Develop Reference

Spring-integration-ftp polls file even when my application is stopped

As a follow up to the question -
Same file gets picked up again and again in spring-ftp but with different names
I have the following configuration in my application.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:int="http://www.springframework.org/schema/integration"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:file="http://www.springframework.org/schema/integration/file"
xmlns:int-stream="http://www.springframework.org/schema/integration/stream"
xmlns:int-ftp="http://www.springframework.org/schema/integration/ftp"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/integration
http://www.springframework.org/schema/integration/spring-integration.xsd
http://www.springframework.org/schema/integration/file
http://www.springframework.org/schema/integration/file/spring-integration-file.xsd
http://www.springframework.org/schema/integration/stream
http://www.springframework.org/schema/integration/stream/spring-integration-stream.xsd
http://www.springframework.org/schema/integration/ftp
http://www.springframework.org/schema/integration/ftp/spring-integration-ftp.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd">
<int:poller id="poller" task-executor="synchTaskExecutor" default="true" fixed-delay="1000" />
<beans:bean id="ftpClientFactory"
class="com.everge.springframework.integration.ftp.session.EvergeFtpSessionFactory">
<beans:property name="host" value="111.93.128.170"/>
<beans:property name="port" value="21"/>
<beans:property name="username" value="singha"/>
<beans:property name="password" value="singha16"/>
<beans:property name="clientMode" value="2"></beans:property>
</beans:bean>
<beans:bean id="ftpOutClientFactory"
class="org.springframework.integration.ftp.session.DefaultFtpSessionFactory">
<beans:property name="host" value="111.93.128.170"/>
<beans:property name="port" value="21"/>
<beans:property name="username" value="singha"/>
<beans:property name="password" value="singha16"/>
<beans:property name="clientMode" value="2"></beans:property>
</beans:bean>
<beans:bean id="synchTaskExecutor" class="org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor">
<beans:property name="corePoolSize" value="1"></beans:property>
<beans:property name="maxPoolSize" value="1"></beans:property>
<beans:property name="queueCapacity" value="1"></beans:property>
</beans:bean>
<beans:bean id="pqqFtpClientFactory"
class="com.everge.springframework.integration.ftp.session.PqqEvergeFtpSessionFactory">
<beans:property name="host" value="111.93.128.170"/>
<beans:property name="port" value="21"/>
<beans:property name="username" value="singha"/>
<beans:property name="password" value="singha16"/>
<beans:property name="clientMode" value="2"></beans:property>
</beans:bean>
<int:channel id="ftpChannel">
<int:queue/>
</int:channel>
<beans:bean id="acceptAllFileListFilter" class="com.everge.file.processing.EvergeFileListFilter"/>
<beans:bean id="pqqHandler" class="com.everge.pqq.PqqFileHandler">
<beans:property name="config" ref="baseConfig"></beans:property>
</beans:bean>
<beans:bean id="handler" scope="prototype" class="com.everge.integration.client.FileHandler">
<beans:property name="config" ref="baseConfig"></beans:property>
</beans:bean>
<beans:bean id="baseConfig" class="com.everge.config.BaseConfig" />
<beans:bean id="ftpSplitter" class="com.everge.service.FtpSplitter" />
<beans:bean id="fileSplitter" class="com.everge.file.processing.FileSplitter" />
<int-ftp:outbound-channel-adapter id="notifFtpOutBound"
channel="pl"
remote-directory="/ADPWG/PRCSD1"
session-factory="ftpOutClientFactory" auto-startup="true">
<int-ftp:request-handler-advice-chain>
<int:retry-advice />
</int-ftp:request-handler-advice-chain>
</int-ftp:outbound-channel-adapter>
<int-ftp:outbound-channel-adapter id="ftpOutbound"
channel="pqqOutputFileChannel"
remote-directory="/ADPWG/PRCSD"
session-factory="ftpOutClientFactory" auto-startup="true">
<int-ftp:request-handler-advice-chain>
<int:retry-advice />
</int-ftp:request-handler-advice-chain>
</int-ftp:outbound-channel-adapter>
<file:inbound-channel-adapter prevent-duplicates="false" id="filesIn1" directory="file:/Users/abhisheksingh/ddrive/everge_ws/f" auto-startup="true">
<int:poller id="poller" task-executor="synchTaskExecutor" fixed-delay="1000"></int:poller>
</file:inbound-channel-adapter>
<int:service-activator input-channel="filesIn1" ref="handler" />
<file:inbound-channel-adapter prevent-duplicates="false" id="pqqInputFileChannel" directory="file:/Users/abhisheksingh/ddrive/everge_ws/pqqReq" auto-startup="true">
<int:poller id="poller" task-executor="synchTaskExecutor" fixed-delay="1000" />
</file:inbound-channel-adapter>
<int:service-activator input-channel="pqqInputFileChannel" ref="pqqHandler" />
<file:inbound-channel-adapter id="pqqOutputFileChannel" directory="/Users/abhisheksingh/ddrive/everge_ws/pqqResp">
<int:poller id="poller" task-executor="synchTaskExecutor" fixed-delay="10000" />
</file:inbound-channel-adapter>
