Announcement Announcement Module
No announcement yet.
Questions on Spring Security + Spring Flex Integration + dm Server Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Questions on Spring Security + Spring Flex Integration + dm Server


    Here is my configuration

    			<security:user name="xaos" password="xaos" authorities="ROLE_USER, ROLE_ADMIN" />
    		<flex:secured per-client-authentication="false"/>
    	<bean id="nearPingSecured" class="t3.service.blazeds.util.Ping">
    		<property name="message" value="Tshhhh...."/>
    			<security:protect method="*" access="ROLE_USER"/>
    and it works...partly :
    • if I try to access to nearPingSecured from flex client I'm getting error - ok
    • if I authenticate from flex client - then I can access the service - ok
    • but if I authenticate from flex client and reload flex client - then I can not access it anymore. Still if I try to auth now as some other user I get `Cannot re-authenticate in the same session.` error. - problem

    I tried to add the following this
    	<bean id="preAuthenticatedEntryPoint" class="" />
    	<security:http entry-point-ref="preAuthenticatedEntryPoint"/>
    or this
    	<security:http auto-config="true"/>
    to module-context.xml - both does not change anything at all... Do I really need them? What for?

    also I tried adding
    Web-FilterMappings: springSecurityFilterChain;url-patterns:="/*"

    but after this my application stopped to deploy on dm server with some strange errors
    java.lang.IllegalStateException: ContainerBase.addChild: start: LifecycleException: start: : java.lang.NullPointerException
    at org.apache.catalina.core.ContainerBase.addChildInt ernal(
    at org.apache.catalina.core.ContainerBase.addChild(Co
    at org.apache.catalina.core.StandardHost.addChild(Sta
    at com.springsource.server.servlet.tomcat.TomcatServl etContainer.addContext( :954)
    What am I doing wrong?

  • #2
    Found out the problem.

    To have the authentication working between flash application reload one need to add some kind of <security:http .../> to the context and to add Web-FilterMappings: springSecurityFilterChain;url-patterns:="/*" to the manifest file.

    Latter caused the deployment time errors because I have no dependency on org.springframework.web bundle, that was needed.


    • #3
      Thanks for persevering, and for taking the time to report the problem.

      Unfortunately, I've tried to recreate the NPE and have not been able to do so. I've updated the JIRA that you opened with my findings, as I said in my comment it'd be great if you could provide us with an app that reproduces the NPE as we'd really like to get to the bottom of the problem and improve the diagnostics if at all possible.

      Thanks again,