• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Tim Cooke
  • Jeanne Boyarsky
  • Bear Bibeault
Sheriffs:
  • Knute Snortum
  • paul wheaton
  • Devaka Cooray
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Ron McLeod
  • Piet Souris
  • Ganesh Patekar
Bartenders:
  • Tim Holloway
  • Carey Brown
  • salvin francis

“j_spring_security_check” not found after configuring spring security without http namespace

 
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi there

I’m trying to convert Spring Security configuration from HTTP namespace into direct configuration using FilterChainProxy. Before the conversion, everything was ok with HTTP namespace. But after replacing <http> element by several elements with FilterChainProxy, I got “j_spring_security_check not found” error while login to the system. I tried to change all or some of “/j_spring_security_check” with “/app/j_spring_security_check” but still could not login successfully.

My environment:
AppFuse 2.1 with Spring MVC, iBatis, Spring Security 3.0.7, tuckey urlrewrite 3.2.0, Spring 3.0.6
Windows 7
JDK 1.5.0_17
Maven 2.2.1

Security.xml (before conversion, everything is OK.)
----------------------------------------------------------------

<http auto-config="true" lowercase-comparisons="false">
<intercept-url pattern="/images/**" filters="none"/>
<intercept-url pattern="/styles/**" filters="none"/>
<intercept-url pattern="/scripts/**" filters="none"/>
<intercept-url pattern="/app/admin/**" access="ROLE_ADMIN"/>
<intercept-url pattern="/app/passwordHint*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/>
<intercept-url pattern="/app/signup*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/>
<intercept-url pattern="/app/**" access="ROLE_ADMIN,ROLE_USER"/>
<form-login login-page="/login" authentication-failure-url="/login?error=true"
login-processing-url="/j_spring_security_check"/>
<remember-me user-service-ref="userDao" key="e37f4b31-0c45-11dd-bd0b-0800200c9a66"/>
</http>

<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="userDao">
<password-encoder ref="passwordEncoder"/>
</authentication-provider>
</authentication-manager>


Security.xml (after replacing http namespace, "j_spring_security_check" not found)
----------------------------------------------------------------
<beans:bean id="springSecurityFilterChain"
class="org.springframework.security.web.FilterChainProxy">
<filter-chain-map path-type="ant">
<filter-chain pattern="/images/**" filters="none"/>
<filter-chain pattern="/styles/**" filters="none"/>
<filter-chain pattern="/scripts/**" filters="none"/>
<filter-chain pattern="/app/**" filters="
securityContextPersistenceFilter,
authenticationProcessingFilter,
exceptionTranslationFilter,
filterSecurityInterceptor"/>
</filter-chain-map>
</beans:bean>

<beans:bean id="securityContextPersistenceFilter"
class="org.springframework.security.web.context.SecurityContextPersistenceFilter">
</beans:bean>

<beans:bean id="authenticationProcessingFilter"
class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
<beans:property name="authenticationManager" ref="authenticationManager"/>
<beans:property name="authenticationSuccessHandler" ref="authenticationSuccessHandler"/>
<beans:property name="authenticationFailureHandler" ref="authenticationFailureHandler"/>
<beans:property name="filterProcessesUrl" value="/j_spring_security_check"/>
</beans:bean>

<beans:bean id="authenticationSuccessHandler"
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler">
<beans:property name="defaultTargetUrl" value="/mainMenu"/>
</beans:bean>

<beans:bean id="authenticationFailureHandler"
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<beans:property name="defaultFailureUrl" value="/login.jsp"/>
</beans:bean>

<beans:bean id="exceptionTranslationFilter"
class="org.springframework.security.web.access.ExceptionTranslationFilter">
<beans:property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
<beans:property name="accessDeniedHandler" ref="accessDeniedHandler"/>
</beans:bean>

<beans:bean id="authenticationEntryPoint"
class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
<beans:property name="loginFormUrl" value="/login.jsp"/>
</beans:bean>

<beans:bean id="accessDeniedHandler"
class="org.springframework.security.web.access.AccessDeniedHandlerImpl">
<beans:property name="errorPage" value="/403.jsp"/>
</beans:bean>


<beans:bean id="filterSecurityInterceptor"
class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
<beans:property name="authenticationManager" ref="authenticationManager"/>
<beans:property name="accessDecisionManager" ref="accessDecisionManager"/>
<beans:property name="securityMetadataSource">
<filter-security-metadata-source>
<intercept-url pattern="/app/admin/**" access="ROLE_ADMIN"/>
<intercept-url pattern="/app/passwordHint*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/>
<intercept-url pattern="/app/signup*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/>
<intercept-url pattern="/app/**" access="ROLE_ADMIN,ROLE_USER"/>
</filter-security-metadata-source>
</beans:property>
</beans:bean>

