WEB.XML
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
metadata-complete="true" version="2.5">
<context-param>
<param-name>oauth.data.provider-class</param-name>
<param-value>demo.oauth.server.controllers.SampleOAuthDataProvider</param-value>
</context-param>
<filter>
<filter-name>oauthFilter</filter-name>
<filter-class>org.apache.cxf.rs.security.oauth.filters.OAuthServletFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>oauthFilter</filter-name>
<url-pattern>/auth/resources/person/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>oauthSpringFilter</filter-name>
<filter-class>demo.oauth.server.spring.SpringOAuthAuthenticationFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>oauthSpringFilter</filter-name>
<url-pattern>/auth/resources/person/*</url-pattern>
</filter-mapping>
<!-- **************** Spring configuration *****************-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/*-beans.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>spring</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>spring</servlet-name>
<url-pattern>/app/*</url-pattern>
</servlet-mapping>
<!-- **************** CXF configuration *****************-->
<servlet>
<servlet-name>CXFServlet</servlet-name>
<servlet-class>
org.apache.cxf.transport.servlet.CXFServlet
</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>CXFServlet</servlet-name>
<url-pattern>/auth/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>
OathBean.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sec="http://cxf.apache.org/configuration/security"
xmlns:http="http://cxf.apache.org/transports/http/configuration"
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
xmlns:jaxws="http://java.sun.com/xml/ns/jaxws" xmlns:jaxrs="http://cxf.apache.org/jaxrs"
xsi:schemaLocation="http://cxf.apache.org/configuration/security
http://cxf.apache.org/schemas/configuration/security.xsd
http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://cxf.apache.org/transports/http-jetty/configuration
http://cxf.apache.org/schemas/configuration/http-jetty.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://cxf.apache.org/jaxrs http://cxf.apache.org/schemas/jaxrs.xsd">
<import resource="classpath:META-INF/cxf/cxf.xml"/>
<import resource="classpath:META-INF/cxf/cxf-servlet.xml"/>
<!-- Publish OAuth endpoints-->
<jaxrs:server id="oauthServer" address="/oauth/">
<jaxrs:serviceBeans>
<ref bean="oauthServices"/>
</jaxrs:serviceBeans>
<jaxrs:providers>
<ref bean="dispatchProvider"/>
</jaxrs:providers>
</jaxrs:server>
<!--Definitions of OAuth module endpoints-->
<bean id="oauthServices"
class="org.apache.cxf.rs.security.oauth.services.OAuthDefaultServices"/>
<!--Redirects from Resource Owner Authorization Endpoint to sign in page-->
<bean id="dispatchProvider" class="org.apache.cxf.jaxrs.provider.RequestDispatcherProvider">
<property name="resourcePath" value="/oAuthLogin.jsp"/>
</bean>
<!-- Endpoint serves OAuth protected resource -->
<jaxrs:server id="resourceServer" address="/resources/">
<jaxrs:serviceBeans>
<ref bean="resource"/>
</jaxrs:serviceBeans>
<jaxrs:providers>
<ref bean="springSecurityExceptionMapper"/>
</jaxrs:providers>
</jaxrs:server>
<bean id="springSecurityExceptionMapper"
class="demo.oauth.server.spring.SpringSecurityExceptionMapper"/>
<!-- Resource Provider -->
<bean id="resource" class="demo.oauth.server.SampleResourceProvider"/>
</beans>
Security.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<beans:bean id="authenticationSuccHandler"
class="demo.oauth.server.spring.AuthenticationSuccessfullHandler">
<beans:property name="defaultTargetUrl" value="/app/newClientForm.jsp"/>
<beans:property name="confirmationUrl" value="/auth/oauth/authorize/decision"/>
</beans:bean>
<beans:bean id="authenticationFailHandler"
class="demo.oauth.server.spring.AuthenticationFailureHandler">
<beans:property name="authorizeUrl" value="/auth/oauth/authorize"/>
</beans:bean>
<global-method-security secured-annotations="enabled" jsr250-annotations="enabled"/>
<beans:bean id="entryPoint" class="demo.oauth.server.CustomAuth">
<beans:property name="loginFormUrl" value="/index.jsp"/>
</beans:bean>
<http auto-config="false" entry-point-ref="entryPoint">
<intercept-url pattern="/oAuthLogin.jsp" filters="none"/>
<intercept-url pattern="/index.jsp" filters="none"/>
<intercept-url pattern="/" filters="none"/>
<intercept-url pattern="/favicon.ico" filters="none"/>
<intercept-url pattern="/auth/oauth/**" filters="none"/>
<intercept-url pattern="/auth/resources/**" filters="none"/>
<intercept-url pattern="/**" access="ROLE_USER"/>
<form-login authentication-success-handler-ref="authenticationSuccHandler"
authentication-failure-handler-ref="authenticationFailHandler" login-page="/index.jsp"
authentication-failure-url="/auth/oauth/authorize"
default-target-url="/app/newClientForm.jsp"/>
<logout invalidate-session="true" logout-url="/logout.htm"
logout-success-url="/login.jsp?loggedout=true"/>
