I'm trying to create a web service with WS-Security so far I have configured the following:
cxf.xml:
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">
<import resource="classpath:META-INF/cxf/cxf.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
<import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
<bean id="logIn" class="org.apache.cxf.interceptor.LoggingInInterceptor" />
<bean id="logOut" class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
<bean class="com.palominocia.capa_datos_nodo.servicios.NodoCentralImpl"
id="NodoCentralImpl" />
<jaxws:endpoint address="/NodoCentralImplWS" id="NodoCentralImplWS"
implementor="#NodoCentralImpl">
<jaxws:properties>
<entry key="schema-validation-enabled" value="true" />
</jaxws:properties>
</jaxws:endpoint>
<bean class="com.palominocia.capa_datos_nodo.servicios.HelloWorldImpl"
id="HelloWorldImpl" />
<jaxws:endpoint address="/HelloWorldImplWS" id="HelloWorldImplWS"
implementor="#HelloWorldImpl">
<jaxws:properties>
<entry key="schema-validation-enabled" value="true" />
</jaxws:properties>
<!-- ?? -->
<jaxws:inInterceptors>
<bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken" />
<entry key="passwordType" value="PasswordText" />
<entry key="passwordCallbackClass" value="com.palominocia.capa_datos_nodo.servicios.ClientPasswordCallback" />
</map>
</constructor-arg>
</bean>
</jaxws:inInterceptors>
</jaxws:endpoint>
</beans>
The CallBack class that would control the user and password is this:
The idea is to control against BD and the execution grant or deny.
ClientPasswordCallback.java
package com.palominocia.capa_datos_nodo.servicios;
import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;
public class ClientPasswordCallback implements CallbackHandler {
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
System.out.println("pc.getPassword() " + pc.getPassword());
System.out.println("pc.getIdentifier() " + pc.getIdentifier());
if ("joe".equals(pc.getIdentifier())) {
pc.setPassword("joespassword");
} // else {...} - can add more users, access DB, etc.
}
}
The web.xml file is configured as follows:
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="2.5" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<display-name>capa_datos_nodo</display-name>
<description>Roo generated capa_datos_nodo application</description>
<!-- Enable escaping of form submission contents -->
<context-param>
<param-name>defaultHtmlEscape</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath*:META-INF/spring/applicationContext*.xml</param-value>
</context-param>
<filter>
<filter-name>CharacterEncodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter>
<filter-name>HttpMethodFilter</filter-name>
<filter-class>org.springframework.web.filter.HiddenHttpMethodFilter</filter-class>
</filter>
<filter>
<filter-name>Spring OpenEntityManagerInViewFilter</filter-name>
<filter-class>org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CharacterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>HttpMethodFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>Spring OpenEntityManagerInViewFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Creates the Spring Container shared by all Servlets and Filters -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- Handles Spring requests -->
<servlet>
<servlet-name>capa_datos_nodo</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>WEB-INF/spring/webmvc-config.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>capa_datos_nodo</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>10</session-timeout>
</session-config>
<error-page>
<exception-type>java.lang.Exception</exception-type>
<location>/uncaughtException</location>
</error-page>
<error-page>
<error-code>404</error-code>
<location>/resourceNotFound</location>
</error-page>
<servlet>
<servlet-name>CXFServlet</servlet-name>
<servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class>
<init-param>
<param-name>config-location</param-name>
<param-value>WEB-INF/conf_cxf_context.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>CXFServlet</servlet-name>
<url-pattern>/servicios/datos/*</url-pattern>
</servlet-mapping>
</web-app>
This class is for the web service has only one method of return is only for testing
HelloWorldImpl.java
package com.palominocia.capa_datos_nodo.servicios;
import java.util.List;
import java.util.Map;
import javax.annotation.Resource;
import javax.jws.WebService;
import javax.xml.ws.WebServiceContext;
import javax.xml.ws.handler.MessageContext;
import org.apache.cxf.interceptor.InInterceptors;
import org.apache.cxf.interceptor.OutInterceptors;
//Service Implementation Bean
#WebService(endpointInterface = "com.palominocia.capa_datos_nodo.servicios.HelloWorld")
#InInterceptors(interceptors = "org.apache.cxf.interceptor.LoggingInInterceptor")
#OutInterceptors(interceptors = "org.apache.cxf.interceptor.LoggingOutInterceptor")
public class HelloWorldImpl implements HelloWorld{
#Resource
WebServiceContext wsctx;
#Override
public String getHelloWorldAsString() {
MessageContext mctx = wsctx.getMessageContext();
System.out.println("header "+mctx);
//get detail from request headers
Map http_headers = (Map) mctx.get(MessageContext.HTTP_REQUEST_HEADERS);
List userList = (List) http_headers.get("Username");
List passList = (List) http_headers.get("Password");
String username = "";
String password = "";
if(userList!=null){
//get username
username = userList.get(0).toString();
}
if(passList!=null){
//get password
password = passList.get(0).toString();
}
System.out.println("userList "+userList);
System.out.println("passList "+passList);
//Should validate username and password with database
if (username.equals("mkyong") && password.equals("password")){
return "Hello World JAX-WS - Valid User!";
}else{
return "Unknown User!";
}
}
}
Previously used for authentication by the head but I am proving the library ws-security.
