I am having problems getting Acegi to work in BEA Weblogic
8.1 (perhaps the same problem Patrick is having). Any help or advice
would be appreciated. My first problem is this: Bea doesn’t seem to
load the Spring ContextLoader Listener correctly. To get around this, I'm
using the Spring ContextLoaderServlet. Since Filters get loaded before
the ContextLoaderServlet, they throw an exception since the Spring context is
not loaded. I get around this with a modified version of the
FilterToBeanProxy that swallows exceptions in the init() method, and attempts
to re-init in the doFilter method if the filter delegate is null. I would appreciate it if anyone can tell me a way to get Bea
to load the filters correctly without modified code. My next problem (after getting around the Listener issue) is
that after successfully logging in and viewing a secured page, a subsequent
request for a secured url redirects me to the login page. Below is a debug log using the sample contacts.war. This
is from version .51. I built the latest from CVS the other day and get the
same issue. Thanks in advance, Travis (keep in mind, the FilterToBeanProxy messages are coming
from a modified version of the code): DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
Authentication Processing Filter] doFilter called. . . DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
HTTP BASIC Authorization Filter] doFilter called. . . DEBUG [BasicProcessingFilter.java::doFilter() 153] -
Authorization header: null DEBUG [AbstractIntegrationFilter.java::doFilter() 114]
- Authentication not added to ContextHolder (could not extract an
authentication object from the container which is an instance of
Authentication) DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
HTTP Request Security Filter] doFilter called. . . DEBUG
[RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes() 132] -
Converted URL to lowercase, from: 'Http Request: /contacts/index.jsp'; to:
'/index.jsp' DEBUG
[RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes() 144] -
Candidate is: '/index.jsp'; pattern is \A/secure/super.*\Z; matched=false DEBUG
[RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes() 144] -
Candidate is: '/index.jsp'; pattern is \A/secure/.*\Z; matched=false DEBUG [AbstractSecurityInterceptor.java::interceptor() 346]
- Public object - authentication not attempted DEBUG [SecurityEnforcementFilter.java::doFilter() 168]
- Chain processed normally DEBUG [AbstractIntegrationFilter.java::doFilter() 142]
- ContextHolder does not contain any authentication information DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
Authentication Processing Filter] doFilter called. . . DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
HTTP BASIC Authorization Filter] doFilter called. . . DEBUG [BasicProcessingFilter.java::doFilter() 153] -
Authorization header: null DEBUG [AbstractIntegrationFilter.java::doFilter() 114]
- Authentication not added to ContextHolder (could not extract an
authentication object from the container which is an instance of
Authentication) DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
HTTP Request Security Filter] doFilter called. . . DEBUG [RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes()
132] - Converted URL to lowercase, from: 'Http Request:
/contacts/secure/index.htm'; to: '/secure/index.htm' DEBUG
[RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes() 144] -
Candidate is: '/secure/index.htm'; pattern is \A/secure/super.*\Z;
matched=false DEBUG
[RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes() 144] -
Candidate is: '/secure/index.htm'; pattern is \A/secure/.*\Z; matched=true DEBUG [AbstractSecurityInterceptor.java::interceptor() 273]
- Secure object: FilterInvocation: URL: /secure/index.htm;
ConfigAttributes: [ROLE_SUPERVISOR, ROLE_TELLER] DEBUG [SecurityEnforcementFilter.java::doFilter() 191]
- Authentication failed - adding target URL to Session:
http://leechor:7001/contacts/secure/index.htm DEBUG
[AuthenticationProcessingFilterEntryPoint.java::commence() 176] -
Redirecting to: http://leechor:7001/contacts/acegilogin.jsp DEBUG [AbstractIntegrationFilter.java::doFilter() 142]
- ContextHolder does not contain any authentication information DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
Authentication Processing Filter] doFilter called. . . DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
HTTP BASIC Authorization Filter] doFilter called. . . DEBUG [BasicProcessingFilter.java::doFilter() 153] -
Authorization header: null DEBUG [AbstractIntegrationFilter.java::doFilter() 114]
- Authentication not added to ContextHolder (could not extract an
authentication object from the container which is an instance of
Authentication) DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
HTTP Request Security Filter] doFilter called. . . DEBUG
[RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes() 132] -
Converted URL to lowercase, from: 'Http Request: /contacts/acegilogin.jsp'; to:
'/acegilogin.jsp' DEBUG
[RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes() 144] -
Candidate is: '/acegilogin.jsp'; pattern is \A/secure/super.*\Z; matched=false DEBUG [RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes()
