Hi Thanks for your response. I have added som lines regarding the spring security....my web.xml looks like this:
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns="http://java.sun.com/xml/ns/j2ee"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"; version="2.4"> <display-name>AppFuse Light</display-name> <!-- [INSERT FRAGMENT HERE] --> <!-- Define the basename for a resource bundle for I18N --> <context-param> <param-name>javax.servlet.jsp.jstl.fmt.localizationContext</param-name> <param-value>messages</param-value> </context-param> <filter> <filter-name>exportFilter</filter-name> <filter-class>org.displaytag.filter.ResponseOverrideFilter</filter-class> </filter> <!-- Enables Spring Security --> <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class> org.springframework.web.filter.DelegatingFilterProxy </filter-class> </filter> <filter> <filter-name>encodingFilter</filter-name> <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class> <init-param> <param-name>encoding</param-name> <param-value>UTF-8</param-value> </init-param> <init-param> <param-name>forceEncoding</param-name> <param-value>true</param-value> </init-param> </filter> <filter> <filter-name>messageFilter</filter-name> <filter-class>org.appfuse.web.MessageFilter</filter-class> </filter> <filter> <filter-name>sitemesh</filter-name> <filter-class>com.opensymphony.module.sitemesh.filter.PageFilter</filter-class> </filter> <context-param> <param-name>contextConfigLocation</param-name> <param-value>/WEB-INF/applicationContext*.xml,/WEB-INF/security.xml</param-value> </context-param> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>messageFilter</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> </filter-mapping> <filter-mapping> <filter-name>sitemesh</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> </filter-mapping> <filter-mapping> <filter-name>exportFilter</filter-name> <url-pattern>*.html</url-pattern> </filter-mapping> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> <servlet> <servlet-name>dispatcher</servlet-name> <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet> <servlet-name>dwr-invoker</servlet-name> <servlet-class>org.directwebremoting.servlet.DwrServlet</servlet-class> <init-param> <param-name>debug</param-name> <param-value>true</param-value> </init-param> </servlet> <servlet-mapping> <servlet-name>dispatcher</servlet-name> <url-pattern>*.html</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>dwr-invoker</servlet-name> <url-pattern>/dwr/*</url-pattern> </servlet-mapping> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> <error-page> <error-code>403</error-code> <location>/403.jsp</location> </error-page> <error-page> <error-code>404</error-code> <location>/404.jsp</location> </error-page> <error-page> <error-code>500</error-code> <location>/error.jsp</location> </error-page> </web-app> ---- Mike Horwitz wrote: > > Have you checked that web.xml has been changed to both load the > security.xml > config under Spring and that the necessary web filters are defined to get > Spring security working? > > Mike > > 2009/8/15 Floggin Molly <frank.rene.soren...@hotmail.com> > >> >> Hi >> >> I have downloaded appfuse light and installed the spring security module, >> default from under "extras" in the project. In short...this adds a simple >> security.xml file with two added users to try to login with. >> >> This contains the following security.xml: >> >> -------- <http auto-config="true" lowercase-comparisons="false"> >> <intercept-url pattern="/**/*.html*" >> access="ROLE_ADMIN,ROLE_USER"/> >> <form-login login-page="/login.jsp" >> authentication-failure-url="/login.jsp?error=true" >> login-processing-url="/j_security_check"/> >> <logout logout-url="/logout.jsp"/> >> </http> >> >> <authentication-provider> >> <password-encoder hash="sha"/> >> <user-service> >> <user name="user" >> password="12dea96fec20593566ab75692c9949596833adc9" >> authorities="ROLE_USER"/> >> <user name="admin" >> password="d033e22ae348aeb5660fc2140aec35850c4da997" >> authorities="ROLE_ADMIN"/> >> </user-service> >> </authentication-provider> >> >> <global-method-security> >> <protect-pointcut expression="execution(* >> *..service.UserManager.removeUser(..))" access="ROLE_ADMIN"/> >> </global-method-security> ------------------------ >> >> To obtain database check of user/password, I have changed this to the >> following: >> >> ---------------------<http auto-config="true" >> lowercase-comparisons="false"> >> <intercept-url pattern="/**/*.html*" >> access="ROLE_ADMIN,ROLE_USER" /> >> <form-login login-page="/login.jsp" >> authentication-failure-url="/login.jsp?error=true" >> login-processing-url="/j_security_check" /> >> <logout logout-url="/logout.jsp" /> >> </http> >> >> <authentication-provider user-service-ref="userService" /> >> >> <jdbc-user-service id="userService" data-source-ref="securityDataSource" >> authorities-by-username-query="select username,authority from authorities >> where username=?"/> >> >> >> <beans:bean id="securityDataSource" >> class="org.springframework.jdbc.datasource.DriverManagerDataSource"> >> <beans:property name="driverClassName" value="com.mysql.jdbc.Driver" >> /> >> <beans:property name="url" value="jdbc:mysql://localhost:3306/adhocit" >> /> >> <beans:property name="username" value="root" /> >> <beans:property name="password" value="" /> >> </beans:bean> --------------- >> >> Where I try to connect to a mysql database with the following tables >> added: >> >> CREATE DATABASE `finansak_adhoc` /*!40100 DEFAULT CHARACTER SET latin1 >> */; >> >> //CREATE TABLE `finansak_adhoc`.`authorities` (`username` varchar(50) >> NOT >> NULL,`authority` varchar(50) NOT NULL, KEY `fk_authorities_users` >> (`username`), CONSTRAINT `fk_authorities_users` FOREIGN KEY (`username`) >> REFERENCES `users` (`username`)); >> >> //CREATE TABLE `finansak_adhoc`.`users` (`username` varchar(50) NOT >> NULL,`password` varchar(50) NOT NULL,`enabled` bit(1) NOT NULL, PRIMARY >> KEY >> (`username`)); >> >> >> And added user with passwords... >> >> >> BUT, my application just seems to ignore this setup.... >> >> Does anyone have any idea about what could be wrong?? >> >> I would be grateful for any help. >> >> >> Best regards >> >> Frank >> -- >> View this message in context: >> http://www.nabble.com/Appfuse-light---add-spring-security---database-authentication-problem-tp24983690s2369p24983690.html >> Sent from the AppFuse - User mailing list archive at Nabble.com. >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net >> For additional commands, e-mail: users-h...@appfuse.dev.java.net >> >> > > -- View this message in context: http://www.nabble.com/Appfuse-light---add-spring-security---database-authentication-problem-tp24983690s2369p24997978.html Sent from the AppFuse - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net For additional commands, e-mail: users-h...@appfuse.dev.java.net