<int-ftp:inbound-channel-adapter id="ftpInbound"
channel="ftpChannel"
session-factory="ftpClientFactory"
auto-create-local-directory="true"
delete-remote-files="false"
local-filter="acceptAllFileListFilter"
local-directory="file:/Users/abhisheksingh/ddrive/everge_ws/f" auto-startup="true" >
<int:poller id="poller" task-executor="synchTaskExecutor" fixed-delay="1000" />
</int-ftp:inbound-channel-adapter>
<int-ftp:inbound-channel-adapter id="pqqFtpInbound"
channel="ftpChannel"
session-factory="pqqFtpClientFactory"
auto-create-local-directory="true"
delete-remote-files="false"
local-filter="acceptAllFileListFilter"
local-directory="file:/Users/abhisheksingh/ddrive/everge_ws/pqqReq" auto-startup="true" >
<int:poller id="poller" task-executor="synchTaskExecutor" fixed-delay="1000" />
</int-ftp:inbound-channel-adapter>
<file:inbound-channel-adapter id="pl" directory="file:/Users/abhisheksingh/ddrive/everge_ws/notifFile" auto-startup="true">
<int:poller id="poller" task-executor="synchTaskExecutor" fixed-delay="1000" />
</file:inbound-channel-adapter>
</beans:beans>
So there is a ftp location which I poll and the polled file gets placed at the following directory on my local machine-
/Users/abhisheksingh/ddrive/test/f
Now sometimes because I found a bug and have to fix it, I stop the tomcat server. I delete the files from my local so that next time I start my server , the same file can be polled again. But I find that the same file gets polled again. My server is stopped! This should not happen as far as I know. Thats why I have posted my application.xml to know if there is something here which keeps the threads hanging. Or is it that the spring-integration-ftp starts a daemon thread which does not depend on the application. Please let me solve this riddle.
I see the following exception in the tomcat logs -
Feb 17, 2017 11:49:24 PM org.apache.catalina.loader.WebappClassLoaderBase loadClass
INFO: Illegal access: this web application instance has been stopped already. Could not load UNIX Type: L8. The eventual following stack trace is caused by an error thrown for debugging purposes as well as to attempt to terminate the thread which caused the illegal access, and has no functional impact.
java.lang.IllegalStateException
at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1777)
at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1735)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:264)
at org.apache.commons.net.ftp.parser.DefaultFTPFileEntryParserFactory.createFileEntryParser(DefaultFTPFileEntryParserFactory.java:88)
at org.apache.commons.net.ftp.FTPClient.initiateListParsing(FTPClient.java:2263)
at org.apache.commons.net.ftp.FTPClient.listFiles(FTPClient.java:2046)
at org.springframework.integration.ftp.session.FtpSession.list(FtpSession.java:70)
at org.springframework.integration.ftp.session.FtpSession.list(FtpSession.java:43)
at org.springframework.integration.file.remote.synchronizer.AbstractInboundFileSynchronizer$1.doInSession(AbstractInboundFileSynchronizer.java:236)
at org.springframework.integration.file.remote.synchronizer.AbstractInboundFileSynchronizer$1.doInSession(AbstractInboundFileSynchronizer.java:232)
at org.springframework.integration.file.remote.RemoteFileTemplate.execute(RemoteFileTemplate.java:435)
at org.springframework.integration.file.remote.synchronizer.AbstractInboundFileSynchronizer.synchronizeToLocalDirectory(AbstractInboundFileSynchronizer.java:232)
at org.springframework.integration.file.remote.synchronizer.AbstractInboundFileSynchronizingMessageSource.doReceive(AbstractInboundFileSynchronizingMessageSource.java:193)
at org.springframework.integration.file.remote.synchronizer.AbstractInboundFileSynchronizingMessageSource.doReceive(AbstractInboundFileSynchronizingMessageSource.java:59)
at org.springframework.integration.endpoint.AbstractMessageSource.receive(AbstractMessageSource.java:134)
at org.springframework.integration.endpoint.SourcePollingChannelAdapter.receiveMessage(SourcePollingChannelAdapter.java:224)
at org.springframework.integration.endpoint.AbstractPollingEndpoint.doPoll(AbstractPollingEndpoint.java:245)
at org.springframework.integration.endpoint.AbstractPollingEndpoint.access$000(AbstractPollingEndpoint.java:58)
at org.springframework.integration.endpoint.AbstractPollingEndpoint$1.call(AbstractPollingEndpoint.java:190)
at org.springframework.integration.endpoint.AbstractPollingEndpoint$1.call(AbstractPollingEndpoint.java:186)
at org.springframework.integration.endpoint.AbstractPollingEndpoint$Poller$1.run(AbstractPollingEndpoint.java:353)
at org.springframework.integration.util.ErrorHandlingTaskExecutor$1.run(ErrorHandlingTaskExecutor.java:55)
at org.springframework.core.task.SyncTaskExecutor.execute(SyncTaskExecutor.java:50)
at org.springframework.integration.util.ErrorHandlingTaskExecutor.execute(ErrorHandlingTaskExecutor.java:51)
at org.springframework.integration.endpoint.AbstractPollingEndpoint$Poller.run(AbstractPollingEndpoint.java:344)
at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54)
