Announcement Announcement Module
Collapse
No announcement yet.
UpgradeAcegi Security System from 0.6.1 to 0.8.3 Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • UpgradeAcegi Security System from 0.6.1 to 0.8.3

    Hi all i'm trying to upgrade ASS from 0.6.1 to 0.8.3 in a web application based on Appfuse (Equinox) project. The problem is that in the old project there was in applicationContext-security.xml a filter call AutoIntegrationFilter. Now, using the notes to upgrade ASS i saw that it doesn't work in the new version because we can use HttpContextIntegrationfilter. In my new project i'd like to use channelsecurity to use SSL for login and some other zones.
    I try to set one filter in my web.xml that point to filterChainProxyBean and make the chain like this one
    [code]
    <bean id="filterChainProxy" class="net.sf.acegisecurity.util.FilterChainProxy" >
    <property name="filterInvocationDefinitionSource">
    <value>
    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    PATTERN_TYPE_APACHE_ANT
    /**=channelProcessingFilter,httpSessionContextInteg rationFilter,authenticationProcessingFilter,securi tyEnforcementFilter
    </value>
    </property>
    </bean>
    &#91;code&#93;
    I use tomcat 5.0.28 for deploying, and everithing is ok until login based on form. when i send username and pwd in firefox url bar appear this string:
    http://localhost:8080/infotv-0.1/j_a...sword=mannobug

    The control of the program return on index and appear on the top of the browser a message "Page Not Found".
    My complete web.xml is:

    &#91;code&#93;<?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">

    <web-app >
    <display-name>infotv</display-name>
    <context-param>
    <param-name>listenPort_http</param-name>
    <param-value>8080</param-value>
    </context-param>
    <context-param>
    <param-name>listenPort_https</param-name>
    <param-value>8443</param-value>
    </context-param>
    <context-param>
    <param-name>daoType</param-name>
    <param-value>hibernate</param-value>
    </context-param>
    <!-- Define the basename for a resource bundle for I18N -->
    <context-param>
    <param-name>javax.servlet.jsp.jstl.fmt.localizationContex t</param-name>
    <param-value>ApplicationResources</param-value>
    </context-param>
    <!-- Context Configuration locations for Spring XML files -->
    <context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>
    /WEB-INF/applicationContext-database.xml,
    /WEB-INF/applicationContext-hibernate.xml,
    /WEB-INF/applicationContext-service.xml,
    /WEB-INF/applicationContext-security.xml
    </param-value>
    </context-param>

    <filter>
    <filter-name>encodingFilter</filter-name>
    <filter-class>org.springframework.web.filter.CharacterEnco dingFilter</filter-class>
    <init-param>
    <param-name>encoding</param-name>
    <param-value>UTF-8</param-value>
    </init-param>
    <init-param>
    <param-name>forceEncoding</param-name>
    <param-value>true</param-value>
    </init-param>
    </filter>
    <filter>
    <filter-name>exportFilter</filter-name>
    <filter-class>org.displaytag.filter.ResponseOverrideFilter </filter-class>
    </filter>

    <filter>
    <filter-name>hibernateFilter</filter-name>
    <filter-class>org.springframework.orm.hibernate.support.Op enSessionInViewFilter</filter-class>
    </filter>
    <filter>
    <filter-name>Acegi Filter Chain Proxy</filter-name>
    <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
    <init-param>
    <param-name>targetClass</param-name>
    <param-value>net.sf.acegisecurity.util.FilterChainProxy</param-value>
    </init-param>
    </filter>

    <!--
    <filter>
    <filter-name>Acegi Security System for Spring</filter-name>
    <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
    <init-param>
    <param-name>targetClass</param-name>
    <param-value>net.sf.acegisecurity.context.HttpSessionCont extIntegrationFilter</param-value>
    </init-param>
    </filter>

    <filter>
    <filter-name>Acegi Authentication Processing Filter</filter-name>
    <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
    <init-param>
    <param-name>targetClass</param-name>
    <param-value>org.infotv.security.InfoTvAuthenticationProc essingFilter</param-value>
    </init-param>
    </filter>

