Struts2 and BlazeDS on Spring3 - spring

I would like to configure settings both blazeds and Struts2 running on springframework at the same time.
I configured web.xml like below. But one works another doesn't work.
Becaouse Struts2 filters AMF protocol.
If I comment out one of them, It works property. vice versa.
Is there any way to configure struts2 settings to work both?
web.xml
<!-- Struts2 Settings
<filter>
<filter-name>struts2</filter-name>
<filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
<init-param>
<param-name>struts.devMode</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
-->
<!-- Flex Settings -->
<listener>
<listener-class>flex.messaging.HttpFlexSession</listener-class>
</listener>
<!-- MessageBroker Servlet -->
<servlet>
<servlet-name>MessageBrokerServlet</servlet-name>
<display-name>MessageBrokerServlet</display-name>
<servlet-class>flex.messaging.MessageBrokerServlet</servlet-class>
<init-param>
<param-name>services.configuration.file</param-name>
<param-value>/WEB-INF/flex/services-config.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>MessageBrokerServlet</servlet-name>
<url-pattern>/messagebroker/*</url-pattern>
</servlet-mapping>
For Devlopment
JDK1.6
Spring3.0.1
Tomcat6.0
Flex4.6

You could exclude some patterns from Struts2 filter. Define struts.action.excludePattern constant in your struts.xml file.
<constant name="struts.action.excludePattern" value=".*unfiltered.*,.*\\.nofilter"/>

Related

Spring MVC make a rest controller without suffix in URL. My other controllers need to have suffix

I am running a Spring Project which is a combination of Spring MVC and Spring boot. Its configuration has set all the controllers must need to use .html in the URL suffix. Now I need to connect with a third party that shared a predefined URL that I have to make where URL does not have any suffixes.
My system URL https://mysystem.com/api/urls.html
I need to have https://mysystem.com/thrid_party_string
I am facing trouble configuring. Both at the same time. how can I manage?
Note: I cannot change existing controllers since they are already in us for many services.
My web.xml file
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<display-name>test</display-name>
<context-param>
<param-name>webAppRootKey</param-name>
<param-value>webapp.test</param-value>
</context-param>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:applicationContextService.xml</param-value>
</context-param>
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>classpath:log4j.properties</param-value>
</context-param>
<context-param>
<param-name>log4jExposeWebAppRoot</param-name>
<param-value>false</param-value>
</context-param>
<!-- Creates the Spring Container shared by all Servlets and Filters -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- filter -->
<filter>
<filter-name>Set Character Encoding</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<!-- filter-mapping -->
<filter-mapping>
<filter-name>Set Character Encoding</filter-name>
<url-pattern>*.asx</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>Set Character Encoding</filter-name>
<url-pattern>*.m3u8</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>Set Character Encoding</filter-name>
<url-pattern>*.html</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>Set Character Encoding</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>cors</filter-name>
<filter-class>some.com.CORSFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>cors</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Standard Action Servlet Configuration -->
<servlet>
<servlet-name>spring-mvc-dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:mvc-dispatcher-servlet.xml</param-value>
</init-param>
<load-on-startup>3</load-on-startup>
</servlet>
<!-- Standard Action Servlet Mapping -->
<servlet-mapping>
<servlet-name>spring-mvc-dispatcher</servlet-name>
<url-pattern>*.html</url-pattern>
</servlet-mapping>
<error-page>
<error-code>404</error-code>
<location>/general_error.html</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/general_error_500.html</location>
</error-page>
</web-app>
By using spel(Spring expression language) you can set prefix for each controller
#Controller
#RequestMapping(path = "${apiPrefix}/users")
public class UserController {
}
Then, we simply specify the property value in our application.properties:
apiPrefix=/api
for more information you can see its
documentatihttps://www.baeldung.com/spring-boot-controllers-add-prefixon
Normally if you're the one providing the service, the caller needs to adjust to your URL patterns, not the other way around.
That said... it appears recent servlet specs can have more than one url-pattern. If the desired REST URLs don't have a common pattern of their own, like /api/xxx, you might have to bind the dispatcher to / and expect a lot of URLs that don't match the REST ones or *.html to just produce internal 404 errors

