Announcement Announcement Module
Collapse
No announcement yet.
Error using 3.1.0.CI-SNAPSHOT Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Error using 3.1.0.CI-SNAPSHOT

    My app works fine using 3.0.3, but there are some features in 3.1 (SEC-1171) that I would like to take advantage of. The first thing I did was to upgrade my libs to 3.1, and when I did I got the following error:

    Code:
    2010-08-16 15:04:40,377 [main] INFO  method.GlobalMethodSecurityBeanDefinitionParser  - Expressions were enabled for method security but no SecurityExpressionHandler was configured. All hasPermision() expressions will evaluate to false.
    2010-08-16 15:04:46,791 [main] ERROR [localhost].[/idea500]  - Exception starting filter springSecurityFilterChain
    org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'springSecurityFilterChain' is defined
    	at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanDefinition(DefaultListableBeanFactory.java:521)
    	at org.springframework.beans.factory.support.AbstractBeanFactory.getMergedLocalBeanDefinition(AbstractBeanFactory.java:1068)
    	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:274)
    	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:194)
    	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:266)
    	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:194)
    	at org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1079)
    	at org.springframework.web.filter.DelegatingFilterProxy.initDelegate(DelegatingFilterProxy.java:217)
    	at org.springframework.web.filter.DelegatingFilterProxy.initFilterBean(DelegatingFilterProxy.java:145)
    	at org.springframework.web.filter.GenericFilterBean.init(GenericFilterBean.java:179)
    	at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:275)
    	at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:397)
    	at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:108)
    	at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3827)
    	at org.apache.catalina.core.StandardContext.start(StandardContext.java:4477)
    	at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
    	at org.apache.catalina.core.StandardHost.start(StandardHost.java:722)
    	at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
    	at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
    	at org.apache.catalina.core.StandardService.start(StandardService.java:515)
    	at org.apache.catalina.core.StandardServer.start(StandardServer.java:708)
    	at org.apache.catalina.startup.Tomcat.start(Tomcat.java:286)
    	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    	at java.lang.reflect.Method.invoke(Method.java:597)
    	at org.codehaus.groovy.runtime.callsite.PojoMetaMethodSite$PojoCachedMethodSiteNoUnwrapNoCoerce.invoke(PojoMetaMethodSite.java:229)
    	at org.codehaus.groovy.runtime.callsite.PojoMetaMethodSite.call(PojoMetaMethodSite.java:52)
    	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:40)
    	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:117)
    	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:121)
    Here are my config details.

    web.xml:

    Code:
        <filter>
            <filter-name>springSecurityFilterChain</filter-name>
            <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
        </filter>
    
        <filter-mapping>
            <filter-name>springSecurityFilterChain</filter-name>
            <url-pattern>/*</url-pattern>
        </filter-mapping>
    resource.xml
    Code:
    <beans xmlns="http://www.springframework.org/schema/beans"
        xmlns:security="http://www.springframework.org/schema/security"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://www.springframework.org/schema/beans
                            http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                            http://www.springframework.org/schema/security
                            http://www.springframework.org/schema/security/spring-security-3.0.xsd">
    
        <security:global-method-security pre-post-annotations="enabled" />
    
        <security:http auto-config="false" use-expressions="true">
            <security:intercept-url pattern="/login*" filters="none"/>
            <security:intercept-url pattern="/logout*" filters="none"/>
            <security:intercept-url pattern="/css/**" filters="none"/>
            <security:intercept-url pattern="/js/**" filters="none"/>
            <security:intercept-url pattern="/images/**" filters="none"/>
            <security:intercept-url pattern="/**" access="isAuthenticated()" />
    
            <security:access-denied-handler error-page="/xxx/accessdenied"/>
    
            <security:form-login login-page="/login"
                                 authentication-failure-url="/login?error=1"
                                 default-target-url="/xxx/xxx/index"/>
    
            <security:logout logout-success-url="/logout"/>
        </security:http>
    
        <security:ldap-server url="ldap://xxx:389"
                              root="DC=xxx,DC=xxx"
                              manager-dn="CN=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx"
                              manager-password="xxx"/>
    
        <security:authentication-manager>
            <security:authentication-provider>
    			<security:jdbc-user-service data-source-ref="dataSource"/>
    		</security:authentication-provider>
    
            <security:ldap-authentication-provider user-search-filter="(sAMAccountName={0})"
                                                   user-search-base="DC=xxx,DC=xxx"
                                                   group-role-attribute="CN"
                                                   group-search-filter="(&amp;(objectClass=group)(member={0}))"
                                                   group-search-base="OU=xxx,OU=xxx,DC=xxx,DC=xxx" />
        </security:authentication-manager>
    
        <bean class="org.springframework.security.authentication.encoding.ShaPasswordEncoder" id="passwordEncoder"/>
    
        <bean id="loggerListener" class="org.springframework.security.authentication.event.LoggerListener"/>
    </beans>
    My guess is that something about my security:http sections is in conflict with some change in 3.1, hence it is not creating a springSecurityFilterChain bean for me.

    In case you had not already guessed I'm using Grails 1.3.3

  • #2
    The "filters='none'" syntax had to be dropped in 3.1 to accomodate the ability to use multiple <http> blocks. The problem is that it applies to the single FilterChainProxy which is created, whereas each <http> block now corresponds to a filter chain within the FilterChainProxy (you will probably be aware of this, since it is specifically the issue you mention), so it doesn't make sense to allow this within an <http> element anymore.

    Omitting a pattern from the filter chain is the same as adding an empty filter list for that pattern to the FilterChainProxy, so the new syntax is

    Code:
    <http pattern="/blah/*" security="none" />
    
    <http>
        <!-- normal configuration -->
    </http>
    Omitting the pattern on the <http> element matches all requests.

    The docs for 3.1 should already contain updates on this, so you'll find more in there and in the samples. You should also be using the 3.1 schema.

    Comment


    • #3
      (you will probably be aware of this, since it is specifically the issue you mention)
      Oh god. I do remember reading that. It was one of the first things that I read when looking over (SEC-1171). I made a mental note of it and then I went through all the svn changes, look through a bunch of source code, and forgot my mental note.

      I just made the change and everything is working.

      Luke, I would also like to say thanks in general for your work on Spring Security. The library has come a long way, has a great feature set, good docs, and a responsive support forum.

      Thanks,
      ~Matt

      Comment


      • #4
        Thanks Matt . It's good to see people like yourself trying out 3.1 already - the more the merrier. Hopefully I'll be able to release milestone 1 this week, which should encourage others to give it a try.

        Comment


        • #5
          Originally posted by Luke Taylor View Post
          Thanks Matt . It's good to see people like yourself trying out 3.1 already - the more the merrier. Hopefully I'll be able to release milestone 1 this week, which should encourage others to give it a try.
          I will definitely give it a try

          Have been trying to keep up with changes in git, but haven't had time to put code together.

          Comment

          Working...
          X