    <filter>
    <filter-name>Acegi HTTP Request Security Filter</filter-name>
    <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
    <init-param>
    <param-name>targetClass</param-name>
    <param-value>net.sf.acegisecurity.intercept.web.SecurityE nforcementFilter</param-value>
    </init-param>
    </filter>
    -->
    <filter>
    <filter-name>clickstreamFilter</filter-name>
    <filter-class>com.opensymphony.clickstream.ClickstreamFilt er</filter-class>
    </filter>

    <filter>
    <filter-name>cacheFilter</filter-name>
    <filter-class>com.opensymphony.oscache.web.filter.CacheFil ter</filter-class>
    </filter>

    <filter-mapping>
    <filter-name>hibernateFilter</filter-name>
    <url-pattern>*.do</url-pattern>
    </filter-mapping>

    <filter-mapping>
    <filter-name>cacheFilter</filter-name>
    <url-pattern>*.jsp</url-pattern>
    </filter-mapping>
    <filter-mapping>
    <filter-name>Acegi Filter Chain Proxy</filter-name>
    <url-pattern>/*</url-pattern>
    </filter-mapping>
    <!--
    <filter-mapping>
    <filter-name>Acegi Security System for Spring</filter-name>
    <url-pattern>/*</url-pattern>
    </filter-mapping>

    <filter-mapping>
    <filter-name>Acegi Authentication Processing Filter</filter-name>
    <url-pattern>/*</url-pattern>
    </filter-mapping>
    <filter-mapping>
    <filter-name>Acegi HTTP Request Security Filter</filter-name>
    <url-pattern>/*</url-pattern>
    </filter-mapping>
    -->
    <filter-mapping>
    <filter-name>clickstreamFilter</filter-name>
    <url-pattern>*.do</url-pattern>
    </filter-mapping>

    <filter-mapping>
    <filter-name>encodingFilter</filter-name>
    <url-pattern>*.do</url-pattern>
    </filter-mapping>
    <filter-mapping>
    <filter-name>encodingFilter</filter-name>
    <url-pattern>*.jsp</url-pattern>
    </filter-mapping>

    <filter-mapping>
    <filter-name>exportFilter</filter-name>
    <url-pattern>*.do</url-pattern>
    </filter-mapping>

    <listener>
    <listener-class>org.springframework.web.context.ContextLoade rListener</listener-class>
    </listener>

    <listener>
    <listener-class>com.opensymphony.clickstream.ClickstreamList ener</listener-class>
    </listener>
    <!--
    <listener>
    <listener-class>net.sf.navigator.menu.MenuContextListener</listener-class>
    </listener>
    -->

    <listener>
    <listener-class>net.sf.acegisecurity.ui.session.HttpSessionE ventPublisher</listener-class>
    </listener>

    <servlet>
    <servlet-name>action</servlet-name>
    <servlet-class>org.apache.struts.action.ActionServlet</servlet-class>
    <init-param>
    <param-name>config</param-name>
    <param-value>/WEB-INF/struts-config.xml</param-value>
    </init-param>
    <init-param>
    <param-name>debug</param-name>
    <param-value>2</param-value>
    </init-param>
    <init-param>
    <param-name>application</param-name>
    <param-value>application</param-value>
    </init-param>

    <load-on-startup>2</load-on-startup>
    </servlet>

    <servlet-mapping>
    <servlet-name>action</servlet-name>
    <url-pattern>*.do</url-pattern>
    </servlet-mapping>

    <session-config>
    <session-timeout>10</session-timeout>
    </session-config>

    <!--
    To specify mime mappings, create a file named mime-mappings.xml, put it in your project's mergedir.
    Organize mime-mappings.xml following this DTD slice:

    <!ELEMENT mime-mapping (extension, mime-type)>
    -->

    <welcome-file-list>
    <welcome-file>index.jsp</welcome-file>
    </welcome-file-list>

    <error-page>
    <error-code>500</error-code>
    <location>/error.jsp</location>
    </error-page>
    <error-page>
    <error-code>400</error-code>
    <location>/index.jsp</location>
    </error-page>
    <error-page>
    <error-code>403</error-code>
    <location>/403.jsp</location>
    </error-page>
    <error-page>
    <error-code>404</error-code>
    <location>/404.jsp</location>
    </error-page>