144] - Candidate is: '/acegilogin.jsp'; pattern is \A/secure/.*\Z;
matched=false DEBUG [AbstractSecurityInterceptor.java::interceptor() 346]
- Public object - authentication not attempted DEBUG [SecurityEnforcementFilter.java::doFilter() 168]
- Chain processed normally DEBUG [AbstractIntegrationFilter.java::doFilter() 142]
- ContextHolder does not contain any authentication information DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
Authentication Processing Filter] doFilter called. . . DEBUG [AbstractProcessingFilter.java::doFilter() 212]
- Request is to process authentication DEBUG [ProviderManager.java::authenticate() 123] -
Authentication attempt using
net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider INFO [LoggerListener.java::onApplicationEvent() 69]
- Authentication success for user: marissa; details: 192.168.1.102 DEBUG [AbstractProcessingFilter.java::doFilter() 238]
- Authentication success:
[EMAIL PROTECTED]:
Username: marissa; Password: [PROTECTED]; Authenticated: false; Details: null;
Granted Authorities: ROLE_TELLER, ROLE_SUPERVISOR DEBUG [AbstractProcessingFilter.java::doFilter() 253]
- Redirecting to target URL from HTTP Session (or default):
http://leechor:7001/contacts/secure/index.htm DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
Authentication Processing Filter] doFilter called. . . DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
HTTP BASIC Authorization Filter] doFilter called. . . DEBUG [BasicProcessingFilter.java::doFilter() 153] -
Authorization header: null DEBUG [AbstractIntegrationFilter.java::doFilter() 93]
- Authentication added to ContextHolder from container DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
HTTP Request Security Filter] doFilter called. . . DEBUG
[RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes() 132] -
Converted URL to lowercase, from: 'Http Request: /contacts/secure/index.htm';
to: '/secure/index.htm' DEBUG [RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes()
144] - Candidate is: '/secure/index.htm'; pattern is \A/secure/super.*\Z;
matched=false DEBUG
[RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes() 144] -
Candidate is: '/secure/index.htm'; pattern is \A/secure/.*\Z; matched=true DEBUG [AbstractSecurityInterceptor.java::interceptor() 273]
- Secure object: FilterInvocation: URL: /secure/index.htm;
ConfigAttributes: [ROLE_SUPERVISOR, ROLE_TELLER] DEBUG [ProviderManager.java::authenticate() 123] -
Authentication attempt using
net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider INFO [LoggerListener.java::onApplicationEvent() 69]
- Authentication success for user: marissa; details: null DEBUG [AbstractSecurityInterceptor.java::interceptor() 297]
- Authenticated:
[EMAIL PROTECTED]:
Username: marissa; Password: [PROTECTED]; Authenticated: true; Details: null;
Granted Authorities: ROLE_TELLER, ROLE_SUPERVISOR DEBUG [AbstractSecurityInterceptor.java::interceptor() 305]
- Authorization successful DEBUG [AbstractSecurityInterceptor.java::interceptor() 314]
- RunAsManager did not change Authentication object DEBUG [AbstractSecurityInterceptor.java::interceptor() 273]
- Secure object: Invocation: method=[public abstract
sample.contact.Contact[]
sample.contact.ContactManager.getAllByOwner(java.lang.String)]
args=[Ljava.lang.Object;@18651db] target is of class [sample.contact.ContactManagerFacade];
ConfigAttributes: [CONTACT_OWNED_BY_CURRENT_USER, RUN_AS_SERVER] DEBUG [ProviderManager.java::authenticate() 123] -
Authentication attempt using
net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider INFO [LoggerListener.java::onApplicationEvent() 69]
- Authentication success for user: marissa; details: null DEBUG [AbstractSecurityInterceptor.java::interceptor() 297]
- Authenticated:
[EMAIL PROTECTED]:
Username: marissa; Password: [PROTECTED]; Authenticated: true; Details: null;
Granted Authorities: ROLE_TELLER, ROLE_SUPERVISOR DEBUG [AbstractSecurityInterceptor.java::interceptor() 305]
- Authorization successful DEBUG [AbstractSecurityInterceptor.java::interceptor() 321]
- Switching to RunAs Authentication:
[EMAIL PROTECTED]: Username: marissa; Password:
[PROTECTED]; Authenticated: true; Details: null; Granted Authorities:
ROLE_RUN_AS_SERVER, ROLE_TELLER, ROLE_SUPERVISOR; Original Class:
net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken DEBUG [AbstractSecurityInterceptor.java::interceptor() 273]
- Secure object: Invocation: method=[public abstract
sample.contact.Contact[] sample.contact.ContactManager.getAllByOwner(java.lang.String)]
args=[Ljava.lang.Object;@c7da23] target is of class
[sample.contact.ContactManagerBackend]; ConfigAttributes: [ROLE_RUN_AS_SERVER] DEBUG [ProviderManager.java::authenticate() 123] -
Authentication attempt using net.sf.acegisecurity.runas.RunAsImplAuthenticationProvider DEBUG [AbstractSecurityInterceptor.java::interceptor() 297]
- Authenticated: [EMAIL PROTECTED]:
Username: marissa; Password: [PROTECTED]; Authenticated: true; Details: null;
Granted Authorities: ROLE_RUN_AS_SERVER, ROLE_TELLER, ROLE_SUPERVISOR; Original
Class: net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken DEBUG [AbstractSecurityInterceptor.java::interceptor() 305]