What happens is that if I create the web client with netbeans and I run it just jumps me the following error:
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: An Error was discovered processing the <wsse: Security> header.
The client is written so:
HelloWorldImplService serv = new HelloWorldImplService();
HelloWorld port = serv.getHelloWorldImplPort();
System.out.println(" *** " + port.getHelloWorldAsString());
I built the program according to the resources found online, before adding ws-security running properly and that I may be missing.
Sorry for the English but I'm not good at writing
You need to provide more information than just a single error message. Turn on DEBUG logging + it will probably tell you what the problem is. If not then attach the log here.
Colm.
Related
I want to revise my codes to make it leaner. My intentions are as below:
I wrote a RedirectServlet to handle all the redirection, so I use the url-pattern /pages/* to make it distinguish from original dispatcherServlet's request mapping.
I also mapped the url pattern of dipatcherServlet to /do/** since it conflicts with the redirectServlet due to reasons unknown to me. But it brings me more problems to solve.
the #RequestMapping annotation in all my controller might be a problem. I want to specify path with more than one seperator,just like /do/user/signup. But there's a problem there the path can't be resolve correctly, and it returns a 404 page, which frustrates me a great deal.
something like:
type Status report
message /do/user/login
description The requested resource is not available.
So much about my casse, I want to know :
how to configure spring mvc environment, so that I can redirect to pages without writes a function in controller,just like :
#RequestMapping("submitArticleView")
public String submitArticleView(Model model){
model.addAttribute("article",new Article());
return "submitArticleView";
}
I want something like and return a page.
how to use #RequestMapping in a lean way.
Thanks in advance.
my web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
id="WebApp_ID" version="2.5">
<display-name>plainart</display-name>
<welcome-file-list>
<welcome-file>login.jsp</welcome-file>
</welcome-file-list>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/dispatcher-servlet.xml /WEB-INF/applicationContext.xml /WEB-INF/hibernateContext.xml</param-value>
</context-param>
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value></param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/do/**</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>Redirector</servlet-name>
<servlet-class>cn.edu.xmu.plainart.controller.Redirector</servlet-class>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Redirector</servlet-name>
<url-pattern>/pages/*</url-pattern>
</servlet-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<filter>
<filter-name>SpringOpenEntityManagerInViewFilter</filter-name>
<filter-class>
org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>SpringOpenEntityManagerInViewFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CharacterEncodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>utf-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CharacterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
dispatcher-servlet.xml
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<context:annotation-config />
<context:component-scan base-package="cn.edu.xmu.plainart" />
<mvc:annotation-driven />
<mvc:interceptors>
<mvc:interceptor>
<!-- Intercepting specific URL -->
<mvc:mapping path="/authenticate/**" />
<bean id= "myInterceptor"
class="cn.edu.xmu.plainart.controller.AuthenticationInterceptor" />
</mvc:interceptor>
</mvc:interceptors>
<!--
<mvc:resources mapping="/resources/**" location="/resources/theme_default/" />
-->
<mvc:resources mapping="/resources/**" location="/resources/" />
<bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver">
<!-- one of the properties available; the maximum file size in bytes -->
<property name="maxUploadSize" value="100000000"/>
</bean>
<bean id="viewResolver"
class="org.springframework.web.servlet.view.InternalResourceViewResolver" >
<property name="prefix">
<value>/jsp/</value>
</property>
<property name="suffix">
<value>.jsp</value>
</property>
</bean>
</beans>
editorController.java
#Controller
#RequestMapping("/do/editor")
public class EditorController {
#Autowired
private UploadService uploadService;
#Autowired
private InformationService infoService;
#RequestMapping(value ="/submitArticle", method =RequestMethod.POST)
public #ResponseBody
String submitArticle(#ModelAttribute("article") Article article,BindingResult result,HttpServletRequest request){
Editor editor = (Editor) request.getAttribute("LOGGEDIN_USER");
article.setAuthor(editor);
Position pos = new Position("index",10.0);
pos.appendInfo(article);
article.setPos(pos);
ServletContext context = request.getServletContext();
article = uploadService.uploadArticleInfo(article);
String path = uploadService.uploadArticle(article.getTitle()+article.getId(), article.getContent(),context);
System.out.println(path);
return path;
}
#RequestMapping(value="/submitAd",method = RequestMethod.POST)
public #ResponseBody
String submitAd(#ModelAttribute("ad")Advertisement ad,BindingResult result,#RequestParam("pic") MultipartFile file,HttpServletResponse response, HttpServletRequest request,HttpSession session) throws IllegalStateException, IOException, URISyntaxException{