    <taglib>
    <taglib-uri>/WEB-INF/struts-bean.tld</taglib-uri>
    <taglib-location>/WEB-INF/struts-bean.tld</taglib-location>
    </taglib>
    <taglib>
    <taglib-uri>/WEB-INF/struts-html.tld</taglib-uri>
    <taglib-location>/WEB-INF/struts-html.tld</taglib-location>
    </taglib>
    <taglib>
    <taglib-uri>/WEB-INF/struts-logic.tld</taglib-uri>
    <taglib-location>/WEB-INF/struts-logic.tld</taglib-location>
    </taglib>
    <taglib>
    <taglib-uri>/WEB-INF/struts-nested.tld</taglib-uri>
    <taglib-location>/WEB-INF/struts-nested.tld</taglib-location>
    </taglib>
    <taglib>
    <taglib-uri>/WEB-INF/struts-tiles.tld</taglib-uri>
    <taglib-location>/WEB-INF/struts-tiles.tld</taglib-location>
    </taglib>
    <taglib>
    <taglib-uri>/WEB-INF/struts-menu.tld</taglib-uri>
    <taglib-location>/WEB-INF/struts-menu.tld</taglib-location>
    </taglib>

    <taglib>
    <taglib-uri>/WEB-INF/c.tld</taglib-uri>
    <taglib-location>/WEB-INF/c.tld</taglib-location>
    </taglib>

    <taglib>
    <taglib-uri>/WEB-INF/fmt.tld</taglib-uri>
    <taglib-location>/WEB-INF/fmt.tld</taglib-location>
    </taglib>
    <taglib>
    <taglib-uri>/WEB-INF/x.tld</taglib-uri>
    <taglib-location>/WEB-INF/x.tld</taglib-location>
    </taglib>

    <taglib>
    <taglib-uri>/WEB-INF/displaytag-12.tld</taglib-uri>
    <taglib-location>/WEB-INF/displaytag-12.tld</taglib-location>
    </taglib>

    <taglib>
    <taglib-uri>/WEB-INF/display.tld</taglib-uri>
    <taglib-location>/WEB-INF/display.tld</taglib-location>
    </taglib>

    <taglib>
    <taglib-uri>/WEB-INF/struts-layout.tld</taglib-uri>
    <taglib-location>/WEB-INF/struts-layout.tld</taglib-location>
    </taglib>

    <taglib>
    <taglib-uri>/WEB-INF/authz.tld</taglib-uri>
    <taglib-location>/WEB-INF/authz.tld</taglib-location>
    </taglib>

    <taglib>
    <taglib-uri>/WEB-INF/infotv.tld</taglib-uri>
    <taglib-location>/WEB-INF/infotv.tld</taglib-location>
    </taglib>

    <taglib>
    <taglib-uri>/WEB-INF/oscache.tld</taglib-uri>
    <taglib-location>/WEB-INF/oscache.tld</taglib-location>
    </taglib>

    <resource-ref>
    <description>DB Connection</description>
    <res-ref-name>jdbc/infotv</res-ref-name>
    <res-type>javax.sql.DataSource</res-type>
    <res-auth>Container</res-auth>
    </resource-ref>

    <!-- Restrict all users from accessing *.html -->
    <!--security-constraint>
    <web-resource-collection>
    <web-resource-name>My Application</web-resource-name>
    <description>Require users to authenticate</description>
    <url-pattern>*.html</url-pattern>
    <http-method>POST</http-method>
    <http-method>GET</http-method>
    </web-resource-collection>
    <auth-constraint>
    <description>Define who can access this url-pattern</description>
    <role-name>admin</role-name>
    <role-name>tomcat</role-name>
    </auth-constraint>
    <user-data-constraint>
    <description>
    Encryption is not required for the application in general.
    </description>
    <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
    </security-constraint-->
    <!-- Login Configuration >