at org.springframework.scheduling.concurrent.ReschedulingRunnable.run(ReschedulingRunnable.java:81)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
I am pretty much sure at this point that the spring-integration ftp poller does not let the tomcat stop properly.
I did investigate more using jvisualvm. I see that there are task-scheduler threads started which do not close with ./shutdown.sh call to stop the tomcat.
Interesting thing to observe is that if I remove either of the pl or pqqOutputFileChannel adapter, these schedulers dont get created.
Here is the structure of my ear file -
Following is the log which keeps on rolling in the log file even when
shutdown has been called on the tomcat -
541576 DEBUG o.s.i.c.PublishSubscribeChannel - postSend (sent=true) on
channel 'errorChannel', message: ErrorMessage
[payload=org.springframework.core.task.TaskRejectedException: Executor
[java.util.concurrent.ThreadPoolExecutor#6d6033da[Running, pool size =
1, active threads = 0, queued tasks = 0, completed tasks = 1114]] did
not accept task:
org.springframework.integration.util.ErrorHandlingTaskExecutor$1#570e117d,
headers={id=71d77a8b-17ea-7011-3cb3-ddbf7591321f,
timestamp=1487870801603}] 541575 DEBUG o.s.i.c.PublishSubscribeChannel
- postSend (sent=true) on channel 'errorChannel', message: ErrorMessage
[payload=org.springframework.core.task.TaskRejectedException: Executor
[java.util.concurrent.ThreadPoolExecutor#6d6033da[Running, pool size =
1, active threads = 0, queued tasks = 1, completed tasks = 1113]] did
not accept task:
org.springframework.integration.util.ErrorHandlingTaskExecutor$1#44210f79,
headers={id=74a26d65-4b42-da1f-cdf1-b77fea8bfdb7,
timestamp=1487870801603}] 541576 ERROR o.s.i.handler.LoggingHandler -
org.springframework.core.task.TaskRejectedException: Executor
[java.util.concurrent.ThreadPoolExecutor#6d6033da[Running, pool size =
1, active threads = 0, queued tasks = 1, completed tasks = 1113]] did
not accept task:
org.springframework.integration.util.ErrorHandlingTaskExecutor$1#7d7cc2a4
at
org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor.execute(ThreadPoolTaskExecutor.java:296)
at
org.springframework.integration.util.ErrorHandlingTaskExecutor.execute(ErrorHandlingTaskExecutor.java:51)
at
org.springframework.integration.endpoint.AbstractPollingEndpoint$Poller.run(AbstractPollingEndpoint.java:344)
at
org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54)
at
org.springframework.scheduling.concurrent.ReschedulingRunnable.run(ReschedulingRunnable.java:81)
at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266) at
java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180)
at
java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745) Caused by:
java.util.concurrent.RejectedExecutionException: Task
org.springframework.integration.util.ErrorHandlingTaskExecutor$1#7d7cc2a4
rejected from
java.util.concurrent.ThreadPoolExecutor#6d6033da[Running, pool size =
1, active threads = 0, queued tasks = 1, completed tasks = 1113] at
java.util.concurrent.ThreadPoolExecutor$AbortPolicy.rejectedExecution(ThreadPoolExecutor.java:2047)
at
java.util.concurrent.ThreadPoolExecutor.reject(ThreadPoolExecutor.java:823)
at
java.util.concurrent.ThreadPoolExecutor.execute(ThreadPoolExecutor.java:1369)
at
org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor.execute(ThreadPoolTaskExecutor.java:293)
... 11 more
**541576 DEBUG o.s.i.c.PublishSubscribeChannel - postSend (sent=true) on channel 'errorChannel', message: ErrorMessage
[payload=org.springframework.core.task.TaskRejectedException: Executor
[java.util.concurrent.ThreadPoolExecutor#6d6033da[Running, pool size =
1, active threads = 0, queued tasks = 1, completed tasks = 1113]] did
not accept task:
org.springframework.integration.util.ErrorHandlingTaskExecutor$1#7d7cc2a4,
headers={id=26e6de67-2b70-cd7d-0c64-d21e1f8d1726,
timestamp=1487870801603}] 541611 DEBUG
c.e.s.i.f.s.PqqEvergeFtpSessionFactory - Connected to server
[111.93.128.170:21] 541638 INFO
c.e.s.i.f.s.PqqEvergeFtpSessionFactory - Inside
postProcessClientAfterConnect of PqqEvergeFtpSessionFactory 541778
INFO o.s.i.ftp.session.FtpSession - File has been successfully
transferred from: TEST4.PQQ 541778 DEBUG
o.s.i.f.i.FtpInboundFileSynchronizer - 1 files transferred 541779 INFO
c.e.f.p.EvergeFileListFilter - Check if the file has already been
processed /Users/abhisheksingh/ddrive/everge_ws/pqqArchive/TEST4.PQQ
541779 INFO c.e.f.p.EvergeFileListFilter - Archive file name is
541779 INFO c.e.f.p.EvergeFileListFilter - Input file name is TEST4
541779 INFO c.e.f.p.EvergeFileListFilter - Archive file name is TEST4
541779 INFO c.e.f.p.EvergeFileListFilter - Input file name is TEST4
541779 INFO c.e.f.p.EvergeFileListFilter - The file is already
processed TEST4 541779 ERROR c.e.f.p.EvergeFileListFilter - PQQ file
has already been processed. 541779 DEBUG
o.s.i.e.SourcePollingChannelAdapter - Received no Message during the
poll, returning 'false' 541974 DEBUG
o.s.i.e.SourcePollingChannelAdapter - Received no Message during the
poll, returning 'false'