Editor editor = (Editor)session.getAttribute("LOGGEDIN_USER");
ad.setCommitter(editor);
Position pos = new Position("bottom",5.0);
pos.appendInfo(ad);
ad.setPos(pos);
String name ="/uploads/figure/"+file.getOriginalFilename();
name = request.getServletContext().getResource(name).toString();
System.out.println(name);
File tosave = new File(name);
file.transferTo(tosave);
ad.setPic(name);
uploadService.uploadAdInfo(ad);
return name;
}
}
I am using Apache Tomcat 8.0.0-RC3 Server and spring dispatcher servlet. I am getting 403 forbidden while using HTTP PUT method but HTTPGET method is working properly. I am trying to solve this with security constraint but it is giving me 409 conflict error because I am using spring dispatcher servlet and It is not working.But It is working perfect on tomcat 7 .Please help me to get rid of this . This is my web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="2.5" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<display-name>abc</display-name>
<description>ABC Web application</description>
<!-- Enable escaping of form submission contents -->
<context-param>
<param-name>defaultHtmlEscape</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath*:META-INF/spring/applicationContext*.xml</param-value>
</context-param>
<filter>
<filter-name>CharacterEncodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter>
<filter-name>HttpMethodFilter</filter-name>
<filter-class>org.springframework.web.filter.HiddenHttpMethodFilter</filter-class>
</filter>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter>
<filter-name>Spring OpenEntityManagerInViewFilter</filter-name>
<filter-class>org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CharacterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>HttpMethodFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>Spring OpenEntityManagerInViewFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Creates the Spring Container shared by all Servlets and Filters -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- Handles Spring requests -->
<servlet>
<servlet-name>ABC</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>WEB-INF/spring/webmvc-config.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<persistence-unit-ref>
<persistence-unit-ref-name>persistence/persistenceUnit</persistence-unit-ref-name>
<persistence-unit-name>persistenceUnit</persistence-unit-name>
</persistence-unit-ref>
<servlet-mapping>
<servlet-name>ABC</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>10</session-timeout>
</session-config>
<error-page>
<exception-type>java.lang.Exception</exception-type>
<location>/uncaughtException</location>
</error-page>
<error-page>
<error-code>404</error-code>
<location>/resourceNotFound</location>
</error-page>
</web-app>
factory.js
angular.module('cnitch').factory('configFactory', ['$http',
function ($http) {
var urlBase = '/ABC/api/mode';
var urlrootmode = '/ABC/api/mode/host/all/tranx/all';
var configFactory = {};
configFactory.getConfig = function (id) {
return $http.get(urlBase + "/" + id);
};
configFactory.getConfigs = function () {
return $http.get(urlBase);
};
configFactory.getConfignew = function () {
return $http.get(urlrootmode);
};
configFactory.insertConfig = function (configString) {
return $http.post(urlBase, configString);
};
configFactory.updateConfig = function (id, configString) {
return $http.put(urlBase + '/' + id, configString);
};
configFactory.updateConfignew = function (id, configString) {
return $http.put(urlBase, configString);
};
configFactory.deleteConfig = function (id) {
return $http.delete(urlBase + '/' + id);
};
return configFactory;
}
]);
ApplicationContext-security.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:beans="http://www.springframework.org/schema/beans" xmlns="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<!-- HTTP security configurations -->
<http auto-config="true" use-expressions="true">
<form-login login-processing-url="/resources/j_spring_security_check" login-page="/login" authentication-failure-url="/login?login_error=t" />
<logout logout-url="/resources/j_spring_security_logout" />
<!-- Configure these elements to secure URIs in your application -->
<intercept-url pattern="/choices/**" access="hasRole('ROLE_ADMIN')" />
<intercept-url pattern="/member/**" access="isAuthenticated()" />
<intercept-url pattern="/resources/**" access="permitAll" />
<intercept-url pattern="/main/**" access="permitAll" />
<intercept-url pattern="/api/**" access="permitAll" />
<intercept-url pattern="/**" access="permitAll" />
</http>
<!-- Configure Authentication mechanism -->
<authentication-manager alias="authenticationManager">
<!-- SHA-256 values can be produced using 'echo -n your_desired_password |
sha256sum' (using normal *nix environments) -->
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource" users-by-username-query="select username,password, enabled from users where username=?" authorities-by-username-query="select u.username, ur.authority from users u, user_roles ur where u.user_id = ur.user_id and u.username =? " />
</authentication-provider>
</authentication-manager>
</beans:beans>
You should probably confirm the default web.xml located in $TOMCAT_HOME/conf/web.xml.