    <login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
    <form-login-page>/login.jsp</form-login-page>
    <form-error-page>/loginError.jsp</form-error-page>
    </form-login-config>
    </login-config>

    -->
    <!-- The admin role >
    <security-role>
    <description>Administrator role (can edit Users)</description>
    <role-name>admin</role-name>
    </security-role>
    -->
    <!-- The tomcat role >
    <security-role>
    <description>Default Role for All Users</description>
    <role-name>tomcat</role-name>
    </security-role-->

    </web-app>
    &#91;/code&#93;

    This is a Catalina log:
    &#91;code&#93;

    infotv] DEBUG [http-8080-Processor25] PropertyMessageResources.loadLocale(226) | loadLocale(it_IT)
    [infotv] DEBUG [http-8080-Processor25] PropertyMessageResources.loadLocale(226) | loadLocale()
    [infotv] DEBUG [http-8080-Processor25] InsertTag$InsertHandler.doEndTag(861) | insert page='/WEB-INF/pages/infotvNews.jsp'.
    [infotv] DEBUG [http-8080-Processor25] PropertyMessageResources.<init>(84) | Initializing, config='org.apache.struts.taglib.logic.LocalString s', returnNull=true
    [infotv] DEBUG [http-8080-Processor25] PropertyMessageResources.getMessage(134) | getMessage(it,news.title)
    [infotv] DEBUG [http-8080-Processor25] PropertyMessageResources.loadLocale(226) | loadLocale(it)
    [infotv] DEBUG [http-8080-Processor25] PropertyMessageResources.loadLocale(226) | loadLocale(it_IT)
    [infotv] DEBUG [http-8080-Processor25] PropertyMessageResources.loadLocale(226) | loadLocale()
    [infotv] DEBUG [http-8080-Processor25] InsertTag$InsertHandler.doEndTag(861) | insert page='/common/infotvLogin.jsp'.
    [infotv] DEBUG [http-8080-Processor25] PropertyMessageResources.<init>(84) | Initializing, config='org.apache.struts.taglib.html.LocalStrings ', returnNull=true
    [infotv] DEBUG [http-8080-Processor25] RequestUtils.lookupActionForm(202) | Looking for ActionForm bean instance in scope 'request' under attribute key 'loginForm'
    [infotv] DEBUG [http-8080-Processor25] RequestUtils.createActionForm(296) | Creating new ActionForm instance of type 'org.infotv.web.form.LoginForm'
    [infotv] DEBUG [http-8080-Processor25] RequestUtils.createActionForm(302) | --> org.infotv.web.form.LoginForm@1e61582[
    username=<null>
    password=<null>
    validatorResults=<null>
    page=0
    ]
    [infotv] DEBUG [http-8080-Processor25] PropertyMessageResources.<init>(84) | Initializing, config='org.apache.struts.taglib.html.LocalStrings ', returnNull=true
    [infotv] DEBUG [http-8080-Processor25] PropertyMessageResources.<init>(84) | Initializing, config='org.apache.struts.taglib.html.LocalStrings ', returnNull=true
    [infotv] DEBUG [http-8080-Processor25] PropertyMessageResources.<init>(84) | Initializing, config='org.apache.struts.taglib.html.LocalStrings ', returnNull=true
    [infotv] DEBUG [http-8080-Processor25] PropertyMessageResources.<init>(84) | Initializing, config='org.apache.struts.taglib.html.LocalStrings ', returnNull=true
    [infotv] DEBUG [http-8080-Processor25] InsertTag$InsertHandler.doEndTag(861) | insert page='/common/infotvReservedMenu.jsp'.
    [infotv] DEBUG [http-8080-Processor25] InsertTag$InsertHandler.doEndTag(861) | insert page='/common/infotvOther.jsp'.
    [infotv] DEBUG [http-8080-Processor25] InsertTag$InsertHandler.doEndTag(861) | insert page='/common/infotvFooter.jsp'.
    [infotv] DEBUG [http-8080-Processor25] TilesRequestProcessor.processForwardConfig(305) | '.main' - processed as definition
    [infotv] DEBUG [http-8080-Processor23] ModuleUtils.getModuleName(169) | Get module name for path /login.do
    [infotv] DEBUG [http-8080-Processor23] ModuleUtils.getModuleName(193) | Module name found: default
    [infotv] DEBUG [http-8080-Processor23] RequestUtils.lookupActionForm(202) | Looking for ActionForm bean instance in scope 'request' under attribute key 'loginForm'
    [infotv] DEBUG [http-8080-Processor23] RequestUtils.createActionForm(296) | Creating new ActionForm instance of type 'org.infotv.web.form.LoginForm'
    [infotv] DEBUG [http-8080-Processor23] RequestUtils.createActionForm(302) | --> org.infotv.web.form.LoginForm@b52598[
    username=<null>
    password=<null>
    validatorResults=<null>
    page=0
    ]
    [infotv] DEBUG [http-8080-Processor23] RequestProcessor.processActionForm(329) | Storing ActionForm bean instance in scope 'request' under attribute key 'loginForm'
    [infotv] DEBUG [http-8080-Processor23] RequestProcessor.processPopulate(787) | Populating bean properties from this request
    [infotv] DEBUG [http-8080-Processor23] RequestProcessor.processValidate(919) | Validating input form properties
    [infotv] DEBUG [http-8080-Processor23] RequestProcessor.processValidate(924) | No errors detected, accepting input