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="user1" password="1111" authorities="ROLE_USER"/>
<user name="user2" password="2222" authorities="ROLE_USER"/>
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
Spring-servlet.xml
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">
<mvc:annotation-driven/>
<context:annotation-config/>
<context:component-scan base-package="demo.oauth.server.controllers"/>
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/views/"/>
<property name="suffix" value=".jsp"/>
</bean>
</beans>
ERROR LOG
13:21:40,882 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/server]] (MSC service thread 1-2) Exception starting filter springSecuri
tyFilterChain: org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'springSecurityFilterChain' is defined
at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanDefinition(DefaultListableBeanFactory.java:504) [spring-beans-3.0.0.RELEA
SE.jar:]
at org.springframework.beans.factory.support.AbstractBeanFactory.getMergedLocalBeanDefinition(AbstractBeanFactory.java:1041) [spring-beans-3.0.0.RELEASE
.jar:]
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:273) [spring-beans-3.0.0.RELEASE.jar:]
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193) [spring-beans-3.0.0.RELEASE.jar:]
at org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1008) [spring-context-3.0.0.RELEASE.jar:]
at org.springframework.web.filter.DelegatingFilterProxy.initDelegate(DelegatingFilterProxy.java:217) [spring-web-3.0.0.RELEASE.jar:]
at org.springframework.web.filter.DelegatingFilterProxy.initFilterBean(DelegatingFilterProxy.java:145) [spring-web-3.0.0.RELEASE.jar:]
at org.springframework.web.filter.GenericFilterBean.init(GenericFilterBean.java:179) [spring-web-3.0.0.RELEASE.jar:]
at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:447) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3245) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
at org.apache.catalina.core.StandardContext.start(StandardContext.java:3836) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
at org.jboss.as.web.deployment.WebDeploymentService.start(WebDeploymentService.java:70) [jboss-as-web-7.0.2.Final.jar:7.0.2.Final]
at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1824)
at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1759)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [:1.6.0_18]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [:1.6.0_18]
at java.lang.Thread.run(Thread.java:619) [:1.6.0_18]
13:21:40,929 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/server]] (MSC service thread 1-2) Exception starting filter oauthFilter:
java.lang.NoClassDefFoundError: javax/ws/rs/NotAuthorizedException
at org.apache.cxf.rs.security.oauth.filters.OAuthServletFilter.init(OAuthServletFilter.java:50) [cxf-rt-rs-security-oauth-2.7.4.jar:]
at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:447) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3245) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
at org.apache.catalina.core.StandardContext.start(StandardContext.java:3836) [jbossweb-7.0.1.Final.jar:7.0.2.Final]
at org.jboss.as.web.deployment.WebDeploymentService.start(WebDeploymentService.java:70) [jboss-as-web-7.0.2.Final.jar:7.0.2.Final]
at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1824)
at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1759)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [:1.6.0_18]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [:1.6.0_18]
at java.lang.Thread.run(Thread.java:619) [:1.6.0_18]
Caused by: java.lang.ClassNotFoundException: javax.ws.rs.NotAuthorizedException from [Module "deployment.server.war:main" from Service Module Loader]
at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:191)
at org.jboss.modules.ConcurrentClassLoader.performLoadClassChecked(ConcurrentClassLoader.java:361)
at org.jboss.modules.ConcurrentClassLoader.performLoadClassChecked(ConcurrentClassLoader.java:333)
at org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:310)
at org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:103)
... 10 more
13:21:40,960 ERROR [org.apache.catalina.core.StandardContext] (MSC service thread 1-2) Error filterStart
13:21:40,976 ERROR [org.apache.catalina.core.StandardContext] (MSC service thread 1-2) Context [/server] startup failed due to previous errors
13:21:40,976 INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/server]] (MSC service thread 1-2) Closing Spring root WebApplicationCont
ext
13:21:40,992 INFO [org.springframework.web.context.support.XmlWebApplicationContext] (MSC service thread 1-2) Closing Root WebApplicationContext: startup date
[Sat Jul 20 13:21:40 IST 2013]; root of context hierarchy
13:21:40,992 INFO [org.springframework.beans.factory.support.DefaultListableBeanFactory] (MSC service thread 1-2) Destroying singletons in org.springframework.