Make sure the PUT method is removed from the following:
<security-constraint>
<web-resource-collection>
<web-resource-name>restricted methods</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>TRACE</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint/>
This one is tricky - for me at least.Component scan does not seem to work
Here is the web.xml
<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd" >
<web-app>
<display-name>Geomajas GWT face example application</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
classpath:org/geomajas/spring/geomajasContext.xml
classpath:org/geomajas/plugin/rasterizing/DefaultRasterizedPipelines.xml
WEB-INF/applicationContext.xml
<!-- WEB-INF/applicationContext2.xml -->
<!-- WEB-INF/layer*.xml -->
<!-- WEB-INF/map*.xml -->
WEB-INF/layerOsm.xml
WEB-INF/mapOsm.xml
<!-- WEB-INF/applicationContext2.xml -->
</param-value>
</context-param>
<filter>
<filter-name>CacheFilter</filter-name>
<filter-class>org.geomajas.servlet.CacheFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CacheFilter</filter-name>
<url-pattern>*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.geomajas.servlet.PrepareScanningContextListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<servlet>
<servlet-name>GeomajasServiceServlet</servlet-name>
<servlet-class>org.geomajas.gwt.server.GeomajasServiceImpl</servlet-class>
</servlet>
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath*:META-INF/geomajasWebContext.xml</param-value>
<description>Spring Web-MVC specific (additional) context files.</description>
</init-param>
<load-on-startup>3</load-on-startup>
</servlet>
<!-- SpringGwt remote service servlet -->
<servlet>
<servlet-name>springGwtRemoteServiceServlet</servlet-name>
<servlet-class>org.spring4gwt.server.SpringGwtRemoteServiceServlet</servlet-class>
<init-param>
<param-name>contexConfigLocation</param-name>
<param-value>WEB-INF/applicationContext2.xml</param-value>
<description>j</description>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>GeomajasServiceServlet</servlet-name>
<url-pattern>/showcase/geomajasService</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/d/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>springGwtRemoteServiceServlet</servlet-name>
<url-pattern>/showcase/springGwtServices/test</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
</web-app>
And my service :
#Service("test")
public class ProjServiceImpl extends RemoteServiceServlet implements ProjService {
private static final Log LOG = LogFactory.getLog(ProjServiceImpl.class);
#Autowired
PoiCategDAO poiCategDAO;
public String greetServer(String input) throws IllegalArgumentException {
// Verify that the input is valid.
if (!FieldVerifier.isValidName(input)) {
// If the input is not valid, throw an IllegalArgumentException back to
// the client.
throw new IllegalArgumentException(
"Name must be at least 4 characters long");
}
//RequestContextUtils.getWebApplicationContext(request);
// String serverInfo = getServletContext().getServerInfo();
// String userAgent = getThreadLocalRequest().getHeader("User-Agent");
return "Hello, " + input + "!<br><br>I am running .<br><br>It looks like you are using:<br>";
}
#Override
//#Transactional(propagation = Propagation.REQUIRED, rollbackFor = Exception.class)
public void testdao(Integer id) throws IllegalArgumentException {
// TODO Auto-generated method stub
PoiCateg X=poiCategDAO.findById(id);
PoiCateg z=poiCategDAO.findById(id);
}
}
And applicaationContext2.xml
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:aop="http://www.springframework.org/schema/aop" xmlns:context="http://www.springframework.org/schema/context"
xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
<context:annotation-config />
<tx:annotation-driven transaction-manager="transactionManager" />
<context:component-scan base-package="ne.projl.*" />
<!-- <context:component-scan base-package="FULLY QUALIFIED" /> -->
<bean class="org.springframework.orm.jpa.LocalEntityManagerFactoryBean" id="entityManagerFactory">
<property name="persistenceUnitName" value="MyPUnit" />
</bean>
<bean class="org.springframework.orm.jpa.JpaTransactionManager" id="transactionManager">
<property name="entityManagerFactory" ref="entityManagerFactory" />
</bean>
</beans>
Please note that if i put context:component-scan in applicationContext.xml ( not applicatinContext2.xml my service bean is detected. ). If there's other info i should provide do tell.
