permaculture playing cards*
The moose likes Spring and the fly likes login form with database and spring security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "login form with database and spring security " Watch "login form with database and spring security " New topic
Author

login form with database and spring security

everson santos
Ranch Hand

Joined: Jul 11, 2009
Posts: 50
My login doesn't work, I don't know why. When I type login and password redirect to fail.jsp page, no exception happen.

I think the problem can be below. I changed the select for a wrong name like jjjj=? and nothing happened

<bean id="authenticationDao" class="org.springframework.security.userdetails.jd bc.JdbcDaoImpl">
<property name="dataSource" ref="dataSource" />
<property name="usersByUsernameQuery">
<value>
SELECT user, password FROM users WHERE jjjj=? (jjjj doesn't exist in database)
</value>
</property>
</bean>




I'm using spring 2.5.6 and springseccurity 2.0.4. Can anyone help me?

----------------------------------------------------------------
web.xml

<!-- spring configuration -->
<listener>
<listener-class> org.springframework.web.context.ContextLoaderListe ner</listener-class>
</listener>
<servlet>
<servlet-name>Spring MVC Dispatcher Servlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherSe rvlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/applicationContext.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>

<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFil terProxy</filter-class>
</filter>

<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<filter>
<filter-name>authenticationProcessingFilter</filter-name>
<filter-class>org.springframework.security.ui.webapp.Authe nticationProcessingFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>authenticationProcessingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
---------------------------------------------------------------------------------------------------------------------------------------
applicationContext.xml

<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverM anagerDataSource">
<property name="driverClassName" value="com.mysql.jdbc.Driver" />
<property name="url" value="jdbc:mysql://localhost/apress" />
<property name="username" value="root" />
<property name="password" value="root" />
</bean>

---------------------------------------------------------------------------------------------------------------------------------------
springSecurityContext.xml

<security:http>
<security:intercept-url pattern="/secure.jsp" access="ROLE_ADMIN" />
<security:form-login login-page="/index.jsp" authentication-failure-url="/fail.jsp" />
<security:logout logout-success-url="/logout.jsp" />
</security:http>

<security:authentication-provider>
<security:jdbc-user-service data-source-ref="dataSource" />
</security:authentication-provider>

<bean id="authenticationDao" class="org.springframework.security.userdetails.jd bc.JdbcDaoImpl">
<property name="dataSource" ref="dataSource" />
<property name="usersByUsernameQuery">
<value>
SELECT user, password FROM users WHERE user=? <!-- I changed for a wrong name like jjjj=? and nothing happened -->
</value>
</property>
</bean>

<bean id="authenticationProvider" class="org.springframework.security.providers.dao. DaoAuthenticationProvider">
<property name="userDetailsService" ref="authenticationDao" />
</bean>


<bean id="authenticationManager" class="org.springframework.security.providers.Prov iderManager">
<property name="providers">
<list>
<ref bean="authenticationProvider" />
</list>
</property>
</bean>

<bean id="authenticationEntryPoint" class="org.springframework.security.ui.webapp.Auth enticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/index.jsp" />
</bean>

<bean id="authenticationProcessingFilter" class="org.springframework.security.ui.webapp.Auth enticationProcessingFilter">
<property name="filterProcessesUrl" value="/j_spring_security_check" />
<property name="authenticationFailureUrl" value="/fail.jsp" />
<property name="defaultTargetUrl" value="/secure.jsp" />
<property name="authenticationManager" ref="authenticationManager" />
</bean>
Eduardo Bueno
Ranch Hand

Joined: Jun 04, 2009
Posts: 155
Where is your transaction manager?
everson santos
Ranch Hand

Joined: Jul 11, 2009
Posts: 50
Hi, I'm using hibernate.


can i do authentication with hibernate, instead jdbc ?

----------------------------
applicationContext.xml
---------------------------


<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-2.5.xsd"
default-lazy-init="true">

<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName" value="com.mysql.jdbc.Driver" />
<property name="url" value="jdbc:mysql://localhost/apress" />
<property name="username" value="root" />
<property name="password" value="root" />
</bean>


<!-- START Load application properties -->
<bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="location">
<value>WEB-INF/hibApplication.properties</value>
</property>
</bean>
<!-- END Load application properties -->




<bean id="sessionFactory" class="org.springframework.orm.hibernate3.annotation.AnnotationSessionFactoryBean">
<property name="annotatedClasses">
<list>
<value>br.com.efficens.domain.Contato</value>
</list>
</property>
<property name="hibernateProperties">
<props>
<prop key="hibernate.show_sql">${hibernate.show_sql}</prop>
<prop key="hibernate.format_sql">${hibernate.format_sql}</prop>
<prop key="hibernate.transaction.factory_class">${hibernate.transaction.factory_class}</prop>
<prop key="hibernate.dialect">${hibernate.dialect}</prop>
<prop key="hibernate.c3p0.min_size">${hibernate.c3p0.min_size}</prop>
<prop key="hibernate.c3p0.max_size">${hibernate.c3p0.max_size}</prop>
<prop key="hibernate.c3p0.timeout">${hibernate.c3p0.timeout}</prop>
<prop key="hibernate.c3p0.max_statements">${hibernate.c3p0.max_statements}</prop>
<prop key="hibernate.connection.driver_class">${jdbc.driverClassName}</prop>
<prop key="hibernate.connection.url">${jdbc.url}</prop>
<prop key="hibernate.connection.username">${jdbc.username} </prop>
<prop key="hibernate.connection.password">${jdbc.password} </prop>
</props>
</property>
</bean>




<tx:annotation-driven transaction-manager="txManager" />
<bean id="txManager" class="org.springframework.orm.hibernate3.HibernateTransactionManager">
<property name="sessionFactory">
<ref local="sessionFactory" />
</property>
</bean>


<!-- moves the responsibility of checking for a dependency-injected value to the container -->
<bean class="org.springframework.beans.factory.annotation.RequiredAnnotationBeanPostProcessor" />



<bean id="contatoDao" class="br.com.efficens.dao.ContatoDaoImpl">
<property name="sessionFactory" ref="sessionFactory" />
</bean>




<bean id="contatoService" class="br.com.efficens.services.ContatoServiceImpl">
<property name="contatoDao">
<ref bean="contatoDao" />
</property>
</bean>


<bean id="securityService" class="br.com.efficens.springsecurity.services.SecurityServiceImpl"/>


</beans>
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
 
subject: login form with database and spring security