Announcement Announcement Module
No announcement yet.
Redirecting to a secure channel Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Redirecting to a secure channel

    I have successfully implemented authentication/authorization security for SOAP requests using Spring Security with Spring WS and the Wss4jSecurityInterceptor which acts on the request during SOAP message processing.

    Now I would like to use the intercept-url mechanism in Spring Security to redirect non-secure requests (port 80) to the secure channel (port 443). I have not found any documentation on doing this so I have tried what seemed to be the way it should be done based on the Spring Security documentation for a normal webapp. From what I am running into, it doesn't appear that this is supported, but I may be doing something wrong.

    The first step in intercepting requests for Spring Security is to add a Spring DelegatingFilterProxy to the web.xml. The DelegatingFilterProxy is supposed to delegate to a springSecurityFilterChain bean that is implicitly created in the application context when the security namespace is used. However, when I add the filter to the web.xml the DelegatingFilterProxy throws an IllegalStateException because it is unable to find the WebApplicationContext:

    java.lang.IllegalStateException: No WebApplicationContext found: no ContextLoaderListener registered?
    	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(
    	at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(
    	at org.mortbay.jetty.servlet.ServletHandler.handle(
    My web.xml contains the standard Spring WS MessageDispatcherServlet declaration and the standard Spring Security filter declaration:

    My application context is provided in the WEB-INF directory as myapp-servlet.xml and everything works fine when the filter is not present.

    Am I missing something (should I be explicitly adding a ContextLoaderListener to the web.xml), or is this just not supported? If not, should it be, or is there an alternative way I should be doing this. I will probably end up using a global redirect in my Tomcat configuration, but I would like to not have to rely on that.

  • #2
    Element filter must be the first in web.xml file...


    • #3
      Originally posted by afborroy View Post
      Element filter must be the first in web.xml file...
      Thanks for the correction. I moved the filter up to be the first declaration in the web.xml, but I still got the same error.