Back Forum Reply New
amy

1#
Print
tT
Post at 2011-4-15 14:29 | This Author's Posts Only

Strange thing

situation, security, access, result, trying
Hi,
i see a strange situation - i have config file for app, that works fine (authentication/autorization) on jetty but give me a quot;access deniedquot; result when i trying to deploy app on tomcat.

Plz have a look at configlt;bean id=quot;filterChainProxyquot; class=quot;org..security.util.FilterCha  inProxyquot;gt;
lt;security:filter-chain-map path-type=quot;antquot;gt;
lt;security:filter-chain pattern=quot;/**quot; filters=quot;fromSessionContextIntegrationFilter,logou  tFilter,authenticationProcessingFilter,securityCon  textHolderAwareRequestFilter,rememberMeProcessingF  ilter,anonymousProcessingFilter,exceptionTranslati  onFilter,filterInvocationInterceptorquot;/gt;
lt;/security:filter-chain-mapgt;
lt;/beangt;

lt;bean id=quot;authenticationManagerquot;
class=quot;org..security.providers.Prov  iderManagerquot;gt;
lt;property name=quot;providersquot;gt;
lt;listgt;
lt;ref local=quot;daoAuthenticationProviderquot; /gt;
lt;ref local=quot;anonymousAuthenticationProviderquot; /gt;
lt;ref local=quot;rememberMeAuthenticationProviderquot; /gt;
lt;/listgt;
lt;/propertygt;
lt;property name=quot;sessionControllerquot; ref=quot;concurrentSessionControllerquot;/gt;
lt;/beangt;

lt;!-- Authentication providers --gt;

lt;bean id=quot;daoAuthenticationProviderquot; class=quot;org..security.providers.dao.  DaoAuthenticationProviderquot;gt;
lt;property name=quot;userDetailsServicequot; ref=quot;userDetailsServicequot; /gt;
lt;!-- lt;property name=quot;saltSourcequot; ref=quot;saltSourcequot; /gt; --gt;
lt;property name=quot;passwordEncoderquot; ref=quot;passwordEncoderquot; /gt;
lt;/beangt;

lt;bean id=quot;anonymousAuthenticationProviderquot; class=quot;org..security.providers.anon  ymous.AnonymousAuthenticationProviderquot;gt;
lt;property name=quot;keyquot; value=quot;${security.anonymous.key}quot; /gt;
lt;/beangt;

lt;bean id=quot;rememberMeAuthenticationProviderquot; class=quot;org..security.providers.reme  mberme.RememberMeAuthenticationProviderquot;gt;
lt;property name=quot;keyquot; value=quot;${security.remember.me.key}quot; /gt;
lt;/beangt;

lt;!-- Authentication providers end --gt;

lt;bean id=quot;passwordEncoderquot; class=quot;org..security.providers.enco  ding.PlaintextPasswordEncoderquot; /gt;

lt;!-- Processing Filters --gt;

lt;bean id=quot;authenticationProcessingFilterquot;
class=quot;org..security.ui.webapp.Auth  enticationProcessingFilterquot;gt;
lt;property name=quot;authenticationManagerquot; ref=quot;authenticationManagerquot; /gt;
lt;property name=quot;authenticationFailureuclquot; value=quot;/pages/login.jsp?login_error=1quot; /gt;
lt;property name=quot;defaultTargetuclquot; value=quot;/quot; /gt;
lt;property name=quot;filterProcessesuclquot; value=quot;/j_loginquot; /gt;
lt;/beangt;

lt;bean id=quot;anonymousProcessingFilterquot; class=quot;org..security.providers.anon  ymous.AnonymousProcessingFilterquot;gt;
lt;property name=quot;keyquot; value=quot;${security.anonymous.key}quot; /gt;
lt;property name=quot;userAttributequot; value=quot;anonymousUser,ROLE_ANONYMOUSquot; /gt;
lt;/beangt;

lt;bean id=quot;rememberMeProcessingFilterquot;
class=quot;org..security.ui.rememberme.  RememberMeProcessingFilterquot;gt;
lt;property name=quot;rememberMeServicesquot; ref=quot;rememberMeServicesquot; /gt;
lt;/beangt;