beans.factory.support.DefaultListableBeanFactory#ccc96: defining beans []; root of factory hierarchy
13:21:40,992 INFO [org.jboss.web] (MSC service thread 1-2) registering web context: /server
13:21:41,007 ERROR [org.jboss.as] (MSC service thread 1-3) JBoss AS 7.0.2.Final "Arc" started (with errors) in 5803ms - Started 337 of 397 services (3 services
failed or missing dependencies, 57 services are passive or on-demand)
13:21:41,038 INFO [org.jboss.as.server.controller] (DeploymentScanner-threads - 2) Deployed "server.war"
I'm using using maven spring, and trying to run an authorization for this. It's built successfully, but when I deploy it on the server, server jboss7 it give the above error. Any ideas?
I would first address the NoClassDefFoundError, see the bottom of your stack trace:
java.lang.NoClassDefFoundError: javax/ws/rs/NotAuthorizedException
Seems like you're missing the library JAX-RS in the classpath. Add it as dependency via Maven and see what comes up next.
Related
I am trying custom filter with oauth authentication using spring security DelegatingFilterProxy below is my configuration
Web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<!-- The definition of the Root Spring Container shared by all Servlets
and Filters -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/root-context.xml</param-value>
</context-param>
<!-- Creates the Spring Container shared by all Servlets and Filters -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- Processes application requests -->
<servlet>
<servlet-name>appServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/servlet-context.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<session-config>
<session-timeout>30</session-timeout>
</session-config>
<servlet-mapping>
<servlet-name>appServlet</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>/index.html</welcome-file>
</welcome-file-list>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
servlet-context.xml
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:context="http://www.springframework.org/schema/context"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:sec="http://www.springframework.org/schema/security" xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-4.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/security/oauth2
http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd">
<!-- DispatcherServlet Context: defines this servlet's request-processing
infrastructure -->
<!-- Enables the Spring MVC #Controller programming model -->
<!-- <mvc:resources mapping="/" location="/index.html" /> -->
<mvc:resources mapping="/js/**" location="/assets/js/" />
<mvc:resources mapping="/css/**" location="/assets/css/" />
<mvc:resources mapping="/templates/**" location="/assets/templates/" />
<mvc:resources mapping="/lib/**" location="/assets/lib/" />
<mvc:resources mapping="/lib/css/**" location="/assets/lib/css/" />
<mvc:resources mapping="/lib/js/**" location="/assets/lib/js/" />
<mvc:resources mapping="/lib/fonts/**" location="/assets/lib/fonts/" />
<mvc:resources mapping="/img/**" location="/assets/img/" />
<mvc:annotation-driven />
<mvc:default-servlet-handler />
<sec:http pattern="/template/**" security="none"></sec:http>
<sec:http pattern="/css/**" security="none"></sec:http>
<sec:http pattern="/js/**" security="none"></sec:http>
<sec:http pattern="/lib/**" security="none"></sec:http>
<sec:http pattern="/lib/css/**" security="none"></sec:http>
<sec:http pattern="/lib/js/**" security="none"></sec:http>
<sec:http pattern="/lib/fonts/**" security="none"></sec:http>
<sec:http pattern="/img/**" security="none"></sec:http>
<sec:http entry-point-ref="oAuth2AuthenticationEntryPoint">
<sec:anonymous enabled="false"></sec:anonymous>
<sec:custom-filter ref="oAuth2Filter" after="SECURITY_CONTEXT_FILTER"></sec:custom-filter>
<sec:intercept-url pattern="/**" access="ROLE_USER"></sec:intercept-url>
</sec:http>
<sec:authentication-manager alias="upmAuthenticationManager"></sec:authentication-manager>
<!-- Configure to plugin JSON as request and response in method handler -->
<bean
class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter">
<property name="messageConverters">
<list>
<ref bean="jsonMessageConverter" />
</list>
</property>
</bean>
<bean id="oAuth2AuthenticationEntryPoint" class="com.upm.oAuth.OAuthAuthenticationEntryPoint">
<constructor-arg value="/index.html"></constructor-arg>
</bean>
<bean id="oAuthEnd" name="oAuthEnd" class="com.upm.oAuth.OAuthEndServlet">
<property name="oAuth2Filter" ref="oAuth2Filter" />
