Hi,
I'm also trying to get Spring security to work on GAE.
regarding your problem:
1. there is an issue with Spring Security 2.0.5 on GAE, you can find a
fix here:
http://www.google-app-engine.com/blog/post/Spring-security-fix-for-google-app-engine.aspx
2. I couldn't entirely substantiate it, but I read of a lot of
problems deployed GAE has with AOP (as opposed to Google development
environment on eclipse). maybe this has something to do with it as
well.
hope this helps a bit.
On Dec 24, 10:46 pm, "sulaimanmra...@googlemail.com"
<sulaimanmra...@googlemail.com> wrote:
> Hi,
>
> I've created a GAE web application using Spring 3.0 and Spring
> Security 2.0.5.
>
> After a little heartache and help from reading the posts on the forum,
> I managed to get it all working locally, with users able to register,
> validate their accounts via email and login in securely.
>
> When a user logs in, I wanted to make their details available across
> the site. I did this by creating an Interceptor, responsible for
> pulling the prinicipal from the Spring Security Authentication class
> (retrieved from the SecurityContextHolder) and then placing the object
> in the HttpServletRequest object. Below is a snippet of code from the
> interceptor.
>
> public void postHandle(
> HttpServletRequest request,
> HttpServletResponse response,
> Object handler,
> ModelAndView modelAndView) {
>
> try {
> Member member = securityContext.getMember();
> request.setAttribute("user", member);
>
> log.info("injecting user into request");
>
> } catch(SecurityRuntimeException e) {
> // do nothing - will be thrown if no user is logged in
> }
> }
>
> The user's information is wrapped in a 'Member' object, with the
> securityContext responsible for retrieving it from the
> SecurityContextHolder.
>
> Locally, on the GAE development environment, everything works fine!
> The interceptor correctly places the principal in the request and my
> JSP's can readily access it. However, when I deploy the application to
> the app engine, it does not appear to work. The logs have not provided
> any clue as to why the request does not appear to have the principal
> in it.
>
> Is there any reason why the interceptor would not work on the app
> engine? Or, is it ill-advised to add objects into the
> HttpServletRequest?
>
> I'm tearing my hair out with why it's not working, and it's the only
> thing within my application that isn't! So any help or advice offered
> is much appreciated. I'm hoping to have my code up in the Google Code
> repository so if anyone wants to have a look, they're more than
> welcome.
>
> Thanks!
> Sully
--
You received this message because you are subscribed to the Google Groups
"Google App Engine for Java" group.
To post to this group, send email to google-appengine-j...@googlegroups.com.
To unsubscribe from this group, send email to
google-appengine-java+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/google-appengine-java?hl=en.