Spring Security redirect to Login Page after successful authentication by giving access denied exception

Facing strange problem : Application work fine on HTTP but redirects to login page again once we add SLL certificate :
Below is code snippet from spring-security.xml
<security:http auto-config="false" use-expressions="true" access-denied-page="/pages/denied.rs" entry-point-ref="authenticationEntryPoint" disable-url-rewriting="true">
<security:intercept-url pattern="/pages/doLogin.rs" requires-channel="any" access="hasAnyRole('ROLE_SYSTEM_ADMINISTRATOR', 'ROLE_KEY_ACCOUNT_MANAGER', 'ROLE_A', 'ROLE_B'" />
<security:intercept-url pattern="/**" requires-channel="any" access="hasAnyRole('ROLE_SYSTEM_ADMINISTRATOR', 'ROLE_KEY_ACCOUNT_MANAGER', 'ROLE_A', 'ROLE_B')"/>
<security:logout invalidate-session="true" logout-success-url="/pages/login.rs"/>
<security:custom-filter after="FILTER_SECURITY_INTERCEPTOR" ref="applicationRequestFilter" />
<security:custom-filter ref="authenticationFilter" position="FORM_LOGIN_FILTER" />
<security:custom-filter ref="concurrencyFilter" position="CONCURRENT_SESSION_FILTER"/>
<security:session-management session-authentication-strategy-ref="sas" invalid-session-url="/pages/sessiontimeout.rs"/>
</security:http>
<bean id="authenticationFilter"
class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter"
p:authenticationManager-ref="customAuthenticationManager"
p:authenticationFailureHandler-ref="customAuthenticationFailureHandler"
p:authenticationSuccessHandler-ref="customAuthenticationSuccessHandler" />
<bean id="customAuthenticationSuccessHandler"
class="com.mycomapny.CustomAuthenticationSuccessHandler"
p:defaultTargetUrl="/pages/doLogin.rs" />
<bean id="authenticationEntryPoint"
class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"
p:loginFormUrl="/pages/login.rs" />
I have added SSL certificate in by JBOSS in standalone.xml as below:
<subsystem xmlns="urn:jboss:domain:web:1.4" default-virtual-server="default-host" native="false">
<connector name="http" protocol="HTTP/1.1" socket-binding="http" scheme="http" redirect-port="8443"/>
<connector name="https" protocol="HTTP/1.1" socket-binding="https" scheme="https" enable-lookups="false" secure="true">
<ssl name="selfsigned" password="password" certificate-key-file="D:\keystore.jks" protocol="TLSv1" verify-client="false"/>
</connector>
<virtual-server name="default-host" enable-welcome-root="true">
<alias name="127.0.0.1"/>
<alias name="example.com"/>
</virtual-server>
<configuration>
<jsp-configuration development="true"/>
</configuration>
</subsystem>
When I tries to access my application using HTTPS URL like https://mydomain.com:8443/mywebapp/login.rs , it displays the user name password page.
After entering valid credentials, it goes to authentication manger and before redirecting to success handler URL /doLogin.rs, it give below exception and redirects again to login page :
15:31:57,674 DEBUG [org.springframework.security.web.util.AntPathRequestMatcher] () Checking match of request : '/pages/dologin.
rs'; against '/pages/dologin.rs'
15:31:57,675 DEBUG [org.springframework.security.web.access.intercept.FilterSecurityInterceptor] () Secure object: FilterInvocat
ion: URL: /pages/doLogin.rs; Attributes: [hasAnyRole('ROLE_SYSTEM_ADMINISTRATOR', 'ROLE_KEY_ACCOUNT_MANAGER', 'ROLE_A', 'ROLE_B')]
15:31:57,675 DEBUG [org.springframework.security.web.access.intercept.FilterSecurityInterceptor] () Previously Authenticated: or
g.springframework.security.authentication.AnonymousAuthenticationToken#90579aae: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: tr
ue; Details: org.springframework.security.web.authentication.WebAuthenticationDetails#2eb76: RemoteIpAddress: my machine ip address; SessionId: MdlIOjDwbSdN+e9r0-
6CEkxJ; Granted Authorities: ROLE_ANONYMOUS
15:31:57,690 DEBUG [org.springframework.security.access.vote.AffirmativeBased] () Voter: org.springframework.security.web.access
.expression.WebExpressionVoter#1d80d50, returned: -1
15:31:57,691 DEBUG [org.springframework.beans.factory.support.DefaultListableBeanFactory] () Returning cached instance of single
ton bean 'org.springframework.context.annotation.internalScheduledAnnotationProcessor'
15:31:57,692 DEBUG [org.springframework.beans.factory.support.DefaultListableBeanFactory] () Returning cached instance of single
ton bean 'org.springframework.scheduling.config.ContextLifecycleScheduledTaskRegistrar#0'
15:31:57,693 DEBUG [org.springframework.beans.factory.support.DefaultListableBeanFactory] () Returning cached instance of single
ton bean 'sessionRegistry'