    [infotv] DEBUG [http-8080-Processor23] RequestProcessor.processActionCreate(257) | Looking for Action instance for class org.infotv.web.action.LoginAction
    [infotv] DEBUG [http-8080-Processor23] RequestProcessor.processActionCreate(278) | Creating new Action instance
    [infotv] DEBUG [http-8080-Processor23] InfoTvBaseAction.<clinit>(74) | Converters registered...
    [infotv] DEBUG [http-8080-Processor23] LoginAction.execute(36) | logging in
    [infotv] DEBUG [http-8080-Processor23] TilesRequestProcessor.processForwardConfig(291) | processForwardConfig(/j_acegi_security_check?j_username=mannobug&j_passw ord=mannobug, false)
    [infotv] DEBUG [http-8080-Processor23] TilesRequestProcessor.processForwardConfig(312) | '/j_acegi_security_check?j_username=mannobug&j_passw ord=mannobug' - processed as uri
    [infotv] DEBUG [http-8080-Processor23] RequestProcessor.processForwardConfig(366) | processForwardConfig(ForwardConfig[name=null,path=/j_acegi_security_check?j_username=mannobug&j_passw ord=mannobug,redirect=true,contextRelative=false,m odule=null])
    [infotv] DEBUG [http-8080-Processor23] ModuleUtils.getModuleName(169) | Get module name for path /404.jsp
    [infotv] DEBUG [http-8080-Processor23] ModuleUtils.getModuleName(193) | Module name found: default
    [infotv] DEBUG [http-8080-Processor23] InsertTag$InsertHandler.doEndTag(861) | insert page='/layouts/infotvLayout.jsp'.
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.getMessage(134) | getMessage(it,404.title)
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(226) | loadLocale(it)
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(226) | loadLocale(it_IT)
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(226) | loadLocale()
    [infotv] DEBUG [http-8080-Processor23] InsertTag$InsertHandler.doEndTag(861) | insert page='/common/infotvHeader.jsp'.
    [infotv] DEBUG [http-8080-Processor23] InsertTag$InsertHandler.doEndTag(861) | insert page='/common/infotvMenu.jsp'.
    [infotv] DEBUG [http-8080-Processor23] InsertTag$InsertHandler.doEndTag(861) | insert page='/WEB-INF/pages/404.jsp'.
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.getMessage(134) | getMessage(it_IT,computeURL.forward)
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(226) | loadLocale(it_IT)
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(248) | Loading resource 'org/apache/struts/taglib/LocalStrings_it_IT.properties'
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(273) | Loading resource completed
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(226) | loadLocale(it)
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(248) | Loading resource 'org/apache/struts/taglib/LocalStrings_it.properties'
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(273) | Loading resource completed
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(226) | loadLocale()
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(248) | Loading resource 'org/apache/struts/taglib/LocalStrings.properties'
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(273) | Loading resource completed
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.message.bundle
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.lookup.target
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.computeURL.specifier
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.lookup.scope
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.parameters.multi
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.actionErrors.errors
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.lookup.method
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.computeURL.forward
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.lookup.bean.any
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.actionMessages.errors
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.lookup.bean
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.lookup.access
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.lookup.argument
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.message.message
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.write.io
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.getMessage(134) | getMessage(it_IT,rewrite.url)
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(226) | loadLocale(it_IT)
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(248) | Loading resource 'org/apache/struts/taglib/html/LocalStrings_it_IT.properties'
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(273) | Loading resource completed
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(226) | loadLocale(it)
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(248) | Loading resource 'org/apache/struts/taglib/html/LocalStrings_it.properties'
