All geek questions in one place

"j_spring_security_check" not found after spring security setting directly without http auto config

Im trying to convert Spring Security configuration from HTTP namespace to direct configuration using FilterChainProxy. Before the conversion, everything was fine with the HTTP namespace. But after replacing the element with several FilterChainProxy elements, I got the error "j_spring_security_check not found" at the login. I tried to change all or some of "/ j_spring_security_check" to "/ app / j_spring_security_check", but still could not log in successfully.

My environment: AppFuse 2.1 with Spring MVC, iBatis, Spring Security 3.0.7, tuckey urlrewrite 3.2.0, Spring 3.0.6 Windows 7 JDK 1.5.0_17 Maven 2.2.1 apache-tomcat-6.0.32

Security.xml (everything is fine before conversion.)

… <http auto-config="true" lowercase-comparisons="false"> <intercept-url pattern="/images/**" filters="none"/> <intercept-url pattern="/styles/**" filters="none"/> <intercept-url pattern="/scripts/**" filters="none"/> <intercept-url pattern="/app/admin/**" access="ROLE_ADMIN"/> <intercept-url pattern="/app/passwordHint*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> <intercept-url pattern="/app/signup*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> <intercept-url pattern="/app/**" access="ROLE_ADMIN,ROLE_USER"/> <form-login login-page="/login" authentication-failure-url="/login?error=true" login-processing-url="/j_spring_security_check"/> <remember-me user-service-ref="userDao" key="e37f4b31-0c45-11dd-bd0b-0800200c9a66"/> </http> <authentication-manager alias="authenticationManager"> <authentication-provider user-service-ref="userDao"> <password-encoder ref="passwordEncoder"/> </authentication-provider> </authentication-manager> …

Security.xml (after replacing the http namespace, "j_spring_security_check" was not found)

 <beans:bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy"> <filter-chain-map path-type="ant"> <filter-chain pattern="/images/**" filters="none"/> <filter-chain pattern="/styles/**" filters="none"/> <filter-chain pattern="/scripts/**" filters="none"/> <filter-chain pattern="/app/**" filters=" securityContextPersistenceFilter, authenticationProcessingFilter, exceptionTranslationFilter, filterSecurityInterceptor"/> </filter-chain-map> </beans:bean> <beans:bean id="securityContextPersistenceFilter" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"> </beans:bean> <beans:bean id="authenticationProcessingFilter" class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter"> <beans:property name="authenticationManager" ref="authenticationManager"/> <beans:property name="authenticationSuccessHandler" ref="authenticationSuccessHandler"/> <beans:property name="authenticationFailureHandler" ref="authenticationFailureHandler"/> <beans:property name="filterProcessesUrl" value="/j_spring_security_check"/> </beans:bean> <beans:bean id="authenticationSuccessHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler"> <beans:property name="defaultTargetUrl" value="/mainMenu"/> </beans:bean> <beans:bean id="authenticationFailureHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler"> <beans:property name="defaultFailureUrl" value="/login.jsp"/> </beans:bean> <beans:bean id="exceptionTranslationFilter" class="org.springframework.security.web.access.ExceptionTranslationFilter"> <beans:property name="authenticationEntryPoint" ref="authenticationEntryPoint"/> <beans:property name="accessDeniedHandler" ref="accessDeniedHandler"/> </beans:bean> <beans:bean id="authenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"> <beans:property name="loginFormUrl" value="/login.jsp"/> </beans:bean> <beans:bean id="accessDeniedHandler" class="org.springframework.security.web.access.AccessDeniedHandlerImpl"> <beans:property name="errorPage" value="/403.jsp"/> </beans:bean> <beans:bean id="filterSecurityInterceptor" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor"> <beans:property name="authenticationManager" ref="authenticationManager"/> <beans:property name="accessDecisionManager" ref="accessDecisionManager"/> <beans:property name="securityMetadataSource"> <filter-security-metadata-source> <intercept-url pattern="/app/admin/**" access="ROLE_ADMIN"/> <intercept-url pattern="/app/passwordHint*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> <intercept-url pattern="/app/signup*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> <intercept-url pattern="/app/**" access="ROLE_ADMIN,ROLE_USER"/> </filter-security-metadata-source> </beans:property> </beans:bean> <beans:bean id="myFilterInvocationSecurityMetadataSource" class="com.tangram.ebiz.webapp.authentication.MyFilterInvocationSecurityMetadataSource"> </beans:bean> <beans:bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased"> <beans:property name="decisionVoters"> <beans:list> <beans:bean class="org.springframework.security.access.vote.RoleVoter"> <beans:property name="rolePrefix" value="ROLE_"/> </beans:bean> <beans:bean class="org.springframework.security.access.vote.AuthenticatedVoter"/> </beans:list> </beans:property> </beans:bean> <authentication-manager alias="authenticationManager"> <authentication-provider user-service-ref="userDao"> <password-encoder ref="passwordEncoder"/> </authentication-provider> </authentication-manager>

Login.jsp

  <form method="post" id="loginForm" action="<c:url value='/j_spring_security_check'/>" onsubmit="saveUsername(this);return validateForm(this)"> … <li> <label for="j_username" class="required desc"><fmt:message key="label.username"/> <span class="req">*</span></label> <input type="text" class="text medium" name="j_username" id="j_username" tabindex="1" /> </li> <li> <label for="j_password" class="required desc"><fmt:message key="label.password"/> <span class="req">*</span></label> <input type="password" class="text medium" name="j_password" id="j_password" tabindex="2" /> </li> … </form>

Urlrewrite.xml

 <urlrewrite default-match-type="wildcard"> … <!-- Add rules here for anything that shouldn't be served up by Spring MVC. --> <rule> <from>/</from> <to type="redirect" last="true">mainMenu</to> </rule> <rule> <from>/app/**</from> <to last="true" type="redirect">%{context-path}/$1</to> </rule> <rule> <from>/j_spring_security_check**</from> <to last="true">/j_spring_security_check$1</to> </rule> … <!-- Spring MVC --> <rule> <from>/**</from> <to>/app/$1</to> </rule> <outbound-rule> <from>/app/**</from> <to>/$1</to> </outbound-rule> … </urlrewrite>
+6
source share
1 answer
Finally, I fixed it myself.

When debugging the doFilter () method SecurityContextPersistenceFilter without the Spring security namespace, I found that contextBeforeChainExecution and contextAfterChainExecution are null. But when debugging a program with a namespace, the value of both was something like anonymous.

I added "/ j_spring_security_check" and "/ login" with access "IS_AUTHENTICATED_ANONYMOUSLY" in the securityMetadataSource file, as shown below, and the problem was resolved.

  <beans:property name="securityMetadataSource"> <filter-security-metadata-source> <intercept-url pattern="/j_spring_security_check" access="IS_AUTHENTICATED_ANONYMOUSLY"/> <intercept-url pattern="/login" access="IS_AUTHENTICATED_ANONYMOUSLY"/> <intercept-url pattern="/app/admin/**" access="ROLE_ADMIN"/> <intercept-url pattern="/app/passwordHint*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> <intercept-url pattern="/app/signup*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> <intercept-url pattern="/app/**" access="ROLE_ADMIN,ROLE_USER"/> </filter-security-metadata-source> </beans:property>

This blog really helped me: http://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/

+9
source

Source: https://habr.com/ru/post/898664/

More articles:


All Articles