</bean>
<bean id="oAuth2Filter" class="com.upm.oAuth.OAuth2Filter">
<property name="clientID" value="xxx" />
<property name="clientSecret" value="xxx" />
<property name="serviceURL" value="https://" />
</bean>
<bean
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="location">
<value>classpath:database.properties</value>
</property>
</bean>
<!-- Configure bean to convert JSON to POJO and vice versa -->
<bean id="jsonMessageConverter"
class="org.springframework.http.converter.json.MappingJackson2HttpMessageConverter">
</bean>
The application got deployed successfully and when trying to access the below URL. I am getting the Exception
http://localhost:8082/contex-path/index.html or
http://localhost:8082/contex-path
Exception
INFO: Starting ProtocolHandler ["http-bio-8082"]
Exception in thread "http-bio-8082-exec-1" java.lang.StackOverflowError
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:246)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
Could anyone please help me on the issue?
my jsps are under views,
web.xml :
<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd" >
<web-app>
<display-name>Spring-MVC-Security</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/servletDispatcher-servlet.xml,/WEB-INF/spring-security.xml
</param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>servletDispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>servletDispatcher</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>login</welcome-file>
</welcome-file-list>
</web-app>
servletDispatcher-servlet.xml :
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.2.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.2.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd">
<mvc:annotation-driven/>
<!-- <mvc:default-servlet-handler/> -->
<context:component-scan base-package="com.spring.controller"></context:component-scan>
<context:component-scan base-package="com.spring.util"></context:component-scan>
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/views/"/>
<property name="suffix" value=".jsp"/>
</bean>
</beans>
spring-security.xml :
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd">
<security:http auto-config="true" use-expressions="true">
<security:intercept-url pattern="/login" access="permitAll" />
<security:intercept-url pattern="/logout" access="permitAll" />
<security:intercept-url pattern="/accessdenied" access="permitAll" />
<security:intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
<security:form-login login-page="/login" default-target-url="/list" authentication-failure-url="/accessdenied" />
<security:logout logout-success-url="/logout" />
</security:http>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider>
<security:user-service>
<security:user name="lokesh" password="password" authorities="ROLE_USER" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
</beans>
Controller :
package com.spring.controller;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
#Controller
public class LoginController {
#RequestMapping({"/","/login"})
public String login()
{
return "login";
}
}
When I am trying to hit
http://localhost:8080/Spring-MVC-Security/ ,
url is getting redirected to
http://localhost:8080/Spring-MVC-Security/login
but I am getting 404 error from tomcat and getting following warning at the console:
Jan 13, 2014 12:03:41 PM org.springframework.web.servlet.DispatcherServlet noHandlerFound
WARNING: No mapping found for HTTP request with URI [/Spring-MVC-Security/WEB-INF/views/login.jsp] in DispatcherServlet with name 'servletDispatcher'
It seems like servletDispatcher is hit again after view resolution.
Please advise. Thanks
First off, you're loading the servletDispatcher context twice. The dispatcher servlet will automatically discover the /WEB-INF/servletDispatcher-servlet.xml file based on conventions - so this does not need to be specified in the contextConfigLocation
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
<!-- Remove servletDispatcher-servlet.xml -->
/WEB-INF/spring-security.xml
</param-value>
</context-param>
Try changing your dispatcher servlet mapping from /* to /
<servlet-mapping>
<servlet-name>servletDispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
Also - since your login controller is not doing anything other than returning the login view, you could replace it with a view controller.
<mvc:view-controller path="/login" />
I have a problem with my spring security/hibernate app, which i can't resolve, since i'm new to spring and also hibernate.