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(273) | Loading resource completed
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(226) | loadLocale()
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(248) | Loading resource 'org/apache/struts/taglib/html/LocalStrings.properties'
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(273) | Loading resource completed
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.optionsCollectionTag.collection
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.forwardTag.forward
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.imgTag.bundle
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.indexed.noEnclosingIterate
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.includeTag.include
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.linkTag.forwards
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.common.both
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.optionsTag.iterator
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.linkTag.destination
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.getter.name
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.iterateTag.iterator
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.linkTag.url
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.getter.method
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.enumerateTag.enumeration
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.linkTag.type1
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.formTag.create
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.formTag.nameType
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.optionsCollectionTag.iterator
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.linkTag.forward
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.common.io
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.optionsTag.enumeration
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.forwardTag.redirect
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.imgTag.title
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.imgTag.alt
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.getter.access
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.getter.property
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.formTag.collections
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.getter.bean
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.imgTag.src
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.optionsTag.select
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.imgTag.type
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.forwardTag.lookup
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.getter.result
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.formTag.mapping
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.rewrite.url
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.linkTag.type
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.formTag.formBean
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.includeTag.lookup
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.messageTag.resources
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.optionsCollectionTag.select
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.multiboxTag.value
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(286) | Saving message key '.optionTag.select
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.getMessage(134) | getMessage(it,errorPage.heading)
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(226) | loadLocale(it)
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(226) | loadLocale(it_IT)
    [infotv] DEBUG [http-8080-Processor23] PropertyMessageResources.loadLocale(226) | loadLocale()
    [infotv] DEBUG [http-8080-Processor23] InsertTag$InsertHandler.doEndTag(861) | insert page='/common/userCounter.jsp'.
    [infotv] DEBUG [http-8080-Processor23] InsertTag$InsertHandler.doEndTag(861) | insert page='/common/infotvRightMenu.jsp'.
    [infotv] DEBUG [http-8080-Processor23] InsertTag$InsertHandler.doEndTag(861) | insert page='/WEB-INF/pages/infotvNews.jsp'.
    [infotv] DEBUG [http-8080-Processor23] InsertTag$InsertHandler.doEndTag(861) | insert page='/common/infotvLogin.jsp'.
    [infotv] DEBUG [http-8080-Processor23] RequestUtils.lookupActionForm(202) | Looking for ActionForm bean instance in scope 'request' under attribute key 'loginForm'
    [infotv] DEBUG [http-8080-Processor23] RequestUtils.createActionForm(296) | Creating new ActionForm instance of type 'org.infotv.web.form.LoginForm'
    [infotv] DEBUG [http-8080-Processor23] RequestUtils.createActionForm(302) | --> org.infotv.web.form.LoginForm@12e712f[