15:31:57,693 DEBUG [org.springframework.security.web.access.ExceptionTranslationFilter] () Access is denied (user is anonymous);
redirecting to authentication entry point: org.springframework.security.access.AccessDeniedException: Access is denied
at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:83) [spring-security-core-3.1.4.RELEASE.jar:3.1.4.RE
LEASE]
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:206) [spring-se
curity-core-3.1.4.RELEASE.jar:3.1.4.RELEASE]
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:115) [spring-security-web
-3.1.4.RELEASE.jar:3.1.4.RELEASE]
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84) [spring-security-we
b-3.1.4.RELEASE.jar:3.1.4.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.1.4.RELEASE
.jar:3.1.4.RELEASE]
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113) [spring-security-web-3.1.4
.RELEASE.jar:3.1.4.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.1.4.RELEASE
.jar:3.1.4.RELEASE]
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103) [spring-security-web-3.1.4.RELE
ASE.jar:3.1.4.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.1.4.RELEASE
.jar:3.1.4.RELEASE]
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113) [spring-secu
rity-web-3.1.4.RELEASE.jar:3.1.4.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.1.4.RELEASE
.jar:3.1.4.RELEASE]
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:5
4) [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.1.4.RELEASE
.jar:3.1.4.RELEASE]
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45) [spring-security-web-3.1.4.
RELEASE.jar:3.1.4.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.1.4.RELEASE
.jar:3.1.4.RELEASE]
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java
:183) [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.1.4.RELEASE
.jar:3.1.4.RELEASE]
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105) [spring-security-web-3.1.4.RELEASE.jar:
3.1.4.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.1.4.RELEASE
.jar:3.1.4.RELEASE]
at org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:125) [spring-security-web-3.1.4.RELE
ASE.jar:3.1.4.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.1.4.RELEASE
.jar:3.1.4.RELEASE]
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) [spring-securi
ty-web-3.1.4.RELEASE.jar:3.1.4.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.1.4.RELEASE
.jar:3.1.4.RELEASE]
at org.springframework.security.web.access.channel.ChannelProcessingFilter.doFilter(ChannelProcessingFilter.java:144) [spring-security-web-3.1
.4.RELEASE.jar:3.1.4.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [spring-security-web-3.1.4.RELEASE
.jar:3.1.4.RELEASE]
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) [spring-security-web-3.1.4.RELEASE.jar:3.1.4.
RELEASE]
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE]
at org.springframework.security.config.debug.DebugFilter.invokeWithWrappedRequest(DebugFilter.java:69) [spring-security-config-3.1.4.RELEASE.j
ar:3.1.4.RELEASE]
at org.springframework.security.config.debug.DebugFilter.doFilter(DebugFilter.java:58) [spring-security-config-3.1.4.RELEASE.jar:3.1.4.RELEASE
]
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) [spring-web-3.2.3.RELEASE.jar:3.2.3.REL
EASE]
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259) [spring-web-3.2.3.RELEASE.jar:3.2.3.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.
Final-redhat-1]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-re
dhat-1]
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88) [spring-web-3.2.3.RELEASE.jar:3.2.
3.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-3.2.3.RELEASE.jar:3.2.3.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.
Final-redhat-1]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-re
dhat-1]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1
]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1
]
at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.2.0.Final-redhat-8.jar:7.2.0.Final
-redhat-8]
at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.2.0.Final-redhat-8.jar:7.2.0.Final
-redhat-8]
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.2.0.Final-redhat
-8.jar:7.2.0.Final-redhat-8]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:336) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.F
inal-redhat-1]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:920) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
at java.lang.Thread.run(Thread.java:619) [rt.jar:1.6.0_13]
We are using cookie header in response as httpOnly;Secure
I tried to add requires-channel="https" but it didn't worked either.

