All geek questions in one place

Facing issues when using Spring Security in GAE

I am following this article to implement spring security in my GAE project http://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/

I couldn’t get it working, the URLs that I configured for protection do not receive protection, and the application does not redirect me to the Google login page. Here is my web.xml and security-config.xml. Please help as I have already spent a lot of time on this. I think there is a little problem that I cannot catch.

web.xml

    <context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>
        /WEB-INF/security-config.xml
    </param-value>
</context-param>

<!-- Enables Spring Security -->
<filter>
    <filter-name>authenticationFilter</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<!-- Reads request input using UTF-8 encoding -->
<filter>
    <filter-name>characterEncodingFilter</filter-name>
    <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
    <init-param>
        <param-name>encoding</param-name>
        <param-value>UTF-8</param-value>
    </init-param>
    <init-param>
        <param-name>forceEncoding</param-name>
        <param-value>true</param-value>
    </init-param>
</filter>

<filter-mapping>
    <filter-name>authenticationFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

<filter-mapping>
    <filter-name>characterEncodingFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>

<servlet>
    <servlet-name>controller</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
    <servlet-name>controller</servlet-name>
    <url-pattern>/</url-pattern>
</servlet-mapping>

security config.xml

   <beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"       xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
   http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">

<security:http pattern="/static/**" security="none" />
<security:http pattern="/favicon.ico" security="none" />

<security:http use-expressions="true" entry-point-ref="entryPoint"
    access-denied-page="/">
    <security:intercept-url pattern="/" access="isAuthenticated()" />
    <security:intercept-url pattern="/sample"
        access="isAuthenticated()" />
    <security:custom-filter position="PRE_AUTH_FILTER"
        ref="authenticationFilter" />
</security:http>

<bean id="entryPoint"
    class="com.generic.gae.security.GoogleAccountsAuthenticationEntryPoint" />

<bean id="authenticationFilter" class="com.generic.gae.security.GaeAuthenticationFilter">
    <property name="authenticationManager" ref="authenticationManager" />
</bean>

<security:authentication-manager alias="authenticationManager">
    <security:authentication-provider
        ref="authenticationProvider" />
</security:authentication-manager>

<bean id="authenticationProvider"
    class="com.generic.gae.security.GoogleAccountsAuthenticationProvider" />

thank

+3
source share
1 answer

authenticationFilter, security-config.xml, , web.xml. Spring bean springSecurityFilterChain. , web.xml :

    <filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

...

<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

. 2.2

+3

Source: https://habr.com/ru/post/1791758/

More articles:


All Articles