If I remember correctly, base package in component scan only requires a package name. Then all underlying sub-package will be included.
Therefore the correct setting should be
<context:component-scan base-package="ne.projl" />
There could be many reason, one common reason is you created your #Component class under wrong package.
As your context scanning config set the Class has to be under this package
<context:component-scan base-package="ne.projl.*" />
Posting the exception (if any) would provide more insight in to the issue for everyone here. Looks to me like a visibility problem.
If you are referencing to a component that is scanned in your applicationContext2, in one of your components that is loaded via contextConfigLocation, obviously it wont be visible.
.check this link for more info on visibility of application context
. I could not add a comment to the question..so i have posted my observations as answer.. Sorry for that
I am not sure but does not your web.xml says this
<!-- WEB-INF/applicationContext2.xml -->
is'nt that commented out ?
are you doing an import resource of applicationContext2 in applicationContext.xml file ?
as the title implies I experience slight problems with a simple Spring Security Test. This is my project structure (maven webapp 2.5):
main
java
de
cochu
spring
controller
HomeController
webapp
WEB-INF
jsp
home.jsp
index.jsp
security-context.xml
spring-servlet.xml
web.xml
The web.xml:
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/security-context.xml
</param-value>
</context-param>
<filter>
<filter-name>filterChainProxy</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>filterChainProxy</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>spring</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>spring</servlet-name>
<url-pattern>/spring/*</url-pattern>
</servlet-mapping>
spring-servlet.xml
<context:annotation-config/>
<context:component-scan base-package="de.cochu.spring.controller"/>
<bean id="internalViewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/>
<property name="prefix" value="/WEB-INF/jsp/"/>
<property name="suffix" value=".jsp"/>
</bean>
security-context.xml
<security:http auto-config="true" use-expressions="true">
<security:intercept-url pattern="/**" access="ROLE_USER"/>
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="test" password="test" authorities="ROLE_USER"/>
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
HomeController.java
#Controller
#RequestMapping( "/" )
public class HomeController {
#RequestMapping( method = RequestMethod.GET )
public String show() {
return "index";
}
#RequestMapping( value = "/secure", method = RequestMethod.GET )
public String secure() {
return "home";
}
}
The exact problem: No login form or whatsoever is opening. It just displays the page. I tried almost every url-pattern combination/intercept-url combination, but no reaction. What is wrong?
The FilterChainProxy bean is registered with the alias springSecurityFilterChain so try modifying your web.xml and change this
<filter>
<filter-name>filterChainProxy</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
to this
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
That's the config I usually use (using spring security 3.1.0.RELEASE)
I am following this article to implement spring security in my GAE project http://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/
I could not make it work, URLs that i have configured to be protected are not getting protected and application is not redirecting me to google log in page. Here is my web.xml and security-config.xml. Please help, as i have already spent lot of time on this. I think there is some small issue which i am unable to catch.
web.xml
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/security-config.xml
</param-value>
</context-param>
<!-- Enables Spring Security -->
<filter>
<filter-name>authenticationFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<!-- Reads request input using UTF-8 encoding -->
<filter>
<filter-name>characterEncodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>authenticationFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>characterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>controller</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>controller</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
security-config.xml
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<security:http pattern="/static/**" security="none" />
<security:http pattern="/favicon.ico" security="none" />
<security:http use-expressions="true" entry-point-ref="entryPoint"
access-denied-page="/">
<security:intercept-url pattern="/" access="isAuthenticated()" />
<security:intercept-url pattern="/sample"
access="isAuthenticated()" />
<security:custom-filter position="PRE_AUTH_FILTER"
ref="authenticationFilter" />
</security:http>
<bean id="entryPoint"
class="com.generic.gae.security.GoogleAccountsAuthenticationEntryPoint" />
<bean id="authenticationFilter" class="com.generic.gae.security.GaeAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager" />
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider
ref="authenticationProvider" />
</security:authentication-manager>
<bean id="authenticationProvider"
class="com.generic.gae.security.GoogleAccountsAuthenticationProvider" />
Thanks
authenticationFilter defined in security-config.xml is not the one you use in web.xml. Spring Security by default makes the filter bean available to you with name springSecurityFilterChain. So your filter declaration in web.xml should be:
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
...
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
See section 2.2 of page Security Namespace Configuration