If you don't want this login-form to appear please remove the following maven-dependency:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
Hope this helps someone.

The problem is resolved : I was manually setting below header in my response to avoid security defects...due to this I was getting access denied exception.
I removed the below code and added at apache lavel and it worked fine.
String sessionid = request.getSession(true).getId();
resp.setHeader("SET-COOKIE", "JSESSIONID=" + sessionid
+ "; Secure; HttpOnly");
resp.setHeader("Expires", "Tue, 14 May 1985 00:00:00 GMT");
resp.setHeader("Last-Modified", new Date().toString());
resp.setHeader(
"Cache-Control",
"no-store, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0");
resp.setHeader("Pragma", "no-cache");
resp.addHeader("X-FRAME-OPTIONS", "SAMEORIGIN");
resp.addHeader("strict-transport-security", "max-age=631138519");
resp.addHeader("x-xss-protection", "1; mode=block");

This error comes,if you have added (logback-classic/logback-classic) jar file in you lib.
Ex:
ch.qos.logback
logback-classic
${logback.version}
if you have mapped it or its dependacny jar then remove it to resolve "org.springframework.security.access.AccessDeniedException: Access is denied"

Spring Hibernate Transaction No Session Lazy Loading

I have a problem with only one controller that has a lazy loaded entity(there is a transaction initiated and commited, see stack trace)
17:56:46,084 DEBUG HibernateTransactionManager:438 - Found thread-bound Session [org.hibernate.impl.SessionImpl#6b204e88] for Hibernate transaction
17:56:46,085 DEBUG HibernateTransactionManager:471 - Participating in existing transaction
17:56:46,085 DEBUG HibernateTransactionManager:438 - Found thread-bound Session [org.hibernate.impl.SessionImpl#6b204e88] for Hibernate transaction
17:56:46,085 DEBUG HibernateTransactionManager:471 - Participating in existing transaction
Hibernate: select preference0_.id as id66_, preference0_.name as name66_, preference0_.value as value66_, preference0_.default_value as default4_66_, preference0_.updated_at as updated5_66_ from preferences preference0_ where preference0_.name='scheduleInterval'
17:56:46,086 DEBUG GooGooStatementCache:457 - cxnStmtMgr.statementSet( com.mysql.jdbc.JDBC4Connection#5ec60ee2 ).size(): 21
17:56:46,086 DEBUG GooGooStatementCache:196 - checkoutStatement: com.mchange.v2.c3p0.stmt.GlobalMaxOnlyStatementCache stats -- total size: 111; checked out: 1; num connections: 10; num keys: 111
17:56:46,087 DEBUG GooGooStatementCache:271 - checkinStatement(): com.mchange.v2.c3p0.stmt.GlobalMaxOnlyStatementCache stats -- total size: 111; checked out: 0; num connections: 10; num keys: 111
17:56:46,089 FATAL app:79 - service
org.hibernate.LazyInitializationException: could not initialize proxy - no Session
at org.hibernate.proxy.AbstractLazyInitializer.initialize(AbstractLazyInitializer.java:167)
at org.hibernate.proxy.AbstractLazyInitializer.getImplementation(AbstractLazyInitializer.java:215)
at org.hibernate.proxy.pojo.javassist.JavassistLazyInitializer.invoke(JavassistLazyInitializer.java:190)
at com.model.User_$$_javassist_76.getName(User_$$_javassist_76.java)
at com.model.json.ScheduleItemWrapper.wrap(ScheduleItemWrapper.java:55)
at com.web.controllers.ajax.Model.wrap(Model.java:127)
at com.web.controllers.ajax.Model.toJSON(Model.java:165)
at com.web.controllers.ajax.Model.getContent(Model.java:51)
at com.web.controllers.ajax.BasicAction.execute(BasicAction.java:27)
at com.web.HibernateServlet.doService(HibernateServlet.java:113)
at com.web.HibernateServlet.service(HibernateServlet.java:66)
at sun.reflect.GeneratedMethodAccessor200.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:695)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:96)
at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:260)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:94)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161)
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:91)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:631)
at com.levitech.web.controllers.schedule.ScheduleList$$EnhancerByCGLIB$$4a7ae33e.service(<generated>)
at com.levitech.web.RequestDispatcher.service(RequestDispatcher.java:63)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Thread.java:662)
17:56:46,090 DEBUG HibernateTransactionManager:753 - Initiating transaction commit
17:56:46,090 DEBUG HibernateTransactionManager:653 - Committing Hibernate transaction on Session [org.hibernate.impl.SessionImpl#6b204e88]
17:56:46,091 DEBUG HibernateTransactionManager:735 - Closing Hibernate Session [org.hibernate.impl.SessionImpl#6b204e88] after transaction
17:56:46,091 DEBUG SessionFactoryUtils:800 - Closing Hibernate Session
The model (ScheduleItem and User) and their hibernate mappings
public class ScheduleItem {
private Integer id;
....
private User user;
}
public class User {
private Integer id;
...
private String name;
}
<class
name="ScheduleItem"
table="schedule_item"
>
<cache usage="read-write"/>
<id
name="id"
type="integer"
column="id"
>
<generator class="identity" />
</id>
<many-to-one name="user" column="user_id" lazy="proxy"></many-to-one>
</class>
<class
name="ScheduleItem"
table="schedule_item"
>
<cache usage="read-write"/>
<id
name="id"
type="integer"
column="id"
>
<generator class="identity" />
</id>
<property name="name" column="name" type="string" />
</class>
I found the culprit. OpenSessionViewFilter is using a different session or sessionfactory.
Here is my Spring config and web.xml (What am I doing wrong?):
Part of web.xml:
<filter>
<filter-name>hibernateFilter</filter-name>
<filter-class>org.springframework.orm.hibernate3.support.OpenSessionInViewFilter</filter-class>
<init-param>
<param-name>sessionFactoryBeanName</param-name>
<param-value>sessionFactory</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>hibernateFilter</filter-name>
<url-pattern>/app/s/*</url-pattern>
</filter-mapping>
Part of Spring Config:
<bean id="myDataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource" destroy-method="close">
<property name="driverClass" value="${db.driver}"/>
<property name="jdbcUrl" value="${db.url}"/>
<property name="user" value="${db.user}"/>
<property name="password" value="${db.pass}"/>
<!-- Pool properties -->
<property name="minPoolSize" value="5" />
<property name="maxPoolSize" value="100" />
<property name="acquireIncrement" value="5" />
<property name="maxStatements" value="200" />
<property name="idleConnectionTestPeriod" value="120" />
<property name="maxIdleTime" value="1800" />
</bean>
<bean id="sessionFactory" class="org.springframework.orm.hibernate3.LocalSessionFactoryBean">
<property name="dataSource" ref="myDataSource"></property>
<property name="mappingLocations" value="classpath*:com/model/hbm/**/*.hbm.xml" />
<property name="hibernateProperties">
<value>
hibernate.dialect=org.hibernate.dialect.MySQL5Dialect
hibernate.show_sql=true
hibernate.cache.region.factory_class=net.sf.ehcache.hibernate.SingletonEhCacheRegionFactory
hibernate.cache.use_query_cache=true
hibernate.cache.use_second_level_cache=true
</value>
</property>
</bean>
<bean id="transactionManager"
class="org.springframework.orm.hibernate3.HibernateTransactionManager">
<property name="sessionFactory" ref="sessionFactory"/>
</bean>