Spring mvc configuration to integrate with a custom SSO authentication

I'm failing to integrate an existing custom Single-sign-on service (for the authentication of my spring mvc application -aka. myApp-).
Once I map the spring DispatcherServlet to "/", myApp skips the authentication process against the SSO application, no matter if there's session or not.
Web.xml (Spring Configuration)
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/mvc-dispatcher-servlet.xml</param-value>
</context-param>
<!-- Spring MVC DispatcherServlet -->
<servlet>
<servlet-name>mvc-dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>mvc-dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
Here is the configuration that I need to integrate in myApp web.xml, to integrate the SSO authentication:
Web.xml (Custom SSO Configuration)
<filter>
<filter-name>SSOAuthenticationFilter</filter-name>
<filter-class>custom.sso.SSOAuthenticationFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SSOAuthenticationFilter</filter-name>
<url-pattern>/WEB-INF/views/*</url-pattern>
</filter-mapping>
<!-- Context Params -->
<context-param>
<param-name>myAppId</param-name>
<param-value>65asd5a4sd65asd65a4sd65asd4</param-value>
</context-param>
<context-param>
<param-name>loginPath</param-name>
<param-value>login.jsp</param-value>
</context-param>
<context-param>
<param-name>ssoAppPath</param-name>
<param-value>http://localhost:8080/SSO_AuthenticationApp</param-value>
</context-param>
<!-- SSO Login Servlet -->
<servlet>
<servlet-name>SSOloginServlet</servlet-name>
<servlet-class>custom.sso.SSOLoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>SSOloginServlet</servlet-name>
<url-pattern>/login</url-pattern>
</servlet-mapping>
<!-- SSO properties (myAppId, ssoAppPath, loginPath) -->
<listener>
<listener-class>custom.sso.SSOPropertiesRetriever</listener-class>
</listener>
How can I configurate spring to let the SSO servlet to do the authentication process?
I was thinking if there's a way of declaring the customSSO servlet as a bean in the spring dispatcher-servlet-config.xml?
Or maybe implementing it in a #Controller?
(My hands are tied about the sso, I'm forced to use it for the authentication, cause myApp will be just another in a family of applications login through this custom sso... I would prefer to use spring security instead).
Thanks.
EDITED:
I finally opted for a migration to Spring Boot, seems way more clear to configure a project that way.
For the filter you can use a SpringFilter and implement the logic in a bean:
<filter>
<filter-name>springFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>targetBeanName</param-name>
<param-value>authenticationFilter</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>springFilter</filter-name>
<url-pattern>/some-url</url-pattern>
</filter-mapping>
For the servlet I guess you may have to change your mappings to something that looks like the following:
<servlet>
<servlet-name>loginServlet</servlet-name>
<servlet-class>my.package.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>loginServlet</servlet-name>
<url-pattern>/login</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>dispatcherServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/mvc-config.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcherServlet</servlet-name>
<url-pattern>/app/*</url-pattern>
</servlet-mapping>
Here I'm assuming that everything goes in the same WEB.xml file

