This week's book giveaway is in the HTML Pages with CSS and JavaScript forum.
We're giving away four copies of Testing JavaScript Applications and have Lucas da Costa on-line!
See this thread for details.
Win a copy of Testing JavaScript Applications this week in the HTML Pages with CSS and JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Liutauras Vilda
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • fred rosenberger
  • salvin francis
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Carey Brown

BadCredentialsException after migrating to Spring Security 3.1

 
Greenhorn
Posts: 12
Spring Tomcat Server Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have recently upgraded to spring-security-xxx-3.1.0 from 3.0.5.
In 3.0.5, i was using filters=none tag in the intercept-url tag for unprotecting urls.
Since it is not availible now in 3.1, i had to modify my security config xml to use security=none and it now looks as below :-




At app startup, the login page shows up. User Enters details. Login is successful. home.action is displayed.
I try browsing in the application, trying any other secured xyz.action. The application logs out automatically, with login page being shown.

The error stack trace i get from Spring is as below :-



Any pointers as to what i am doing wrong. ?
Not much help available on the web for 3.1. I am thinking of going back to 3.0.5.

Regards,
Darshan Shroff
http://in.linkedin.com/in/darshanshroff
 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Did you find a way to work around this issue?
 
Darshan Shroff
Greenhorn
Posts: 12
Spring Tomcat Server Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I see my application is still running on 3.0.5. So i probably gave up after trying for a couple of hours.

 
Bartender
Posts: 1682
7
Android Mac OS X IntelliJ IDE Spring Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
From the Spring Security doc

´╗┐The use of multiple <http> elements is an important feature, allowing the namespace to simultaneously support both stateful and stateless paths within the same application, for example. The previous syntax, using the attribute filters="none" on an intercept-url element is incompatible with this change and is no longer supported in 3.1.



Read the below link for more details:
http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html#ns-form-and-basic

also a post here on the same:
http://raibledesigns.com/rd/tags/spring

Try adding a * after your patterns



also for the login page you can try adding a intercept URL for it although I don't think you should have to do this.



 
I want my playground back. Here, I'll give you this tiny ad for it:
Thread Boost feature
https://coderanch.com/t/674455/Thread-Boost-feature
    Bookmark Topic Watch Topic
  • New Topic