From the log it looks like the session is still open when you get this exception. The other scenario in which you would get such an exception is if the row doesn't exist in the database.
User user = session.load(User.class, 1000); // Create a proxy
user.getName(); // This would throw lazy initialization exception if row doesn't exist
One more scenario that can lead to this is working with detached objects. If you fetched and stored the ScheduleItem as a HTTPSession variable. Retrieve it in another request and then try to access the proxy - it will result in the same exception. The session that was used to load the object has been closed. If that is the case you need to first reattach the object to the new session (merge, update or lock) before using it.

There are multiple solutions for your problem:
The easiest one is using Spring's OpenSessionInViewFilter. Just add this filter to your web.xml and configure it to filter your request.
This filter opens and closes Hibernate session in a filter, so during page rendering session will be open.
Some people believe that OpenSessionInViewFilter is against good design, and it mixes business logic into presentation tier. If you think so, fetch the referenced object in your query (for example by using join fetch in your HQLs).

You could try to:
Eagerly load the collection.
initialize the collection before leaving the collection by calling the respective getter method Hibernate.initialize(rtn.getUserRoles());
Thats basically two times the same approach depending on what works best in your setup. You are making sure to load the complete entity before leaving the session that way the entity can be detached from the old and then reatached to a new session without problems. What you are doing is initializing the proxy before leaving the session so that the collection is available for sure when you are out of a session context.

Getting "org.jasypt.exceptions.EncryptionOperationNotPossibleException" when trying to login

I'm using Jasypt 1.9.0, Spring 3.1.1.RELEASE, and Maven 3.0.3. When I enter a username and password on my login page and submit, I get the following error …
org.jasypt.exceptions.EncryptionOperationNotPossibleException
org.jasypt.digest.StandardByteDigester.matches(StandardByteDigester.java:1107)
org.jasypt.digest.StandardStringDigester.matches(StandardStringDigester.java:1052)
org.jasypt.util.password.ConfigurablePasswordEncryptor.checkPassword(ConfigurablePasswordEncryptor.java:252)
org.jasypt.spring.security3.PasswordEncoder.isPasswordValid(PasswordEncoder.java:207)
org.springframework.security.authentication.dao.DaoAuthenticationProvider.additionalAuthenticationChecks(DaoAuthenticationProvider.java:64)
org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:149)
org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156)
org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:94)
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:194)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:184)
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:155)
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
Here is the Spring security I have setup
<beans:bean id="bcProvider" class="org.bouncycastle.jce.provider.BouncyCastleProvider" />
<beans:bean id="jasyptPasswordEncryptor" class="org.jasypt.util.password.ConfigurablePasswordEncryptor">
<beans:property name="algorithm">
<beans:value>SHA-256</beans:value>
</beans:property>
<beans:property name="provider">
<beans:ref bean="bcProvider" />
</beans:property>
</beans:bean>
<!-- This Spring Security-friendly PasswordEncoder implementation will -->
<!-- wrap the PasswordEncryptor instance so that it can be used from -->
<!-- the security framework. -->
<beans:bean id="passwordEncoder" class="org.jasypt.spring.security3.PasswordEncoder">
<beans:property name="passwordEncryptor">
<beans:ref bean="jasyptPasswordEncryptor" />
</beans:property>
</beans:bean>
<authentication-manager alias="authenticationManager"
id="authenticationManager">
<authentication-provider user-service-ref="sbdUserDetailsService">
<password-encoder ref="passwordEncoder" />
</authentication-provider>
</authentication-manager>
The Jasypt docs aren't very helpful and I don't know what else to check. Grateful for any help here. -

It's probably intentionally impossible to tell the cause of the error from the Jasypt library without debugging into it and finding the underlying exception. My guess would be you have an undigested password in the back end store (the most likely source of failures to compare digested passwords).

