Announcement Announcement Module
Collapse
No announcement yet.
Not able to implement Spring Security Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Not able to implement Spring Security

    Hi,i m not being able to implement spring security.
    web.xml file:
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
        <context-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>/WEB-INF/applicationContext.xml
                         /WEB-INF/applicationContext-security.xml
            </param-value>
        </context-param>
        <listener>
            <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
        </listener>
        <servlet>
            <servlet-name>dispatcher</servlet-name>
            <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
            <load-on-startup>2</load-on-startup>
        </servlet>
        <servlet-mapping>
            <servlet-name>dispatcher</servlet-name>
            <url-pattern>*.htm</url-pattern>
        </servlet-mapping>
        <filter>
            <filter-name>springSecurityFilterChain</filter-name>
            <filter-class>
                org.springframework.web.filter.DelegatingFilterProxy
            </filter-class>
        </filter>
        <filter-mapping>
            <filter-name>springSecurityFilterChain</filter-name>
            <url-pattern>/*</url-pattern>
        </filter-mapping>
         </web-app>
    applicationContext-security.xml :
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <b:beans xmlns="http://www.springframework.org/schema/security"
        xmlns:b="http://www.springframework.org/schema/beans"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
                            http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
        <http auto-config="true">
            <intercept-url pattern="/" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
            <intercept-url pattern="/index.jsp" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
        </http>
       </b:beans>
    Whenever i am trying to run the application i got follwing error.
    Code:
    SEVERE: Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener
    org.springframework.beans.factory.BeanDefinitionStoreException: Unexpected exception parsing XML document from ServletContext resource [/WEB-INF/applicationContext-security.xml]; nested exception is org.springframework.beans.FatalBeanException: Invalid NamespaceHandler class [org.springframework.security.config.SecurityNamespaceHandler] for namespace [http://www.springframework.org/schema/security]: problem with handler class file or dependent class; nested exception is java.lang.NoClassDefFoundError: org/springframework/security/core/userdetails/UserDetails
    I have included following jars for the spring security
    spring-security-acl-2.0.4
    spring-security-cas-client-3.0.0
    spring-security-config-3.0.0
    spring-security-core-2.0.4
    spring-security-core-tiger-2.0.4
    commons-codec-1.4
    Please provide any solution.

  • #2
    Originally posted by dheeraj View Post
    I have included following jars for the spring security
    spring-security-acl-2.0.4
    spring-security-cas-client-3.0.0
    spring-security-config-3.0.0
    spring-security-core-2.0.4
    spring-security-core-tiger-2.0.4
    commons-codec-1.4
    You're mixing Spring Security versions. This is your problem.

    PUK

    Comment


    • #3
      Thanks for ur response.I have now included following jars but the same problem persists.
      spring-security-acl-2.0.4
      spring-security-cas-client-2.0.4
      spring-security-core-2.0.4
      spring-security-core-tiger-2.0.4
      commons-codec-1.4

      Comment


      • #4
        Same issue

        I am also getting the same issue. I have been using GWT at my client side and when I run the application in hosted mode I ge the following exception.
        Code:
        org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Unable to locate Spring NamespaceHandler for XML schema namespace [http://www.springframework.org/schema/security]
        My spring-servlet.xml is as follows:
        Code:
        <?xml version="1.0" encoding="UTF-8"?>
        <beans xmlns="http://www.springframework.org/schema/beans"
        	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        	xmlns:security="http://www.springframework.org/schema/security"
        	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd 
        	http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
        
        	 
        	 <security:http>
        	 	<security:intercept-url pattern="/gwtapplication/springActivitybyJsp.rpc" requires-channel="https"/>
         	 </security:http>
        	 
        	 <!-- Handler for GWT RPC calls  -->
        	 <!-- These calls can be routed to the same controller which handles the HTTP requests -->
            
            <!-- User Defined Bean which extends from MultiActionController -->
            <bean id="SpringActivityController"
        		  class="com.gwt.test.server.SpringActivityController" >
        		  <property name="methodNameResolver" ref="paramResolver"/>
        		  <property name="service" ref="userService"/>
            </bean>
            
                 
            <!-- ParameterMethodNameResolver decides which method is to be called depending on the request parameter "method" -->
            
            <bean id="paramResolver" class="org.springframework.web.servlet.mvc.multiaction.ParameterMethodNameResolver">
            	<property name="paramName" value="method"/>
            </bean>
        		  
        	
        	<bean class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
        	      <property name="mappings">
        	      <props>
        	      		<prop key = "/gwtapplication/loginActivitybyJsp.rpc">
        	      			SpringActivityController
        	      		</prop>
        	      </props>
        	      </property>
           </bean>
        
        </beans>
        My web.xml is as follows:
        Code:
        <?xml version="1.0" encoding="UTF-8"?>
        
        <web-app>
        
        	<context-param>
        		<param-name>contextConfigLocation</param-name>
        		<param-value>/WEB-INF/spring-servlet.xml,/WEB-INF/spring-service.xml,/WEB-INF/spring-dao.xml</param-value>
        		
        	</context-param>
        
        
        	<listener>
        		<listener-class>
        			org.springframework.web.context.ContextLoaderListener 
                 </listener-class>
        	</listener>
          <!-- Default page to serve -->
          <welcome-file-list>
            <welcome-file>/WEB-INF/test1.jsp<!-- GWTApplication.html --></welcome-file>
          </welcome-file-list>
          
