Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
The moose likes Spring and the fly likes login form with database and spring security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "login form with database and spring security " Watch "login form with database and spring security " New topic
Author

login form with database and spring security

everson santos
Ranch Hand

Joined: Jul 11, 2009
Posts: 50
My login doesn't work, I don't know why. When I type login and password redirect to fail.jsp page, no exception happen.

I think the problem can be below. I changed the select for a wrong name like jjjj=? and nothing happened

<bean id="authenticationDao" class="org.springframework.security.userdetails.jd bc.JdbcDaoImpl">
<property name="dataSource" ref="dataSource" />
<property name="usersByUsernameQuery">
<value>
SELECT user, password FROM users WHERE jjjj=? (jjjj doesn't exist in database)
</value>
</property>
</bean>




I'm using spring 2.5.6 and springseccurity 2.0.4. Can anyone help me?

----------------------------------------------------------------
web.xml

<!-- spring configuration -->
<listener>
<listener-class> org.springframework.web.context.ContextLoaderListe ner</listener-class>
</listener>
<servlet>
<servlet-name>Spring MVC Dispatcher Servlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherSe rvlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/applicationContext.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>

<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFil terProxy</filter-class>
</filter>

<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<filter>
<filter-name>authenticationProcessingFilter</filter-name>
<filter-class>org.springframework.security.ui.webapp.Authe nticationProcessingFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>authenticationProcessingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
---------------------------------------------------------------------------------------------------------------------------------------
applicationContext.xml

<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverM anagerDataSource">
<property name="driverClassName" value="com.mysql.jdbc.Driver" />
<property name="url" value="jdbc:mysql://localhost/apress" />
<property name="username" value="root" />
<property name="password" value="root" />
</bean>

---------------------------------------------------------------------------------------------------------------------------------------
springSecurityContext.xml

<security:http>
<security:intercept-url pattern="/secure.jsp" access="ROLE_ADMIN" />
<security:form-login login-page="/index.jsp" authentication-failure-url="/fail.jsp" />
<security:logout logout-success-url="/logout.jsp" />
</security:http>

<security:authentication-provider>
<security:jdbc-user-service data-source-ref="dataSource" />
</security:authentication-provider>

<bean id="authenticationDao" class="org.springframework.security.userdetails.jd bc.JdbcDaoImpl">
<property name="dataSource" ref="dataSource" />
<property name="usersByUsernameQuery">
<value>
SELECT user, password FROM users WHERE user=? <!-- I changed for a wrong name like jjjj=? and nothing happened -->
</value>
</property>
</bean>

<bean id="authenticationProvider" class="org.springframework.security.providers.dao. DaoAuthenticationProvider">
<property name="userDetailsService" ref="authenticationDao" />
</bean>


<bean id="authenticationManager" class="org.springframework.security.providers.Prov iderManager">
<property name="providers">
<list>
<ref bean="authenticationProvider" />
</list>
</property>
</bean>

<bean id="authenticationEntryPoint" class="org.springframework.security.ui.webapp.Auth enticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/index.jsp" />
</bean>

<bean id="authenticationProcessingFilter" class="org.springframework.security.ui.webapp.Auth enticationProcessingFilter">
<property name="filterProcessesUrl" value="/j_spring_security_check" />
<property name="authenticationFailureUrl" value="/fail.jsp" />
<property name="defaultTargetUrl" value="/secure.jsp" />
<property name="authenticationManager" ref="authenticationManager" />
</bean>
Eduardo Bueno
Ranch Hand

Joined: Jun 04, 2009
Posts: 155
Where is your transaction manager?
everson santos
Ranch Hand

Joined: Jul 11, 2009
Posts: 50
Hi, I'm using hibernate.


can i do authentication with hibernate, instead jdbc ?

----------------------------
applicationContext.xml
---------------------------


<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-2.5.xsd"
default-lazy-init="true">

<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName" value="com.mysql.jdbc.Driver" />
<property name="url" value="jdbc:mysql://localhost/apress" />
<property name="username" value="root" />
<property name="password" value="root" />
</bean>


<!-- START Load application properties -->
<bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="location">
<value>WEB-INF/hibApplication.properties</value>
</property>
</bean>
<!-- END Load application properties -->




<bean id="sessionFactory" class="org.springframework.orm.hibernate3.annotation.AnnotationSessionFactoryBean">
<property name="annotatedClasses">
<list>
<value>br.com.efficens.domain.Contato</value>
</list>
</property>
<property name="hibernateProperties">
<props>
<prop key="hibernate.show_sql">${hibernate.show_sql}</prop>
<prop key="hibernate.format_sql">${hibernate.format_sql}</prop>
<prop key="hibernate.transaction.factory_class">${hibernate.transaction.factory_class}</prop>
<prop key="hibernate.dialect">${hibernate.dialect}</prop>
<prop key="hibernate.c3p0.min_size">${hibernate.c3p0.min_size}</prop>
<prop key="hibernate.c3p0.max_size">${hibernate.c3p0.max_size}</prop>
<prop key="hibernate.c3p0.timeout">${hibernate.c3p0.timeout}</prop>
<prop key="hibernate.c3p0.max_statements">${hibernate.c3p0.max_statements}</prop>
<prop key="hibernate.connection.driver_class">${jdbc.driverClassName}</prop>
<prop key="hibernate.connection.url">${jdbc.url}</prop>
<prop key="hibernate.connection.username">${jdbc.username} </prop>
<prop key="hibernate.connection.password">${jdbc.password} </prop>
</props>
</property>
</bean>




<tx:annotation-driven transaction-manager="txManager" />
<bean id="txManager" class="org.springframework.orm.hibernate3.HibernateTransactionManager">
<property name="sessionFactory">
<ref local="sessionFactory" />
</property>
</bean>


<!-- moves the responsibility of checking for a dependency-injected value to the container -->
<bean class="org.springframework.beans.factory.annotation.RequiredAnnotationBeanPostProcessor" />



<bean id="contatoDao" class="br.com.efficens.dao.ContatoDaoImpl">
<property name="sessionFactory" ref="sessionFactory" />
</bean>




<bean id="contatoService" class="br.com.efficens.services.ContatoServiceImpl">
<property name="contatoDao">
<ref bean="contatoDao" />
</property>
</bean>


<bean id="securityService" class="br.com.efficens.springsecurity.services.SecurityServiceImpl"/>


</beans>
 
 
subject: login form with database and spring security
 
Similar Threads
Struggling with Acegi authentication....
Authenticating in Spring Security with password and username in url
"Spring Security Application" Initiated by Apache
How to bypass spring secuirty setup for Javascript files and Struts2 ajax (DOJO) files?
Spring security and jsf Integration