    username=<null>
    password=<null>
    validatorResults=<null>
    page=0
    ]
    [infotv] DEBUG [http-8080-Processor23] InsertTag$InsertHandler.doEndTag(861) | insert page='/common/infotvReservedMenu.jsp'.
    [infotv] DEBUG [http-8080-Processor23] InsertTag$InsertHandler.doEndTag(861) | insert page='/common/infotvOther.jsp'.
    [infotv] DEBUG [http-8080-Processor23] InsertTag$InsertHandler.doEndTag(861) | insert page='/common/infotvFooter.jsp'.
    &#91;/code&#93;

    Thanks for your help.
    Kind regards mannobug&#91;/code&#93;[/list]

  • #2
    Please post your /WEB-INF/applicationContext-security.xml.

    Also, please use the [code] BBCode tag when posting code as it makes it easier to read.

    Does it work if you disable the channel security interceptor?

    Comment


    • #3
      Hi Ben, sorry for my post it was a caos!! :oops:
      Well, I try to disable security interceptor and it doesn't work anymore.
      I'll send applicationContext-security.xml, thanks for help.
      Code:
      <?xml version="1.0" encoding="UTF-8"?>
      <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
          "http&#58;//www.springframework.org/dtd/spring-beans.dtd">
      
      <beans>
      
      	   <!-- ======================== FILTER CHAIN ======================= -->
      
      	<!--  if you wish to use channel security, add "channelProcessingFilter," in front
      	      of "httpSessionContextIntegrationFilter" in the list below -->
      	<bean id="filterChainProxy" class="net.sf.acegisecurity.util.FilterChainProxy">
            <property name="filterInvocationDefinitionSource">
               <value>
      		    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
      		    PATTERN_TYPE_APACHE_ANT
      		    /**/*=channelProcessingFilter,httpSessionContextIntegrationFilter,securityEnforcementFilter
                 
               </value>
            </property>
          </bean>
      
      	<!-- =================== SECURITY BEANS  ================== -->
      	<bean id="authenticationDao" class="org.infotv.security.InfoTvAuthenticationDao">
      		<property name="userDao"><ref bean="userDAO"/></property>
      	</bean>
      
      	<!-- Note the order that entries are placed against the objectDefinitionSource is critical.
      	     The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL.
      	     Accordingly, you should place MOST SPECIFIC &#40;ie a/b/c/d.*&#41; expressions first, with LEAST SPECIFIC &#40;ie a/.*&#41; expressions last -->
      	<bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor">
      		<property name="authenticationManager"><ref local="authenticationManager"/></property>
      		<property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>
      		<property name="objectDefinitionSource">
      			<value>
      			    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
      				\A/*.do*\Z=studente,office, teacher, admin
      			</value>
      		</property>
      	</bean>
      
      	<!-- Automatically receives AuthenticationEvent messages from DaoAuthenticationProvider -->
      	<bean id="loggerListener" class="net.sf.acegisecurity.providers.dao.event.LoggerListener"/>
      	
      	<!--	
      		<bean id="userCache" class="net.sf.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
      		<property name="minutesToIdle"><value>5</value></property>
      	</bean>
      	-->
      	
      	<!-- Provo a d inserire la cache a modo mio -->
      	   <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
      	   			<property name="configLocation">
      	   			<value>file&#58;/home/manuel/Desktop/ehcache.xml</value>
      	   			</property>
      	   </bean>
          
         	<bean id="userCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
            		<property name="cacheManager">
               		<ref local="cacheManager"/>
            		</property>
            		<property name="cacheName">
               		<value>userCache</value>
            		</property>
         	</bean>
         
         	<bean id="userCache" class="net.sf.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
            		<property name="cache"><ref local="userCacheBackend"/></property>
         	</bean>
      	
      	
      	
      	<bean id="daoAuthenticationProvider" class="org.infotv.security.InfoTvAuthenticationProvider">
      		<property name="authenticationDao"><ref local="authenticationDao"/></property>
      		<property name="userCache"><ref local="userCache"/></property>
      		<property name="passwordEncoder"><ref local="passwordEncoder"/></property>
      		<property name="saltSource"><ref bean="saltSource"/></property>
      	</bean>
      
      	<bean id="saltSource" class="net.sf.acegisecurity.providers.dao.salt.ReflectionSaltSource">
      		<property name="userPropertyToUse"><value>getSalt</value></property>
      	</bean>
      
      	<bean id="passwordEncoder" class="org.infotv.security.InfoTvPasswordEncoder"/>
      
      
      