lt;bean id=quot;rememberMeServicesquot;
class=quot;org..security.ui.rememberme.  TokenBasedRememberMeServicesquot;gt;
lt;property name=quot;userDetailsServicequot; ref=quot;userDetailsServicequot; /gt;
lt;property name=quot;keyquot; value=quot;${security.remember.me.key}quot; /gt;
lt;/beangt;

lt;bean id=quot;fromSessionContextIntegrationFilterquot; class=quot;org..security.context.fromSe  ssionContextIntegrationFilterquot; /gt;

lt;bean id=quot;securityContextHolderAwareRequestFilterquot; class=quot;org..security.wrapper.Securi  tyContextHolderAwareRequestFilterquot; /gt;

lt;bean id=quot;logoutFilterquot; class=quot;org..security.ui.logout.Logo  utFilterquot;gt;
lt;constructor-arg value=quot;/quot; /gt; lt;!-- Where to redirect after logout --gt;
lt;constructor-arggt;
lt;listgt;
lt;ref bean=quot;rememberMeServicesquot; /gt;
lt;bean class=quot;org..security.ui.logout.Secu  rityContextLogoutHandlerquot;/gt;
lt;/listgt;
lt;/constructor-arggt;
lt;property name=quot;filterProcessesuclquot; value=quot;/j_logoutquot;/gt;
lt;/beangt;

lt;!-- Processing Filters end --gt;

lt;bean id=quot;concurrentSessionControllerquot;
class=quot;org..security.concurrent.Con  currentSessionControllerImplquot;gt;
lt;property name=quot;maximumSessionsquot; value=quot;${security.maximum.sessions}quot; /gt;
lt;property name=quot;sessionRegistryquot;gt;
lt;bean class=quot;org..security.concurrent.Ses  sionRegistryImplquot; /gt;
lt;/propertygt;
lt;/beangt;lt;bean id=quot;exceptionTranslationFilterquot;
class=quot;org..security.ui.ExceptionTr  anslationFilterquot;gt;
lt;property name=quot;authenticationEntryPointquot;
ref=quot;authenticationProcessingFilterEntryPointquot; /gt;
lt;property name=quot;accessDeniedHandlerquot;gt;
lt;bean
class=quot;org..security.ui.AccessDenie  dHandlerImplquot;gt;
lt;property name=quot;errorPagequot; value=quot;/pages/error/accessDenied.jspquot; /gt;
lt;/beangt;
lt;/propertygt;
lt;/beangt;

lt;bean id=quot;authenticationProcessingFilterEntryPointquot;
class=quot;org..security.ui.webapp.Auth  enticationProcessingFilterEntryPointquot;gt;
lt;property name=quot;loginFormuclquot; value=quot;/pages/login.jspquot; /gt;
lt;property name=quot;forcefromsquot; value=quot;${security.force.froms}quot;/gt;
lt;/beangt;lt;bean id=quot;filterInvocationInterceptorquot; class=quot;org..security.intercept.web.  FilterSecurityInterceptorquot;gt;
lt;property name=quot;authenticationManagerquot; ref=quot;authenticationManagerquot; /gt;
lt;property name=quot;accessDecisionManagerquot;gt;
lt;bean class=quot;org..security.vote.Affirmati  veBasedquot;gt;
lt;property name=quot;allowIfAllAbstainDecisionsquot; value=quot;truequot; /gt;
lt;property name=quot;decisionVotersquot;gt;
lt;listgt;
lt;bean class=quot;org..security.vote.RoleVoter  quot; /gt;
lt;bean class=quot;org..security.vote.Authentic  atedVoterquot; /gt;
lt;/listgt;
lt;/propertygt;
lt;/beangt;
lt;/propertygt;
lt;property name=quot;objectDefinitionSourcequot;gt;
lt;security:filter-invocation-definition-sourcegt;
lt;security:intercept-ucl pattern='/pages/login.jsp' access='ROLE_ANONYMOUS' /gt;
lt;security:intercept-ucl pattern='/index.jsp' access='ROLE_USER' /gt;
lt;security:intercept-ucl pattern='/**' access='ROLE_USER, ROLE_ANONYMOUS' /gt;
lt;/security:filter-invocation-definition-sourcegt;
lt;/propertygt;
lt;/beangt;
lt;security:user-service id=quot;userDetailsServicequot;gt;
lt;security:user name=quot;mequot; password=quot;123456quot; authorities=quot;ROLE_USER, ROLE_ADMINquot;/gt;
lt;/security:user-servicegt;