<beans:bean id="myFilterInvocationSecurityMetadataSource"
class="com.tangram.ebiz.webapp.authentication.MyFilterInvocationSecurityMetadataSource">
</beans:bean>

<beans:bean id="accessDecisionManager"
class="org.springframework.security.access.vote.AffirmativeBased">
<beans:property name="decisionVoters">
<beans:list>
<beans:bean class="org.springframework.security.access.vote.RoleVoter">
<beans:property name="rolePrefix" value="ROLE_"/>
</beans:bean>
<beans:bean
class="org.springframework.security.access.vote.AuthenticatedVoter"/>
</beans:list>
</beans:property>
</beans:bean>

<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="userDao">
<password-encoder ref="passwordEncoder"/>
</authentication-provider>
</authentication-manager>

Login.jsp
----------------------------------------------------------------
<form method="post" id="loginForm" action="<c:url value='/j_spring_security_check'/>" onsubmit="saveUsername(this);return validateForm(this)">

<li>
<label for="j_username" class="required desc"><fmt:message key="label.username"/> <span class="req">*</span></label>
<input type="text" class="text medium" name="j_username" id="j_username" tabindex="1" />
</li>

<li>
<label for="j_password" class="required desc"><fmt:message key="label.password"/> <span class="req">*</span></label>
<input type="password" class="text medium" name="j_password" id="j_password" tabindex="2" />
</li>

</form>

Urlrewrite.xml
----------------------------------------------------------------
<urlrewrite default-match-type="wildcard">

<!-- Add rules here for anything that shouldn't be served up by Spring MVC. -->
<rule>
<from>/</from>
<to type="redirect" last="true">mainMenu</to>
</rule>
<rule>
<from>/app/**</from>
<to last="true" type="redirect">%{context-path}/$1</to>
</rule>
<rule>
<from>/j_spring_security_check**</from>
<to last="true">/j_spring_security_check$1</to>
</rule>


<!-- Spring MVC -->
<rule>
<from>/**</from>
<to>/app/$1</to>
</rule>
<outbound-rule>
<from>/app/**</from>
<to>/$1</to>
</outbound-rule>

</urlrewrite>



 
ranger
Posts: 17344
11
Mac IntelliJ IDE Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What server are you deploying on?

Mark
 
Benn Wu
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Mark Spritzler wrote:What server are you deploying on?

Mark



Windows 7
JDK 1.5.0_17
Maven 2.2.1
 
Mark Spritzler
ranger
Posts: 17344
11
Mac IntelliJ IDE Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

bwwlpnn Wu wrote:

Mark Spritzler wrote:What server are you deploying on?

Mark



Windows 7
JDK 1.5.0_17
Maven 2.2.1



No, I mean the Java application, are you deploying on Tomcat, JBoss, Weblogic, WebSphere etc.

Thanks

Mark
 
Benn Wu
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Mark Spritzler wrote:

bwwlpnn Wu wrote:

Mark Spritzler wrote:What server are you deploying on?

Mark



Windows 7
JDK 1.5.0_17
Maven 2.2.1



No, I mean the Java application, are you deploying on Tomcat, JBoss, Weblogic, WebSphere etc.

Thanks

Mark



My server is apache-tomcat-6.0.32.
 
Benn Wu
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Finally I fixed it myself.

While debugging the doFilter() method of SecurityContextPersistenceFilter without Spring security namespace, I found that contextBeforeChainExecution and contextAfterChainExecution were null. But when debugging the program with namespace the value of both of them were something about Anonymous.

I added “/j_spring_security_check” and “/login” with “IS_AUTHENTICATED_ANONYMOUSLY” access in securityMetadataSource as shown below and the problem was solved.

<beans:property name="securityMetadataSource">
<filter-security-metadata-source>
<intercept-url pattern="/j_spring_security_check" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/login" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/app/admin/**" access="ROLE_ADMIN"/>
<intercept-url pattern="/app/passwordHint*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/>
<intercept-url pattern="/app/signup*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/>
<intercept-url pattern="/app/**" access="ROLE_ADMIN,ROLE_USER"/>
</filter-security-metadata-source>
</beans:property>

This blog really helped me a lot: http://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/

 
Mark Spritzler
ranger
Posts: 17344
11
Mac IntelliJ IDE Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Glad you fixed it. Was at first expecting you to say you were deploying on WebSphere which has a problem and the only way to fix that was to include a file named j_spring_security_check in your war file.

Mark
 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
mark how is your solution? mind describe it?
 
You guys wanna see my fabulous new place? Or do you wanna look at this tiny ad?
create, convert, edit or print DOC and DOCX in Java
https://products.aspose.com/words/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!