Spring Security remember-me services

I configured Spring Security with remember-me option.
<security:global-method-security secured-annotations="enabled" />
<security:http pattern="/login.html" security="none"/>
<security:http pattern="/signup.html" security="none"/>
<security:http pattern="/scripts/**" security="none"/>
<security:http pattern="/styles/**" security="none"/>
<security:http pattern="/images/**" security="none"/>
<security:http disable-url-rewriting="true" access-denied-page="/accessDenied.jsp">
<security:session-management>
<security:concurrency-control error-if-maximum-exceeded="false" max-sessions="10"/>
</security:session-management>
<security:form-login login-page="/login.html" login-processing-url="/login" authentication-failure-url="/login.html?login_error=1" default-target-url="/"/>
<security:intercept-url pattern='/**' access='ROLE_USER' />
<security:logout logout-url="/logout" logout-success-url="/"/>
<security:remember-me services-ref="rememberMeServices" />
</security:http>
and then the services itself:
<bean id="rememberMeServices" class="org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices">
<property name="tokenRepository" ref="myTokenRepository" />
<property name="userDetailsService" ref="userDetailsService" />
<property name="key" value="myRememberMeKey" />
<property name="alwaysRemember" value="true" />
</bean>
<bean id="myTokenRepository" class="com.mytwitter.web.security.MyTokenRepository">
</bean>
I can see in my schema that tokens are inserted/updated/deleted in database. so this is not an issue.
but sign on fails:
2012-02-13 13:35:56,497 DEBUG [http-bio-8080-exec-5] org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices - Remember-me cookie detected - 2065616
2012-02-13 13:35:56,498 DEBUG [http-bio-8080-exec-5] org.springframework.data.mongodb.core.MongoTemplate - findOne using query: { "series" : "Ww2a8WsycNlGWxZRDubTnA=="} in db.collection: mytwitter.rememberMeTokens - 2065617
2012-02-13 13:35:56,500 DEBUG [http-bio-8080-exec-5] org.springframework.beans.factory.support.DefaultListableBeanFactory - Returning cached instance of singleton bean 'org.springframework.security.core.session.SessionRegistryImpl#0' - 2065619
2012-02-13 13:35:56,500 DEBUG [http-bio-8080-exec-5] org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices - Refreshing persistent login token for user 'aaaa', series 'Ww2a8WsycNlGWxZRDubTnA==' - 2065619
2012-02-13 13:35:56,510 DEBUG [http-bio-8080-exec-5] org.springframework.data.mongodb.core.MongoTemplate - calling update using query: { "series" : "Ww2a8WsycNlGWxZRDubTnA=="} and update: { "$set" : { "tokenValue" : "u0m7/ze3DpDInv27+JuPdQ==" , "date" : { "$date" : "2012-02-13T11:35:56.500Z"}}} in collection: rememberMeTokens - 2065629
2012-02-13 13:35:56,511 DEBUG [http-bio-8080-exec-5] org.springframework.data.mongodb.core.MongoTemplate - findOne using query: { "nickname" : "aaaa"} in db.collection: mytwitter.users - 2065630
2012-02-13 13:35:56,512 DEBUG [http-bio-8080-exec-5] org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices - Remember-me cookie accepted - 2065631
2012-02-13 13:35:56,512 DEBUG [http-bio-8080-exec-5] org.springframework.security.authentication.ProviderManager - Authentication attempt using org.springframework.security.authentication.RememberMeAuthenticationProvider - 2065631
2012-02-13 13:35:56,513 DEBUG [http-bio-8080-exec-5] org.springframework.beans.factory.support.DefaultListableBeanFactory - Returning cached instance of singleton bean 'org.springframework.security.core.session.SessionRegistryImpl#0' - 2065632
2012-02-13 13:35:56,514 DEBUG [http-bio-8080-exec-5] org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter - SecurityContextHolder not populated with remember-me token, as AuthenticationManager rejected Authentication returned by RememberMeServices: 'org.springframework.security.authentication.RememberMeAuthenticationToken#5195b417: Principal: com.mytwitter.web.security.AuthUser#15880543; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails#b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_USER'; invalidating remember-me token - 2065633
org.springframework.security.authentication.BadCredentialsException: The presented RememberMeAuthenticationToken does not contain the expected key
at org.springframework.security.authentication.RememberMeAuthenticationProvider.authenticate(RememberMeAuthenticationProvider.java:64)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156)
at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:102)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:182)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:125)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:173)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:224)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:405)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:964)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:515)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:302)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:679)
2012-02-13 13:35:56,529 DEBUG [http-bio-8080-exec-5] org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices - Interactive login attempt was unsuccessful. - 2065648
2012-02-13 13:35:56,529 DEBUG [http-bio-8080-exec-5] org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices - Cancelling cookie - 2065648
Actually what I do see as weird is that in line 2012-02-13 13:35:56,514 which prints Authentication object, SessionId is null. What am I missing?

The problem solved.
I should have add "key" property in remember-me parameter as well.
<security:remember-me services-ref="rememberMeServices" key="myRememberMeKey" />
and it should be the key with the same name as in "remeberMeServices" bean.