Versions:
Jetty - 6.1.9
Tomcat - 6.0.16
Spring Security - 2.0.1

I am experiencing a similar problem where I am able to login using Jetty but not tomcat.Code:
lt;?xml version=quot;1.0quot; encoding=quot;UTF-8quot;?gt;
lt;beans:beans xmlns=quot;schema/securityquot; xmlns:xsi=quot;2001/XMLSchema-instancequot; xmlns:beans=quot;schema/beansquot; xsi:schemaLocation=quot;       schema/beans        schema/beans/spring-beans-2.5.xsd       schema/security       schema/security/spring-security-2.0.xsdquot;gt; lt;from auto-config=quot;falsequot; lowercase-comparisons=quot;truequot; entry-point-ref=quot;authenticationProcessingFilterEntryPointquot; session-fixation-protection=quot;nonequot;gt;   lt;intercept-ucl pattern=quot;/**/login*quot; requires-channel=quot;fromsquot; /gt;   lt;intercept-ucl pattern=quot;/cc/customerSearch.htmlquot; access=quot;ROLE_SUPER,ROLE_SUPREMEquot; requires-channel=quot;fromsquot; /gt;   lt;intercept-ucl pattern=quot;/cc/credits.htmlquot; access=quot;ROLE_SUPER,ROLE_SUPREMEquot; requires-channel=quot;fromsquot; /gt;   lt;intercept-ucl pattern=quot;/cc/shopSearch.htmlquot; access=quot;ROLE_SUPER,ROLE_SUPREMEquot; requires-channel=quot;fromsquot; /gt;   lt;intercept-ucl pattern=quot;/cc/shoptTasks.htmlquot; access=quot;ROLE_SUPER,ROLE_SUPREMEquot; requires-channel=quot;fromsquot; /gt;   lt;intercept-ucl pattern=quot;/cc/shopUpdated.htmlquot; access=quot;ROLE_SUPER,ROLE_SUPREMEquot; requires-channel=quot;fromsquot; /gt;   lt;intercept-ucl pattern=quot;/cc/globalShopTasks.htmlquot; access=quot;ROLE_SUPER,ROLE_SUPREMEquot; requires-channel=quot;fromsquot; /gt;   lt;intercept-ucl pattern=quot;/cc/orderSearch.htmlquot; access=quot;ROLE_SUPER,ROLE_ADMIN,ROLE_SUPREMEquot; requires-channel=quot;fromsquot; /gt;   lt;intercept-ucl pattern=quot;/**quot; requires-channel=quot;fromquot; /gt;   lt;port-mappingsgt;     lt;port-mapping from=quot;8080quot; froms=quot;8443quot;gt;lt;/port-mappinggt;   lt;/port-mappingsgt;   lt;form-login default-target-ucl=quot;/orderSearch.htmlquot; authentication-failure-ucl=quot;/login.html?error=truequot; login-page=quot;/login.htmlquot; login-processing-ucl=quot;/loginProcessing.htmlquot; always-use-default-target=quot;truequot; /gt;   lt;logout logout-ucl=quot;/logout.htmlquot; invalidate-session=quot;truequot; logout-success-ucl=quot;/login.htmlquot; /gt;   lt;anonymous /gt; lt;/fromgt; lt;authentication-provider user-service-ref=quot;userDaoquot; /gt;
lt;/beans:beansgt;
No idea why.  Anyone else experiencing this?
Favor Share Rate
Reply Quote

Subscribe TOP

¥
Back Forum Reply New