Tomcat started but application is not running

I created a spring application and deployed it in tomcat server (Tomcat v5.5 Server). I checked in tomcat manager and found my application is listed.But while i try to run my application,i am getting a page showing
**This program cannot display the webpage
Most likely causes:
You are not connected to the Internet.
The website is encountering problems.
There might be a typing error in the address.
What you can try:
Check your Internet connection. Try visiting another website to make sure you are connected.
Retype the address.**
I don't know where i am missing out.Please help me in sorting out this issue.
My web.xml file as follows
<?xml version="1.0"?>
<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<context-param>
<description>Log4j configuration file used by spring to initialize logging</description>
<param-name>log4jConfigLocation</param-name>
<param-value>classpath:pricingLog4j.properties</param-value>
</context-param>
<context-param>
<description>By default myfaces serializes the current view and saves it in session after view is rendered.
In Pricing UI, values on the Page tags are bound to UIComponents on backing bean using "binding" attribute. Most of the components are created
in the backing bean. When myfces serializes, it serializes the wrapped object under UIComponents, i.e HtmlDataTabl's value attribute, which are in Pricing UI case
business objects which have a big graphs attached to it and you start getting "serialization" error
Keep this pram-value to false to avoid serialization.</description>
<param-name>org.apache.myfaces.SERIALIZE_STATE_IN_SESSION</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<description>Comma separated list of URIs of (additional) faces config
files. (e.g. /WEB-INF/my-config.xml) See JSF 1.0 PRD2,
10.3.2.
DONOT ADD DEFAULT faces-config.xml HERE. IT IS AUTOMATICALLY LOADED BY FACES. IF GIVEN HERE, IT WILL BE LOADED TWICE</description>
<param-name>javax.faces.CONFIG_FILES</param-name>
<param-value>/WEB-INF/faces-navigation.xml</param-value>
</context-param>
<context-param>
<param-name>facelets.LIBRARIES</param-name>
<param-value>
/WEB-INF/taglib/tomahawk-taglib.xml;
/WEB-INF/taglib/tomahawk-sandbox-taglib.xml;
/WEB-INF/taglib/jcp-pricing-ui-taglib.xml;
/WEB-INF/taglib/acegijsf-taglib.xml
</param-value>
</context-param>
<context-param>
<param-name>javax.faces.DEFAULT_SUFFIX</param-name>
<param-value>.xhtml</param-value>
</context-param>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
classpath:/config/pricingEngineContext-caching.xml
classpath:/config/pricingEngineContext-messaging.xml
classpath:/config/pricingEngineContext-service.xml
classpath:/config/pricingEngineContext.xml
classpath:/config/pricingWebApplicationContext.xml
classpath:/config/securityContext.xml</param-value>
</context-param>
<context-param>
<description>State saving method: "client" or "server" (= default) See
JSF Specification 2.5.2</description>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>server</param-value>
</context-param>
<context-param>
<description>This parameter tells MyFaces if javascript code should be
allowed in the rendered HTML output. If javascript is
allowed, command_link anchors will have javascript code that
submits the corresponding form. If javascript is not
allowed, the state saving info and nested parameters will be
added as url parameters. Default: "true"</description>
<param-name>org.apache.myfaces.ALLOW_JAVASCRIPT</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<description>If true, rendered HTML code will be formatted, so that it is
"human readable". i.e. additional line separators and
whitespace will be written, that do not influence the HTML
code. Default: "true"</description>
<param-name>org.apache.myfaces.PRETTY_HTML</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>org.apache.myfaces.DETECT_JAVASCRIPT</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<description>If true, a javascript function will be rendered that is able
to restore the former vertical scroll on every request.
Convenient feature if you have pages with long lists and you
do not want the browser page to always jump to the top if
you trigger a link or button action that stays on the same
page. Default: "false"</description>
<param-name>org.apache.myfaces.AUTO_SCROLL</param-name>
<param-value>true</param-value>
</context-param>
<!-- Special Debug Output for Development -->
<context-param>
<param-name>facelets.DEVELOPMENT</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>facelets.REFRESH_PERIOD</param-name>
<param-value>2</param-value>
</context-param>
<context-param>
<param-name>org.ajax4jsf.SKIN</param-name>
<param-value>DEFAULT</param-value>
</context-param>
<filter>
<filter-name>Acegi Channel Processing Filter</filter-name>
<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>org.acegisecurity.securechannel.ChannelProcessingFilter</param-value>
</init-param>
</filter>
<filter>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>org.acegisecurity.util.FilterChainProxy</param-value>
</init-param>
</filter>
<!-- Spring Open Session In View Pattern filter -->
<filter>
<filter-name>hibernateFilter</filter-name>
<filter-class>org.springframework.orm.hibernate3.support.OpenSessionInViewFilter</filter-class>
<init-param>
<param-name>sessionFactoryBeanName</param-name>
<param-value>sessionFactory</param-value>
</init-param>
</filter>
<!-- Extensions Filter -->
<filter>
<description>Set the size limit for uploaded files. Format: 10 - 10 bytes
10k - 10 KB 10m - 10 MB 1g - 1 GB</description>
<filter-name>extensionsFilter</filter-name>
<filter-class>org.apache.myfaces.webapp.filter.ExtensionsFilter</filter-class>
<init-param>
<param-name>uploadMaxFileSize</param-name>
<param-value>100m</param-value>
</init-param>
<init-param>
<description>Set the threshold size - files below this limit are
stored in memory, files above this limit are stored on
disk.
Format: 10 - 10 bytes 10k - 10 KB 10m - 10 MB 1g - 1 GB</description>