- Authorization successful DEBUG [AbstractSecurityInterceptor.java::interceptor() 314]
- RunAsManager did not change Authentication object DEBUG [AbstractSecurityInterceptor.java::interceptor() 336]
- Reverting to original Authentication:
[EMAIL PROTECTED]:
Username: marissa; Password: [PROTECTED]; Authenticated: true; Details: null;
Granted Authorities: ROLE_TELLER, ROLE_SUPERVISOR DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
Authentication Processing Filter] doFilter called. . . DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
HTTP BASIC Authorization Filter] doFilter called. . . DEBUG [BasicProcessingFilter.java::doFilter() 153] -
Authorization header: null DEBUG [AbstractIntegrationFilter.java::doFilter() 93]
- Authentication added to ContextHolder from container DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
HTTP Request Security Filter] doFilter called. . . DEBUG
[RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes() 132] -
Converted URL to lowercase, from: 'Http Request:
/contacts/WEB-INF/jsp/index.jsp'; to: '/web-inf/jsp/index.jsp' DEBUG
[RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes() 144] -
Candidate is: '/web-inf/jsp/index.jsp'; pattern is \A/secure/super.*\Z;
matched=false DEBUG [RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes()
144] - Candidate is: '/web-inf/jsp/index.jsp'; pattern is \A/secure/.*\Z;
matched=false DEBUG [AbstractSecurityInterceptor.java::interceptor() 346]
- Public object - authentication not attempted DEBUG [AbstractSecurityInterceptor.java::interceptor() 357]
- Authentication object detected and tagged as unauthenticated DEBUG [SecurityEnforcementFilter.java::doFilter() 168]
- Chain processed normally DEBUG [AbstractIntegrationFilter.java::doFilter() 126]
- Updating container with new Authentication object, and then removing
Authentication from ContextHolder DEBUG [SecurityEnforcementFilter.java::doFilter() 168]
- Chain processed normally DEBUG [AbstractIntegrationFilter.java::doFilter() 126] -
Updating container with new Authentication object, and then removing
Authentication from ContextHolder DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
Authentication Processing Filter] doFilter called. . . DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
HTTP BASIC Authorization Filter] doFilter called. . . DEBUG [BasicProcessingFilter.java::doFilter() 153] -
Authorization header: null DEBUG [AbstractIntegrationFilter.java::doFilter() 114]
- Authentication not added to ContextHolder (could not extract an
authentication object from the container which is an instance of
Authentication) DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
HTTP Request Security Filter] doFilter called. . . DEBUG [RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes()
132] - Converted URL to lowercase, from: 'Http Request:
/contacts/secure/add.htm'; to: '/secure/add.htm' DEBUG
[RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes() 144] -
Candidate is: '/secure/add.htm'; pattern is \A/secure/super.*\Z; matched=false DEBUG
[RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes() 144] -
Candidate is: '/secure/add.htm'; pattern is \A/secure/.*\Z; matched=true DEBUG [AbstractSecurityInterceptor.java::interceptor() 273]
- Secure object: FilterInvocation: URL: /secure/add.htm;
ConfigAttributes: [ROLE_SUPERVISOR, ROLE_TELLER] DEBUG [SecurityEnforcementFilter.java::doFilter() 191]
- Authentication failed - adding target URL to Session:
http://leechor:7001/contacts/secure/add.htm DEBUG
[AuthenticationProcessingFilterEntryPoint.java::commence() 176] -
Redirecting to: http://leechor:7001/contacts/acegilogin.jsp DEBUG [AbstractIntegrationFilter.java::doFilter() 126]
- Updating container with new Authentication object, and then removing
Authentication from ContextHolder DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
Authentication Processing Filter] doFilter called. . . DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
HTTP BASIC Authorization Filter] doFilter called. . . DEBUG [BasicProcessingFilter.java::doFilter() 153] -
Authorization header: null DEBUG [AbstractIntegrationFilter.java::doFilter() 114]
- Authentication not added to ContextHolder (could not extract an
authentication object from the container which is an instance of
Authentication) DEBUG [FilterToBeanProxy.java::doFilter() 56] - [Acegi
HTTP Request Security Filter] doFilter called. . . DEBUG
[RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes() 132] -
Converted URL to lowercase, from: 'Http Request: /contacts/acegilogin.jsp'; to:
'/acegilogin.jsp' DEBUG
[RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes() 144] -
Candidate is: '/acegilogin.jsp'; pattern is \A/secure/super.*\Z; matched=false DEBUG [RegExpBasedFilterInvocationDefinitionMap.java::lookupAttributes()
144] - Candidate is: '/acegilogin.jsp'; pattern is \A/secure/.*\Z;
matched=false DEBUG [AbstractSecurityInterceptor.java::interceptor() 346]
- Public object - authentication not attempted DEBUG [SecurityEnforcementFilter.java::doFilter() 168]
- Chain processed normally DEBUG [AbstractIntegrationFilter.java::doFilter() 126]
- Updating container with new Authentication object, and then removing
Authentication from ContextHolder |