          	<filter>
        		<filter-name>springSecurityFilterChain</filter-name>
        		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
        	</filter>
        	<filter-mapping>
        		<filter-name>springSecurityFilterChain</filter-name>
        		<url-pattern>/loginActivity*</url-pattern>
        	</filter-mapping>
          
          
          <!-- Servlets -->
          	<!-- Testing spring rmi with gwt -->
        	<servlet>
                    <servlet-name>GWTSpring</servlet-name>
                    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
                    <load-on-startup>1</load-on-startup>
             </servlet>
             
            <servlet-mapping>
                      <servlet-name>GWTSpring</servlet-name>
                      <url-pattern>*.rpc</url-pattern>
             </servlet-mapping>
             
             
          
          	
             
            
        </web-app>
        Last edited by s_adi_bilaye; Feb 1st, 2010, 07:59 AM.

        Comment


        • #5
          Originally posted by dheeraj View Post
          Thanks for ur response.I have now included following jars but the same problem persists.
          spring-security-acl-2.0.4
          spring-security-cas-client-2.0.4
          spring-security-core-2.0.4
          spring-security-core-tiger-2.0.4
          commons-codec-1.4
          Your original post said that the most nested exception is this:
          Code:
          java.lang.NoClassDefFoundError: org/springframework/security/core/userdetails/UserDetails
          If you say you're still getting this error, then it demonstrates that you're still mixing Spring 3.0.0 and Spring 2.0.4 because in Spring 2.0.4 the UserDetails interface was in this package: org.springframework.security.userdetails.

          Do a full undeploy and clean, etc. Make sure you're not mixing versions.

          PUK

          Comment


          • #6
            Thanks a lot.Now I am able to run my application.You were quite right that i was mixing different versions of Spring Security.

            Comment


            • #7
              I have implemented spring security but encountering some stupid problem.Whenever i tried to login with userid and password ,it gives me error The requested resource (/HRMSSpringApp/) is not available.HRMSSpringApp is my application's name.But when i click on browser's back button and again try to login with the same credentials it works fine.
              My applicationContext-security.xml file is as follows:
              Code:
              <?xml version="1.0" encoding="UTF-8"?>
              <b:beans xmlns="http://www.springframework.org/schema/security"
                  xmlns:b="http://www.springframework.org/schema/beans"
                  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
                                      http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
              <http auto-config="true">
                      <intercept-url pattern ="/login.jsp*" access = "IS_AUTHENTICATED_ANONYMOUSLY" />
                      <intercept-url pattern ="/**" access = "ROLE_USER" />
                      <form-login   login-page="/login.jsp" authentication-failure-url="/login.jsp?login_error=1" default-target-url="/index.htm"/>
                      <logout logout-success-url="/login.jsp"/>
                  </http>
                 <b:bean id="customUserDetailsService" class="service.UserServiceDetailsImpl">
                  <b:property name="dataSource" ref="dataSource" />
                 </b:bean>
               <authentication-provider user-service-ref="customUserDetailsService" >
                </authentication-provider>
              </b:beans>
              My UserServiceDetailsImpl is as follows:
              Code:
              package service;
              
              import java.sql.ResultSet;
              import java.sql.SQLException;
              import javax.sql.DataSource;
              import org.springframework.dao.DataAccessException;
              import org.springframework.jdbc.core.namedparam.MapSqlParameterSource;
              import org.springframework.jdbc.core.simple.ParameterizedRowMapper;
              import org.springframework.jdbc.core.simple.SimpleJdbcTemplate;
              import org.springframework.security.GrantedAuthority;
              import org.springframework.security.GrantedAuthorityImpl;
              import org.springframework.security.userdetails.UserDetails;
              import org.springframework.security.userdetails.User;
              import org.springframework.security.userdetails.UserDetailsService;
              import org.springframework.security.userdetails.UsernameNotFoundException;
              
              
              
              
              /**
               *
               * @author dheeraja
               */
              public class UserServiceDetailsImpl implements UserDetailsService {
                  private DataSource  dataSource;
              
                  public void setDataSource(DataSource dataSource){
                      this.dataSource = dataSource;
                  }
              
                  @Override
                  public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
                     String sql = "select UM1.EMP_ID,UM1.EMP_PASSWORD,UM1.ACCOUNT_STATUS,URM1.ROLE_ID,URM1.IS_DEFAULT_ROLE from USER_MAST1 UM1 INNER JOIN USER_ROLE_MAPPING1 URM1 ON UM1.EMP_ID = URM1.EMP_ID  where UM1.EMP_ID = :username";
                      MapSqlParameterSource source = new MapSqlParameterSource();
                      source.addValue("username", username);
                      SimpleJdbcTemplate sjt = new SimpleJdbcTemplate(dataSource);
                      User user = sjt.queryForObject(sql, new UserMapper(), source);
                      return user;
                  }
              
                  private class UserMapper implements ParameterizedRowMapper<User> {
                       @Override
                       public UserInfoService mapRow(ResultSet rs, int arg1) throws SQLException {
                           return new UserInfoService(rs.getString("EMP_ID"), rs.getString("EMP_PASSWORD"), true, true, true, true, new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_USER")},rs.getString("ROLE_ID"),rs.getString("IS_DEFAULT_ROLE"));
                       }
                   }
              }
              If anybody can please help then it would be gr8.

              Comment

              Working...
              X