<param-name>uploadThresholdSize</param-name>
<param-value>100k</param-value>
</init-param>
<init-param>
<description>Set the path where the intermediary files will be
stored.</description>
<param-name>uploadRepositoryPath</param-name>
<param-value>/tmp</param-value>
</init-param>
</filter>
<filter>
<filter-name>orchestraFilter</filter-name>
<filter-class>org.apache.myfaces.orchestra.conversation.jsf.filter.OrchestraServletFilter</filter-class>
</filter>
<filter>
<filter-name>promotionFilter</filter-name>
<filter-class>com.jcpenney.web.servlet.PromotionFilter</filter-class>
</filter>
<filter>
<display-name>Ajax4jsf Filter</display-name>
<filter-name>ajax4jsf</filter-name>
<filter-class>org.ajax4jsf.Filter</filter-class>
</filter>
<filter-mapping>
<filter-name>Acegi Channel Processing Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>orchestraFilter</filter-name>
<url-pattern>*.faces</url-pattern>
</filter-mapping>
<!-- Spring/Hibernate filter mappings -->
<filter-mapping>
<filter-name>hibernateFilter</filter-name>
<url-pattern>*.faces</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>hibernateFilter</filter-name>
<url-pattern>*.remoting</url-pattern>
</filter-mapping>
<!-- Filter Mappings necessary to run myfaces -->
<filter-mapping>
<filter-name>extensionsFilter</filter-name>
<url-pattern>/faces/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>extensionsFilter</filter-name>
<url-pattern>*.faces</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>promotionFilter</filter-name>
<url-pattern>*.faces</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ajax4jsf</filter-name>
<servlet-name>Faces Servlet</servlet-name>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<!-- Myfaces JSF Listener, that does all the startup work (configuration, init). -->
<listener>
<listener-class>org.apache.myfaces.webapp.StartupServletContextListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<listener>
<listener-class>org.apache.myfaces.orchestra.conversation.servlet.ConversationManagerSessionListener</listener-class>
</listener>
<listener>
<listener-class>com.jcpenney.pricing.web.listeners.SessionLoggingListener</listener-class>
</listener>
<listener>
<listener-class>com.jcpenney.pricing.audit.LogoutLogger</listener-class>
</listener>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- This servlet is needed to workaround a websphere bug (http://issues.apache.org/jira/browse/TOMAHAWK-663)
Another workaround is on Websphere set com.ibm.ws.webcontainer.invokefilterscompatibility=true as container
property, but that is one more step for server configuration team
-->
<servlet>
<servlet-name>Tomahawk-663 Websphere Workaround Servlet</servlet-name>
<servlet-class>com.jcpenney.web.Tomahawk663Servlet</servlet-class>
</servlet>
<servlet>
<servlet-name>dwr-invoker</servlet-name>
<servlet-class>org.directwebremoting.servlet.DwrServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>false</param-value>
</init-param>
</servlet>
<!-- Mapping for MyFaces components -->
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.faces</url-pattern>
</servlet-mapping>
<!-- This mapping is needed to back the MyFaces Extention Filter to workaround a websphere bug -->
<servlet-mapping>
<servlet-name>Tomahawk-663 Websphere Workaround Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>dwr-invoker</servlet-name>
<url-pattern>/dwr/*</url-pattern>
</servlet-mapping>
<!-- pricingUi Monitoring Simple Spring Servlet-->
<servlet>
<servlet-name>pricingUi-monitoring</servlet-name>
<servlet-class>org.springframework.web.context.support.HttpRequestHandlerServlet</servlet-class>
<load-on-startup>3</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>pricingUi-monitoring</servlet-name>
<url-pattern>/ping</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>pricingUi-monitoring</servlet-name>
<url-pattern>/services/ping</url-pattern>
</servlet-mapping>
<!-- Spring Message Dispatcher Servlet for WebServices Call -->
<servlet>
<servlet-name>pricingEngine</servlet-name>
<servlet-class>org.springframework.ws.transport.http.MessageDispatcherServlet</servlet-class>
<init-param>
<param-name>transformWsdlLocations</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:config/pricingEngineContext-webservice.xml</param-value>
</init-param>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet>
<servlet-name>sale-price-upload</servlet-name>
<servlet-class>org.springframework.web.context.support.HttpRequestHandlerServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>sale-price-upload</servlet-name>
<url-pattern>/services/salePriceFileUpload</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>pricingEngine</servlet-name>
<url-pattern>/services/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>pricingEngine</servlet-name>
<url-pattern>*.wsdl</url-pattern>
</servlet-mapping>
<!-- Session Configuration -->
<session-config>
<!-- the time until the session expires in min (60min)-->
<session-timeout>60</session-timeout>
</session-config>
<!-- Welcome files -->
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
</web-app>
I cannot see the exact log messages that is generated for this Error here in the question. Not enough information.
It is also not mentioned how you are building your application and whether the application build is successful or not. I assuming the build is successful.
For a workaround suggestion, if you are using pom.xml in your application and maven to build, can you please check the <source> and <target> of your application?
<source>1.8</source>
<target>1.8</target>
If the java version that is mentioned in your pom is mis-matched with your system's java version, the error may appear. That is, your server may startup but your application maynot.
Also you can check your system's java version by using below commands like:
java -version
javac -version
Both the versions should be matched. If you see any difference, change the necessary and rebuild your application and restart the server.

