Announcement Announcement Module
Collapse
No announcement yet.
Newbie Help: Configuring Wss4jSecurityInterceptor with Acegi Password CallbackHandler Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Newbie Help: Configuring Wss4jSecurityInterceptor with Acegi Password CallbackHandler

    Hi,

    I have been trying to configure the Wss4jSecurityInterceptor with a Spring Security based AuthenticationManager. These are my server side configurations:

    spring-ws-servlet.xml:
    Code:
    	<bean
    		class="org.springframework.ws.server.endpoint.mapping.PayloadRootQNameEndpointMapping">
    		<property name="mappings">
    			<props>......
    			</props>
    		</property>
    		<property name="interceptors">
    			<list>
    				<bean
    					class="org.springframework.ws.server.endpoint.interceptor.PayloadLoggingInterceptor" />
    				<bean id="ws-sec-intercept"
    					class="org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor">
    					<property name="validationActions" value="UsernameToken" />
    					<property name="validationCallbackHandler" ref="acegiHandler" />
    				</bean>
    			</list>
    		</property>
    	</bean>
    
    	<bean id="acegiHandler"
    		class="org.springframework.ws.soap.security.wss4j.callback.acegi.AcegiPlainTextPasswordValidationCallbackHandler">
    		<property name="authenticationManager" ref="authenticationManager" />
    	</bean>
    spring-ws-security.xml:
    Code:
    	<bean id="ldapAuthProvider" class="org.springframework.security.providers.ldap.LdapAuthenticationProvider">
    		<constructor-arg>
    			<beans:bean
    				class="org.springframework.security.providers.ldap.authenticator.PasswordComparisonAuthenticator">
    				..........
    			</beans:bean>
    		</constructor-arg>
    		<constructor-arg>
    			<bean
    				class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">
    				............
    			</bean>
    		</constructor-arg>
    		<custom-authentication-provider/>
    	</bean>
    
    	<authentication-manager alias="authenticationManager" />
    But when I start the server, I get a strange Exception: java.lang.NoClassDefFoundError: org/acegisecurity/AuthenticationException

    StackTrace:
    Code:
    org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.ws.server.endpoint.mapping.PayloadRootQNameEndpointMapping#0' defined in ServletContext resource [/WEB-INF/spring-ws-servlet.xml]: Cannot create inner bean 'ws-sec-intercept' of type [org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor] while setting bean property 'interceptors' with key [1]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'ws-sec-intercept' defined in ServletContext resource [/WEB-INF/spring-ws-servlet.xml]: Cannot resolve reference to bean 'acegiHandler' while setting bean property 'validationCallbackHandler'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'acegiHandler' defined in ServletContext resource [/WEB-INF/spring-ws-servlet.xml]: Instantiation of bean failed; nested exception is java.lang.NoClassDefFoundError: org/acegisecurity/AuthenticationException
    	at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:230)
    	....
    	at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:126)
    	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1245)
    	....
    	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409)
    	at java.security.AccessController.doPrivileged(Native Method)
    	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380)
    	at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264)
    	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
    	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:261)
    	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
    	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164)
    	at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:429)
    	at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:728)
    	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:380)
    	at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:255)
    	at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:199)
    	at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:45)
    	...
    	at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
    Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'ws-sec-intercept' defined in ServletContext resource [/WEB-INF/spring-ws-servlet.xml]: Cannot resolve reference to bean 'acegiHandler' while setting bean property 'validationCallbackHandler'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'acegiHandler' defined in ServletContext resource [/WEB-INF/spring-ws-servlet.xml]: Instantiation of bean failed; nested exception is java.lang.NoClassDefFoundError: org/acegisecurity/AuthenticationException
    	at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:275)
    	at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:104)
    	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1245)
    	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1010)
    	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:472)
    	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409)
    	at java.security.AccessController.doPrivileged(Native Method)
    	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380)
    	at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:219)
    	... 44 more
    Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'acegiHandler' defined in ServletContext resource [/WEB-INF/spring-ws-servlet.xml]: Instantiation of bean failed; nested exception is java.lang.NoClassDefFoundError: org/acegisecurity/AuthenticationException
    	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateBean(AbstractAutowireCapableBeanFactory.java:883)
    	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:839)
    	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:440)
    	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409)
    	at java.security.AccessController.doPrivileged(Native Method)
    	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380)
    	at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264)
    	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
    	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:261)
    	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
    	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164)
    	at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:269)
    	... 52 more
    Caused by: java.lang.NoClassDefFoundError: org/acegisecurity/AuthenticationException
    	at java.lang.Class.getDeclaredConstructors0(Native Method)
    	at java.lang.Class.privateGetDeclaredConstructors(Class.java:2389)
    	at java.lang.Class.getConstructor0(Class.java:2699)
    	at java.lang.Class.getDeclaredConstructor(Class.java:1985)
    	at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:54)
    	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateBean(AbstractAutowireCapableBeanFactory.java:877)
    	... 63 more
    Caused by: java.lang.ClassNotFoundException: org.acegisecurity.AuthenticationException
    	at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1387)
    	at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1233)
    	at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:320)
    	... 69 more
    I am using these modules:
    Spring Core: 2.5.6
    Spring WS: 1.5.5
    Spring Security: 2.0.4

    am stuck with this & cannot proceed. Please help.

    Regards,
    Raja.
    Last edited by rajasun; Nov 24th, 2008, 07:43 AM.

  • #2
    The problem is that you are using the acegi callback handler while using Spring Security 2.x.
    you should switch to the equivalent Spring Security handler. Replace your acegiHandler bean definition with something like this:
    Code:
    <bean id="springHandler" class="org.springframework.ws.soap.security.wss4j.callback.SpringPlainTextPasswordValidationCallbackHandler">
        ....
    </bean>

    Comment


    • #3
      Thanx.. It fixed the issue. Now I am able to start the server. I have tested the the Plaintext Password validation feature also.

      Comment

      Working...
      X