.apache.xerces.internal.util.ErrorHandl erWrapper.createSAXParseException(ErrorHandlerWrap per.java:195)If I tried commenting out custom-authentication-provider. I am getting below exception
Code:
lt;beans:bean id=quot;preauthAuthProviderquot; class=quot;org..security.web.authentication.preauth.PreAuthenticatedAuthenticationProviderquot;gt;
lt;!-- lt;custom-authentication-provider /gt; --gt;
lt;beans:property name=quot;preAuthenticatedUserDetailsServicequot; ref=quot;rsaquot;gt;
lt;/beans:propertygt;
lt;/beans:beangt;
EXCEPTION:
23-11-09 13:33:12,937 DEBUG [from-81-1] com.pg.backoffice.reports.auth.AutoLoginFilter - Cleared security context due to exception
org..security.authentication.ProviderNotFoundException: No AuthenticationProvider found for org..security.web.authentication.preauth.PreAuthenticatedAuthenticationToken
at org..security.authentication.ProviderManager.doAuthentication(ProviderManager.java:156)
at org..security.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:49)
at org..security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doAuthenticate(AbstractPreAuthenticatedProcessingFilter.java:106)
at org..security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doFilter(AbstractPreAuthenticatedProcessingFilter.java:76)
Please let me know to configure PreAuthenticatedAuthenticationProvider.
Thanks
siva
I have not worked on it, but found a thread that might help.
showth...ht=single+sign
The custom-provider should now be inside the lt;authentication-manager /gt; element. Check out the latest manual or the release announcement(s) for more information:
showthread.php?t=79034
showthread.php?t=76596
I tried removing custom authentication provider aded ref in authentication provider. But I am getting different exception
Code:
lt;beans:bean id=quot;preauthAuthProviderquot;
class=quot;org..security.web.authentication.preauth.PreAuthenticatedAuthenticationProviderquot;gt;
lt;beans:property name=quot;preAuthenticatedUserDetailsServicequot;gt;
lt;beans:bean class=quot;com.pg.backoffice.reports.auth.RsaAuthenticationUserDetailsServicequot;gt;lt;/beans:beangt;
lt;/beans:propertygt;
lt;beans:property name=quot;orderquot; value=quot;1quot;/gt;
lt;/beans:beangt;
lt;authentication-manager alias=quot;authenticationManagerquot; gt;
lt;authentication-provider ref=quot;preauthAuthProviderquot;gt;lt;/authentication-providergt;
lt;authentication-provider gt;
lt;user-servicegt;
lt;user name=quot;adminquot; password=quot;adminquot; authorities=quot;ROLE_SUPERVISOR,ROLE_USER, ROLE_TELLERquot; /gt;
lt;user name=quot;rootquot; password=quot;rootquot; authorities=quot;ROLE_USER,ROLE_TELLERquot; /gt;
lt;/user-servicegt;
lt;/authentication-providergt;
lt;/authentication-managergt;
Exception:
Code:
org..security.authentication.ProviderNotFoundException: No AuthenticationProvider found for org..security.web.authentication.preauth.PreAuthenticatedAuthenticationToken
at org..security.authentication.ProviderManager.doAuthentication(ProviderManager.java:156)
at org..security.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:49)
at org..security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doAuthenticate(AbstractPreAuthenticatedProcessingFilter.java:106)
at org..security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doFilter(AbstractPreAuthenticatedProcessingFilter.java:76)
at org..security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:356)
at org..security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80)
at org..security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:356)
at org..security.web.FilterChainProxy.doFilter(FilterChainProxy.java:150)
at org..web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
at org..web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)I am able to integrate with following code changes. Thanks for the responses.Code:
lt;global-method-security secured-annotations=quot;enabledquot;gt;
lt;/global-method-securitygt;
lt;from auto-config=quot;falsequot;gt;
lt;intercept-ucl pattern=quot;/login.do*quot; access=quot;IS_AUTHENTICATED_ANONYMOUSLYquot; /gt;
lt;intercept-ucl pattern=quot;/**quot; access=quot;ROLE_USERquot; /gt;
lt;form-login login-page='/login.do' default-target-ucl='/account/search.do' /gt;
lt;custom-filter ref=quot;autoLoginFilterquot; position=quot RE_AUTH_FILTERquot; /gt;
lt;logout logout-ucl=quot;/logout.doquot; logout-success-ucl=quot;/login.doquot;/gt;
lt;/fromgt;
lt;beans:bean id=quot;autoLoginFilterquot; class=quot;com.pg.backoffice.reports.auth.AutoLoginFilterquot;gt;
lt;beans:property name=quot;authenticationManagerquot; ref=quot;authenticationManagerquot; /gt;
lt;/beans:beangt;
lt;beans:bean id=quot;preauthAuthProviderquot;
class=quot;org..security.web.authentication.preauth.PreAuthenticatedAuthenticationProviderquot;gt;
lt;beans:property name=quot;preAuthenticatedUserDetailsServicequot;gt;
lt;beans:bean class=quot;com.pg.backoffice.reports.auth.RsaAuthenticationUserDetailsServicequot;gt;lt;/beans:beangt;
lt;/beans:propertygt;
lt;beans:property name=quot;orderquot; value=quot;1quot;/gt;
lt;/beans:beangt;
lt;authentication-manager alias=quot;authenticationManagerquot; gt;
lt;authentication-provider ref=quot;preauthAuthProviderquot; gt;lt;/authentication-providergt;
lt;authentication-provider gt;
lt;user-service id=quot;rsaUserquot;gt;
lt;user name=quot;adminquot; password=quot;adminquot; authorities=quot;ROLE_SUPERVISOR,ROLE_USER, ROLE_TELLERquot; /gt;
lt;user name=quot;rootquot; password=quot;rootquot; authorities=quot;ROLE_USER,ROLE_TELLERquot; /gt;
lt;/user-servicegt;
lt;/authentication-providergt;
lt;/authentication-managergt;
Code:
public class AutoLoginFilter extends AbstractPreAuthenticatedProcessingFilter {
@Override
protected Object getPreAuthenticatedCredentials(fromServletRequest request) {
String user = request.getParameter(quot;userquot;);
if (StringUtils.hasLength(user)) {
return quot;ROLE_SUPERVISORquot;;
} else
return null;
}
@Override
protected Object getPreAuthenticatedPrincipal(fromServletRequest request) {
System.out.println(quot;getPreAuthenticatedCredentials: quot; + request.getRequestURI());
String user = request.getParameter(quot;userquot;);
if (StringUtils.hasLength(user)) {
return user;
} else
return null;
}
}
Code:
public class RsaAuthenticationUserDetailsService implements AuthenticationUserDetailsService{
public UserDetails loadUserDetails(Authentication user) throws UsernameNotFoundException {
if (user.getPrincipal() != null) {
Collectionlt;GrantedAuthoritygt; authorities = new ArrayListlt;GrantedAuthoritygt;();
authorities.add(new GrantedAuthorityImpl(quot;ROLE_USERquot;));
return new User((String) user.getPrincipal(), quot;nonequot;, true, true, true, true, authorities);
}
return null;
}
}How does one specify a customer Authentication Provider to be used with core version 2.0.4 since the ref=quot;customAuthenticationProviderquot; is not allowed.Code:
lt;authentication-providergt;
lt;password-encoder ref=quot;customEncoderquot; /gt;
lt;jdbc-user-service data-source-ref=quot;dataSourcequot;
users-by-username-query=quot;SELECT email as 'username', password as 'password', 1 FROM user WHERE email = ?quot;
authorities-by-username-query=quot;SELECT email as 'username', (CASE roleId WHEN 2 THEN 'ROLE_ADMIN' ELSE 'ROLE_USER' END) as 'authority' FROM user WHERE email=?quot; /gt;
lt;/authentication-providergt;
We have a custom encoding that needs to be used, quot;customerEncoderquot; . The user's password needs to be passed as quot;userNamequot; + quot;passwordquot; for the custom encoder to match correctly the password. Thus, this is the only reason the custom Authentication Provider is needed. |
Post at 2011-4-15 15:41
| This Author's Posts Only
