I am using the sample code to authenticate with Google App Engine and I can't get Spring to Redirect to my registration page without getting a 403 error.
Here is the stack trace of the error.
21:13:34,576 DEBUG [org.springframework.security.web.util.matcher.AntPathRequestMatcher] - Checking match of request : '/home.jsp'; against '/register.jsp*'
21:13:34,576 DEBUG [org.springframework.security.web.access.intercept.FilterSecurityInterceptor] - Secure object: FilterInvocation: URL: /home.jsp; Attributes: [hasRole('USER')]
21:13:34,576 DEBUG [org.springframework.security.web.access.intercept.FilterSecurityInterceptor] - Secure object: FilterInvocation: URL: /home.jsp; Attributes: [hasRole('USER')]
21:13:34,576 DEBUG [org.springframework.security.web.access.intercept.FilterSecurityInterceptor] - Previously Authenticated: GaeUserAuthentication{principal=GaeUser{userId='185804764220139124118', nickname='test@example.com', forename='null', surname='null', authorities=[NEW_USER], email=test@example.com}, isEnabled=true}, details=org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null, authenticated=true}
21:13:34,576 DEBUG [org.springframework.security.web.access.intercept.FilterSecurityInterceptor] - Previously Authenticated: GaeUserAuthentication{principal=GaeUser{userId='185804764220139124118', nickname='test@example.com', forename='null', surname='null', authorities=[NEW_USER], email=test@example.com}, isEnabled=true}, details=org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null, authenticated=true}
21:13:34,584 DEBUG [org.springframework.security.access.vote.AffirmativeBased] - Voter: org.springframework.security.web.access.expression.WebExpressionVoter@415edbff, returned: -1
21:13:34,584 DEBUG [org.springframework.security.access.vote.AffirmativeBased] - Voter: org.springframework.security.web.access.expression.WebExpressionVoter@415edbff, returned: -1
21:13:34,586 DEBUG [org.springframework.security.web.access.ExceptionTranslationFilter] - Access is denied (user is not anonymous); delegating to AccessDeniedHandler
Here is my
applicationContext-security.xml
<?xml version="1.0" encoding="UTF-8"?>
<b:beans xmlns="http://www.springframework.org/schema/security"
xmlns:b="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
<http pattern="/favicon.ico" security="none" />
<http pattern="/loggedout.jsp" security="none" />
<http pattern="/disabled.jsp" security="none" />
<http pattern="/_ah/**" security="none" />
<http pattern="/landing.jsp" security="none"></http>
<http pattern="/register.jsp" security="none"/>
<http use-expressions="true" entry-point-ref="gaeEntryPoint">
<intercept-url pattern="/" access="permitAll" />
<intercept-url pattern="/logout.jsp" access="permitAll" />
<intercept-url pattern="/register.jsp*" access="hasRole('NEW_USER')"/>
<intercept-url pattern="/**" access="hasRole('USER')" />
<intercept-url pattern="/_ah/**" access="permitAll"/>
<custom-filter position="PRE_AUTH_FILTER" ref="gaeFilter" />
</http>
<b:bean id="gaeEntryPoint"
class="com.principalmvl.lojackmykids.authentication.GoogleAccountsAuthenticationEntryPoint" />
<b:bean id="gaeFilter"
class="com.principalmvl.lojackmykids.authentication.GaeAuthenticationFilter">
<b:property name="authenticationManager" ref="authenticationManager" />
<b:property name="failureHandler">
<b:bean
class="org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler">
<b:property name="exceptionMappings">
<b:map>
<b:entry
key="org.springframework.security.authentication.DisabledException"
value="/disabled.jsp" />
</b:map>
</b:property>
</b:bean>
</b:property>
</b:bean>
<authentication-manager alias="authenticationManager">
<authentication-provider ref="gaeAuthenticationProvider" />
</authentication-manager>
<b:bean id="gaeAuthenticationProvider"
class="com.principalmvl.lojackmykids.authentication.GoogleAccountsAuthenticationProvider">
<b:property name="userRegistry" ref="userRegistry" />
</b:bean>
<b:bean id="userRegistry"
class="com.principalmvl.lojackmykids.datautilities.GaeDatastoreUserRegistry" />
<b:bean id="loggerListener"
class="org.springframework.security.authentication.event.LoggerListener" />
The register.jsp page has NEW_USER as a role for that authenticated user.
Can someone tell me what I'm doing wrong?
I think the HTTP is missing <security:access-denied-handler ref="accessDeniedHandler" />
and its implemetation <bean id="accessDeniedHandler" class="com.ddd.AccessDeniedHandler"> <property name="strAccessDeniedUrl" value="access_denied_login.jsp" /> </bean>
you need to extend AccessDeniedHandler class to handle your logic
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.