Here's my problem:
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'userAccountService': Injection of persistence dependencies failed; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No unique bean of type [javax.persistence.EntityManagerFactory] is defined: expected single bean but found 0:
at org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor.postProcessPropertyValues(PersistenceAnnotationBeanPostProcessor.java:343)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1120)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:522)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:461)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:295)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:223)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:292)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:194)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:607)
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:932)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:479)
at org.springframework.web.servlet.FrameworkServlet.configureAndRefreshWebApplicationContext(FrameworkServlet.java:647)
at org.springframework.web.servlet.FrameworkServlet.createWebApplicationContext(FrameworkServlet.java:598)
at org.springframework.web.servlet.FrameworkServlet.createWebApplicationContext(FrameworkServlet.java:661)
at org.springframework.web.servlet.FrameworkServlet.initWebApplicationContext(FrameworkServlet.java:517)
at org.springframework.web.servlet.FrameworkServlet.initServletBean(FrameworkServlet.java:458)
at org.springframework.web.servlet.HttpServletBean.init(HttpServletBean.java:138)
at javax.servlet.GenericServlet.init(GenericServlet.java:241)
at org.mortbay.jetty.servlet.ServletHolder.initServlet(ServletHolder.java:440)
at org.mortbay.jetty.servlet.ServletHolder.doStart(ServletHolder.java:263)
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at org.mortbay.jetty.servlet.ServletHandler.initialize(ServletHandler.java:736)
at org.mortbay.jetty.servlet.Context.startContext(Context.java:140)
at org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1282)
at org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java:518)
at org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java:499)
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java:130)
at org.mortbay.jetty.Server.doStart(Server.java:224)
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at runjettyrun.Bootstrap.main(Bootstrap.java:97)
2013-04-15 14:39:30.076:INFO::Started SelectChannelConnector#0.0.0.0:8080
I can't figure out what's the problem there. I have googled it and tried some solutions that may have helped others, but my error keeps poping up. Since i'm new to spring it's probably some simple error i'm making in my code. :)
web.xml
<web-app id="WebApp_ID" version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/applicationContext-security.xml</param-value>
<param-value>/WEB-INF/applicationContext.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<welcome-file-list>
<welcome-file>jsp/index.jsp</welcome-file>
</welcome-file-list>
</web-app>
applicationContext.xml
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd">
<mvc:annotation-driven />
<http auto-config="true">
<form-login login-page="/login" default-target-url="/" authentication-failure-url="/loginfailed" />
<logout logout-success-url="/logout" />
<intercept-url pattern="/admin" access="ROLE_ADMIN" />
<intercept-url pattern="/" access="ROLE_USER,ROLE_ADMIN" />
</http>
<beans:bean id="loginService" class="fishpoop.services.LoginService" />
<authentication-manager>
<authentication-provider user-service-ref="loginService">
</authentication-provider>
</authentication-manager>
</beans:beans>
hibernateContext.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:p="http://www.springframework.org/schema/p"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-3.1.xsd">
<context:property-placeholder location="/WEB-INF/jdbc.properties" />
<tx:annotation-driven transaction-manager="transactionManager" />
<!-- Declare a datasource that has pooling capabilities-->
<bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource"
destroy-method="close"
p:driverClass="${jdbc.driverClassName}"
p:jdbcUrl="${jdbc.url}"
p:user="${jdbc.username}"
p:password="${jdbc.password}"
p:acquireIncrement="5"
p:idleConnectionTestPeriod="60"
p:maxPoolSize="100"
p:maxStatements="50"
p:minPoolSize="10" />
<!-- Declare a JPA entityManagerFactory-->
<bean id="entityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean" >
<property name="persistenceXmlLocation" value="classpath*:META-INF/persistence.xml"></property>
<property name="persistenceUnitName" value="hibernatePersistenceUnit" />
<property name="dataSource" ref="dataSource"/>
<property name="jpaVendorAdapter">
<bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter" >
<property name="showSql" value="true"/>
</bean>
</property>
</bean>
<!-- Declare a transaction manager-->
<bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager">
<property name="entityManagerFactory" ref="entityManagerFactory" />
</bean>
</beans>
UserAccountService.java
package fishpoop.services;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;
import javax.persistence.Query;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import fishpoop.model.UserAccount;
#Service("userAccountService")
#Transactional
public class UserAccountService {
private EntityManager entityManager;
#PersistenceContext
public void setEntityManager(EntityManager entityManager){
this. entityManager = entityManager;
}
public UserAccount get(Integer id)
{
Query query = entityManager.createQuery("FROM user_account as ua WHERE ua.id="+id);
return (UserAccount) query.getSingleResult();
}
public UserAccount get(String username)
{
Query query = entityManager.createQuery("FROM user_account as ua WHERE ua.username='"+username+"'");
return (UserAccount) query.getSingleResult();
}
public void add(UserAccount userAccount)
{
entityManager.persist(userAccount);
}
}
Can anybody help me with this error?