how to filter all the request through custom filter in spring mvc?

I am new to springs so help me out....
I need to know the web.xml configuration to filter all my request through a custom filter....
i.e
This is my normal web.xml
<servlet>
<servlet-name>controller</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>controller</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
now what changes should i make to my web.xml so that all my requests pass through custom filter...
Thanks in advance.
If you are talking about a javax.servlet.Filter, the configuration is as follows in the web.xml.
<filter>
<filter-name>custom-filter</filter-name>
<filter-class>your.filter.type.MyFilter</filter-class>
<!-- Other options -->
</filter>
<filter-mapping>
<filter-name>custom-filter</filter-name>
<url-pattern>/*</url-pattern>
<!-- Other options -->
</filter-mapping>
You can read all the configuration options here.

Spring Security annotation configuration regarding web.xml

I'm using annotation based configuration and so far worked without a web.xml.
Now, according to documentation, I'll need to create a web.xml file and add these fields to it:
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
Can I configure this too with annotations?
Because If I make a web.xml and put only this, I'll get some other errors in runtime (like missing ContextLoaderListener etc etc..).
web.xml is part of the standard web-application packaging structure. This structure allows you to deploy your packaged war file on different servers such as Tomcat and Jetty.
You can read more about web.xml here: http://en.wikipedia.org/wiki/Deployment_descriptor
You can read about the standard directory structure here (this is for Tomcat, but most web-servers follow the same/similar structure):
http://tomcat.apache.org/tomcat-6.0-doc/appdev/deployment.html#Standard_Directory_Layout
You should already have a web.xml if your application is a web-application. If not, then you should not create a web.xml but find another way of hooking in Spring Security. Please let us know how your application is currently deployed.
Here is an example of a web.xml for Spring with Spring Security:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app
PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<!-- Spring Security Filter -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<!-- The front controller of the Spring MVC Web application, responsible
for handling all application requests -->
<servlet>
<servlet-name>Spring MVC Dispatcher Servlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/web-application-config.xml
</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- Map requests to the DispatcherServlet for handling -->
<servlet-mapping>
<servlet-name>Spring MVC Dispatcher Servlet</servlet-name>
<url-pattern>/app/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>
For a web app you need a web.xml.
Regarding your error missing ContextLoaderListener, just add this to the web.xml
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>

Resources