hibernate.SQL - select MyUserVO0_.LOGIN as LOGIN0_, MyUserVO0_.PASSWORD as PASSWORD0_ from USERS MyUserVO0_ where MyUserVO0_.LOGIN=?
    DEBUG Thread-11 net.sf.hibernate.impl.BatcherImpl - preparing statement
    DEBUG Thread-11 net.sf.hibernate.type.StringType - binding 'valentim' to parameter: 1
    DEBUG Thread-11 net.sf.hibernate.loader.Loader - processing result set
    DEBUG Thread-11 net.sf.hibernate.loader.Loader - result row: valentim
    DEBUG Thread-11 net.sf.hibernate.loader.Loader - Initializing object from ResultSet: valentim
    DEBUG Thread-11 net.sf.hibernate.loader.Loader - Hydrating entity: ....classes.vo.MyUserVO#valentim
    DEBUG Thread-11 net.sf.hibernate.type.StringType - returning 'e2d5o0v3 ' as column: PASSWORD0_
    DEBUG Thread-11 net.sf.hibernate.loader.Loader - done processing result set (1 rows)
    DEBUG Thread-11 net.sf.hibernate.impl.BatcherImpl - done closing: 0 open PreparedStatements, 0 open ResultSets
    DEBUG Thread-11 net.sf.hibernate.impl.BatcherImpl - closing statement
    DEBUG Thread-11 net.sf.hibernate.loader.Loader - total objects hydrated: 1
    DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - resolving associations for [....classes.vo.MyUserVO#valentim]
    DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - done materializing entity [....classes.vo.MyUserVO#valentim]
    DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - initializing non-lazy collections
    DEBUG Thread-11 org.springframework.orm.hibernate.HibernateTemplat e - Eagerly flushing Hibernate session
    DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - flushing session
    DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - Flushing entities and processing referenced collections
    DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - Processing unreferenced collections
    DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - Scheduling collection removes/(re)creates/updates
    DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - Flushed: 0 insertions, 0 updates, 0 deletions to 1 objects
    DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - Flushed: 0 (re)creations, 0 updates, 0 removals to 0 collections
    DEBUG Thread-11 net.sf.hibernate.impl.Printer - listing entities:
    DEBUG Thread-11 net.sf.hibernate.impl.Printer - ....classes.vo.MyUserVO{password=******** , login=valentim}
    DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - executing flush
    DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - post flush
    DEBUG Thread-11 org.springframework.orm.hibernate.SessionFactoryUt ils - Closing Hibernate session
    DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - closing session
    DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - disconnecting session
    DEBUG Thread-11 net.sf.hibernate.impl.SessionImpl - transaction completion
    DEBUG Thread-11 org.springframework.web.context.support.XmlWebAppl icationContext - Publishing event in context [Root XmlWebApplicationContext]: net.sf.acegisecurity.providers.dao.event.Authentic ationFailurePasswordEvent[source=net.sf.acegisecurity.providers.UsernamePass wordAuthenticationToken@187f9f1: Username: valentim; Password: [PROTECTED]; Authenticated: false; Details: 127.0.0.1; Not granted any authorities]
    DEBUG Thread-11 net.sf.acegisecurity.ui.AbstractProcessingFilter - Authentication request failed: net.sf.acegisecurity.BadCredentialsException: Bad credentials presented
    DEBUG Thread-10 net.sf.acegisecurity.ui.AbstractIntegrationFilter - Authentication not added to ContextHolder (could not extract an authentication object from the container which is an instance of Authentication)
    DEBUG Thread-10 net.sf.acegisecurity.intercept.web.PathBasedFilter InvocationDefinitionMap - Converted URL to lowercase, from: 'org.apache.coyote.tomcat4.CoyoteRequestFacade@f05 2d5'; to: '/login.jsp?login_error=1'
    DEBUG Thread-10 net.sf.acegisecurity.intercept.web.PathBasedFilter InvocationDefinitionMap - Candidate is: '/login.jsp?login_error=1'; pattern is /secure/**; matched=false
    DEBUG Thread-10 net.sf.acegisecurity.intercept.AbstractSecurityInt erceptor - Public object - authentication not attempted
    DEBUG Thread-10 org.apache.struts.util.PropertyMessageResources - getMessage(pt_BR,error.login)
    DEBUG Thread-10 org.apache.struts.util.PropertyMessageResources - loadLocale(pt_BR)
    DEBUG Thread-10 org.apache.struts.util.PropertyMessageResources - loadLocale(pt)
    DEBUG Thread-10 org.apache.struts.util.PropertyMessageResources - loadLocale()
    DEBUG Thread-10 net.sf.acegisecurity.intercept.web.SecurityEnforce mentFilter - Chain processed normally
    I hope that this detailed description of the development environment also helps other users to implement yours sites using Acegi

  • #2
    Your configuration looks fine.

    It looks simply like the password being returned from your Hibernate DAO is incorrect. I notice your source contains "getpassword()". Is this correct, as it wouldn't be a normal JavaBean property if so? Perhaps try creating the User and then logging its password before returning from the Hibernate DAO, so you can see what DaoAuthenticationProvider thinks is your password.

    Comment


    • #3
      Not granted any authorities (Solved)

      Hello Ben,

      I found the error and the guilt is my, sorry. :lol:
      I changed the code below, from ...
      ...
      if (myUser != null) {
      GrantedAuthority[] grantedAuthorities = {new GrantedAuthorityImpl("ROLE_USER")};
      return new User(myUser.getlogin(),
      myUser.getpassword(),
      true,
      grantedAuthorities);
      }
      ...
      to ...
      ...
      if (myUser != null) {
      GrantedAuthority[] grantedAuthorities = {new GrantedAuthorityImpl("ROLE_USER")};
      return new User(myUser.getlogin(),
      myUser.getpassword().trim(),
      true,
      grantedAuthorities);
      }
      ...
      and all works fine. :wink:

      Best regards,

      Comment

      Working...
      X