It seems that you you have files name mismatch here:
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/applicationContext-security.xml</param-value>
<param-value>/WEB-INF/applicationContext.xml</param-value>
In contracts, you have mentioned applicationContext.xml and hibernateContext.xml
Anyway param-value should only appear once such as:
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/hibernateContext.xml /WEB-INF/applicationContext.xml
</param-value>
Note the space between the two values inside param-value tag
The fact that Spring is booted, and located your Service class (via <mvc:annotation-driven />) suggests that it's using the first xml file , but not the second one
I am trying to use OpenEntityManageInViewFilter, but I keep having the LazyInitializationException. People had similar problems when having the EntityManager initialized twice - but that seems not to be my case. In the exception log I can see, that the Filter is correctly firing.
web.xml:
<web-app version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<servlet>
<servlet-name>web-application</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>web-application</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>WEB-INF/web-application-servlet.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<filter>
<filter-name>openEntityManageInViewFilter</filter-name>
<filter-class>org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>openEntityManageInViewFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
web-application-servlet.xml
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-3.1.xsd">
<import resource="classpath:applicationContext.xml"/>
<context:property-placeholder location="classpath:application.properties"/>
<bean id="viewResolver" class="org.springframework.web.servlet.view.freemarker.FreeMarkerViewResolver">
<property name="viewNames" value="*" />
<property name="cache" value="false"/>
<property name="prefix" value=""/>
<property name="suffix" value=".ftl"/>
<property name="exposeSpringMacroHelpers" value="false"/>
</bean>
<bean id="handlerAdapter" autowire="byType" class="org.maite.controller.router.HandlerAdapter" />
<bean id="handlerMapping" autowire="byType" class="org.maite.controller.router.HandlerMapping" />
</beans>
applicationContext.xml
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-3.1.xsd">
<tx:annotation-driven />
<context:annotation-config/>
<context:spring-configured/>
<bean id="entityManagerFactory"
class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
<property name="persistenceUnitName" value="persistenceUnit"/>
</bean>
<bean class="org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor" />
</beans>
And the exception (you can see that the OpenEntityManagerInView takes part of the stack trace):
org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.hibernate.LazyInitializationException: failed to lazily initialize a collection of role: org.goout.model.Event.schedule, no session or session was closed
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:894)
org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:778)
javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter.doFilterInternal(OpenEntityManagerInViewFilter.java:147)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
root cause
org.hibernate.LazyInitializationException: failed to lazily initialize a collection of role: org.goout.model.Event.schedule, no session or session was closed
org.hibernate.collection.internal.AbstractPersistentCollection.throwLazyInitializationException(AbstractPersistentCollection.java:393)
org.hibernate.collection.internal.AbstractPersistentCollection.throwLazyInitializationExceptionIfNotConnected(AbstractPersistentCollection.java:385)
org.hibernate.collection.internal.AbstractPersistentCollection.initialize(AbstractPersistentCollection.java:378)
org.hibernate.collection.internal.AbstractPersistentCollection.read(AbstractPersistentCollection.java:112)
org.hibernate.collection.internal.PersistentSet.toArray(PersistentSet.java:188)
java.util.ArrayList.<init>(ArrayList.java:151)
freemarker.template.SimpleSequence.<init>(SimpleSequence.java:162)
freemarker.template.DefaultObjectWrapper.wrap(DefaultObjectWrapper.java:117)
freemarker.template.WrappingTemplateModel.wrap(WrappingTemplateModel.java:134)
freemarker.template.SimpleHash.get(SimpleHash.java:224)
freemarker.core.Dot._getAsTemplateModel(Dot.java:76)
freemarker.core.Expression.getAsTemplateModel(Expression.java:89)
freemarker.core.IteratorBlock.accept(IteratorBlock.java:94)
freemarker.core.Environment.visit(Environment.java:221)
freemarker.core.MixedContent.accept(MixedContent.java:92)
freemarker.core.Environment.visit(Environment.java:221)
freemarker.core.Environment.visit(Environment.java:310)
freemarker.core.BlockAssignment.accept(BlockAssignment.java:83)