      	<bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
      		<property name="providers">
      		  <list>
      		    <ref local="daoAuthenticationProvider"/>
      		  </list>
      		</property>
      		<property name="sessionController"><ref bean="concurrentSessionController"/></property>
      	</bean>
      	<!--  Lasciare a capo il session concurrent controller oppure si rischia che non intercetti gli eventi -->
      	<bean id="concurrentSessionController" 
      	class="net.sf.acegisecurity.providers.ConcurrentSessionControllerImpl">
        <property name="maxSessions"><value>1</value></property>
      </bean>
      
      	<bean id="roleVoter" class="org.infotv.security.InfoTvVoter"/>
      
      	<bean id="accessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased">
         		<property name="allowIfAllAbstainDecisions"><value>false</value></property>
      		<property name="decisionVoters">
      		  <list>
      		    <ref local="roleVoter"/>
      		  </list>
      		</property>
      	</bean>
      
      	<bean id="authenticationProcessingFilter" class="org.infotv.security.InfoTvAuthenticationProcessingFilter">
      		<property name="authenticationManager"><ref local="authenticationManager"/></property>
      		<property name="authenticationFailureUrl"><value>/loginerror.jsp</value></property>
      		<property name="defaultTargetUrl"><value>/index.jsp</value></property>
      		<property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property>
      	</bean>
      	
      	<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
      
         <!-- You will need to uncomment the "Acegi Channel Processing Filter"
              <filter-mapping> in web.xml for the following beans to be used -->
      
         <bean id="channelProcessingFilter" class="net.sf.acegisecurity.securechannel.ChannelProcessingFilter">
            <property name="channelDecisionManager"><ref local="channelDecisionManager"/></property>
            <property name="filterInvocationDefinitionSource">
               <value>
      			    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
      				\A/secure/.*\Z=REQUIRES_INSECURE_CHANNEL
      				\A/loginForm.jsp.*\Z=REQUIRES_INSECURE_CHANNEL
      				\A/authRequired.jsp.*\Z=REQUIRES_INSECURE_CHANNEL
      				\A/j_acegi_security_check.*\Z=REQUIRES_INSECURE_CHANNEL
      				\A.*\Z=REQUIRES_INSECURE_CHANNEL
               </value>
            </property>
         </bean>
      
         <bean id="channelDecisionManager" class="net.sf.acegisecurity.securechannel.ChannelDecisionManagerImpl">
            <property name="channelProcessors">
               <list>
                  <ref local="secureChannelProcessor"/>
                  <ref local="insecureChannelProcessor"/>
               </list>
            </property>
         </bean>
      
         <bean id="secureChannelProcessor" class="net.sf.acegisecurity.securechannel.SecureChannelProcessor"/>
         <bean id="insecureChannelProcessor" class="net.sf.acegisecurity.securechannel.InsecureChannelProcessor"/>
      	
      	<!--  ================================================================================================== -->
      	<bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter">
      		<property name="filterSecurityInterceptor"><ref local="filterInvocationInterceptor"/></property>
      		<property name="authenticationEntryPoint"><ref local="authenticationProcessingFilterEntryPoint"/></property>
      	</bean>
      
      	<bean id="authenticationProcessingFilterEntryPoint" class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
      		<property name="loginFormUrl"><value>/LoginForm.jsp</value></property>
      		<property name="forceHttps"><value>false</value></property>
      	</bean>
      	 
      	<bean id="httpSessionContextIntegrationFilter" class="net.sf.acegisecurity.context.HttpSessionContextIntegrationFilter">
      	<property name="context"><value>net.sf.acegisecurity.context.security.SecureContextImpl</value></property>
      	</bean>	
      	
      	 <bean id="userContainerLocator" class="org.infotv.security.UserContainerLocator"/>    
      
      
      </beans>
      Kind Regards mannobug

      Comment


      • #4
        First of all, let's make debugging easier by removing channelProcessingFilter from the list of filters defined in your filterChainProxy bean.

        Your filterChainProxy bean is missing a reference to an AbstractProcessingFitler subclass, such as net.sf.acegisecurity.ui.webapp.AuthenticationProce ssingFilter if you're using form-based authentication. This means that when you post your login form, there is nothing to setup the SecurityContextHolder with an appropriate Authentication object.

        Comment

        Working...
        X