Announcement Announcement Module
Collapse
No announcement yet.
Stuck on: Anonymous Athentication not showing up in public urls Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Stuck on: Anonymous Athentication not showing up in public urls

    Hi,

    I have a working webapp with authentication. But now I have a need of the Anonymous authentication when a user asks a service if he is already authenticated.

    My problem is that I do not see the anonymous authentication appear (which should be active by default), and I have tried all sorts of additions in my config to activate it.

    It is not that an exotic configuration. Only my own DAO impl, esulthandler if success or failure to login and a default DAO based rememberme configuration

    What should I do to see a security context with an anonymous Authentication object in it when I access an url containing PUBLIC. With the configuration below, the context authentication object is empty.
    I have tried to add the role_anonymous, or isAnonymous() or isAuthenticated() as access el, but nothing seems to be working.

    Here is my security context:

    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <beans:beans xmlns="http://www.springframework.org/schema/security"
                 xmlns:beans="http://www.springframework.org/schema/beans"
                 xmlns:util="http://www.springframework.org/schema/util"
                 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                 xmlns:context="http://www.springframework.org/schema/context"
                 xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                 http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
                 http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd
                 http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
    
        
        <global-method-security pre-post-annotations="enabled" />
        
        <beans:bean id="userDetailsService" class="xxx.UserDetailsServiceImpl"/>
        
        <beans:bean id="loginUrlAuthenticationEntryPoint"
                    class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
            <beans:property name="loginFormUrl" value="/index.html"/>
        </beans:bean>
    
        <!--
    		***********************************************************************
    	    *** Secured URLs ......................................................
    		***********************************************************************
    	-->
        <http entry-point-ref="loginUrlAuthenticationEntryPoint" use-expressions="true" auto-config="false" authentication-manager-ref="authenticationManager">
            <intercept-url pattern="/public/**" access="permitALL"/>
            <intercept-url pattern="/services/**" access="hasRole('ROLE_USER')"/>
            <intercept-url pattern="/dashboard/**" access="hasRole('ROLE_APPADMIN')"/>
            <custom-filter before="FORM_LOGIN_FILTER" ref="servicesAuthenticationProcessingFilter" />
            <logout logout-url="/services/j_spring_security_logout" logout-success-url="/"/>
            <remember-me key="xxx" token-repository-ref="persistentTokenRepository"/>
            <anonymous enabled="true" />
        </http>
            
        <!--
    		***********************************************************************
    	    *** Authentication configuration ......................................
    		***********************************************************************
    	-->
    	
    	<beans:bean id="anonymousAuthenticationFilter" class="org.springframework.security.web.authentication.AnonymousAuthenticationFilter">
           <beans:property name="key" value="foobar"/>
           <beans:property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS"/>
        </beans:bean>
    	
    	<beans:bean id="anonymousAuthenticationProvider" class="org.springframework.security.authentication.AnonymousAuthenticationProvider">
            <beans:property name="key" value="foobar"/>
        </beans:bean>
    	
        <beans:bean id="rememberMeServices" class="xxx.PersistentTokenBasedRememberMeService">
            <beans:constructor-arg index="0" value="xxx"/>
            <beans:constructor-arg index="1" ref="userDetailsService" />
            <beans:constructor-arg index="2" ref="persistentTokenRepository" />
        </beans:bean>	
        
        <beans:bean id="persistentTokenRepository" class="org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl">
            <beans:property name="createTableOnStartup" value="false" />
            <beans:property name="dataSource" ref="dataSource"/>
        </beans:bean>
     
        <beans:bean id="servicesAuthenticationProcessingFilter" class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
            <beans:property name="authenticationManager" ref="authenticationManager" />
            <beans:property name="authenticationFailureHandler" ref="authenticationResultHandler"/>
            <beans:property name="authenticationSuccessHandler" ref="authenticationResultHandler"/>
            <beans:property name="filterProcessesUrl" value="/services/j_spring_security_check" />
            <beans:property name="rememberMeServices" ref="rememberMeServices"/>
        </beans:bean>
        
        <beans:bean id="authenticationResultHandler" class="xxx.AuthenticationResultHandler"/>
        
        <beans:bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
            <beans:property name="userDetailsService" ref="userDetailsService"/>
            <!-- 
            <beans:property name="passwordEncoder">
                <beans:ref bean="passwordEncoder" />
            </beans:property>
             -->
        </beans:bean>
        
        <beans:bean id="authenticationManager"
         class="org.springframework.security.authentication.ProviderManager">
      <beans:property name="providers">
        <beans:list>
          <beans:ref local="anonymousAuthenticationProvider"/>
          <beans:ref local="daoAuthenticationProvider"/>
        </beans:list>
      </beans:property>
    </beans:bean>
        
        <!-- 
        <authentication-manager alias="authenticationManager">
            <authentication-provider ref="daoAuthenticationProvider"/>
        </authentication-manager>
        -->
    
    </beans:beans>
    Help is very welcome.
Working...
X