freemarker.core.Environment.visit(Environment.java:221)
freemarker.core.MixedContent.accept(MixedContent.java:92)
freemarker.core.Environment.visit(Environment.java:221)
freemarker.core.Environment.process(Environment.java:199)
freemarker.template.Template.process(Template.java:237)
org.springframework.web.servlet.view.freemarker.FreeMarkerView.processTemplate(FreeMarkerView.java:366)
org.springframework.web.servlet.view.freemarker.FreeMarkerView.doRender(FreeMarkerView.java:283)
org.springframework.web.servlet.view.freemarker.FreeMarkerView.renderMergedTemplateModel(FreeMarkerView.java:233)
org.springframework.web.servlet.view.AbstractTemplateView.renderMergedOutputModel(AbstractTemplateView.java:167)
org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:262)
org.maite.DispatcherServlet.doService(DispatcherServlet.java:38)
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:882)
org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:778)
javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter.doFilterInternal(OpenEntityManagerInViewFilter.java:147)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
You have the same problem as described in this question, which means you have 2 EntityManager beans - this is causing the confusion.
Basically you need to remove the
<import resource="classpath:applicationContext.xml"/>
from web-application-context.ml, partition your beans such that web-tier and application beans are in separate context files and make sure your component scan in each picks up the correct beans. This might require moving classes into different packages, difficult to advise without more information about the structure of your project.
Finally reference both contexts from web.xml
Could you please provide your DAO class which is unable to initialize the collection of another DAO class?
Try to put these parameters in the web.xml in filter.
<init-param>
<param-name>entityManagerFactoryBeanName</param-name>
<param-value>entityManagerFactory</param-value>
</init-param>
It's seems so easy to use spring security following a tutorial, but when I try to do the same with this app I can get it to work (I must admit that I haven't written ) .
/-----------------Edit-------------------/
Now with the help of some great people, I finally got the application to ask the user to authenticate himself,but now I've run into a new problem: When I try to access the application using one of the users listed below(applicationContext-security.xml), I get this message :
Here's web.xml code:
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/applicationContext-security.xml</param-value>
</context-param>
<welcome-file-list>
<welcome-file>redirect.jsp</welcome-file>
</welcome-file-list>
<error-page>
<error-code>403</error-code>
<location>/sinacceso.jsp</location>
</error-page>
</web-app>
context.xml :
<?xml version="1.0" encoding="UTF-8"?>
<Context antiJARLocking="true" path="/Test01"/>
dispatcher-servlet.xml:
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<!-- GENERALES -->
<bean id="viewResolver"
class="org.springframework.web.servlet.view.UrlBasedViewResolver">
<property name="viewClass"
value="org.springframework.web.servlet.view.tiles2.TilesView" />
</bean>
<bean id="tilesConfigurer"
class="org.springframework.web.servlet.view.tiles2.TilesConfigurer">
<property name="definitions">
<list>
<value>/WEB-INF/tiles.xml</value>
</list>
</property>
</bean>
<bean name="/index.htm" class="paginas.index"/>
<bean name="secure/villancicos.htm" class="paginas.villancicos"/>
<bean name="secure/administracion.htm" class="paginas.administracion"/>
</beans>
applicationContext-security.xml:
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<http>
<intercept-url pattern="/index.htm" filters="none" />
<intercept-url pattern="/secure/administracion.htm" access="ROLE_SUPERVISOR" />
<intercept-url pattern="/secure/**" access="ROLE_USER" />
<form-login />
<anonymous />
<http-basic />
<logout logout-success-url="/index.htm" />
</http>
<authentication-manager alias="myAuthenticationManager">
<authentication-provider>
<password-encoder hash="md5"/>
<user-service>
<user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
<user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" />
<user name="scott" password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" />
<user name="peter" password="22b5c9accc6e1ba628cedc63a72d57f8" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
This application is currently using spring 2.5 with spring-security-2.0.4 (the same version from the tutorial I've been following).
Have you tried what the error suggests and added an alias attribute to your authentication-manager? Something like:
<authentication-manager alias="myAuthenticationManager">
<authentication-provider>
...