Spring security not able to find login url
Question
I have an existing web application. I am trying to integrate spring security with it. Something is wrong I the login url of spring security is not recognised after my application is deployed i can see no errors
org.springframework.security.web.DefaultSecurityFilterChain Creating filter chain: org.springframework.security.web.util.matcher.AnyRequestMatcher@1, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@71cc932, org.springframework.security.web.context.SecurityContextPersistenceFilter@71d35b4, org.springframework.security.web.header.HeaderWriterFilter@71d1f86, org.springframework.security.web.csrf.CsrfFilter@71d08b7, org.springframework.security.web.authentication.logout.LogoutFilter@71d4ca2, org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@71ceaed, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@71d4047, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@71cd7f9, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@71cfc0f, org.springframework.security.web.session.SessionManagementFilter@71d2ae9, org.springframework.security.web.access .ExceptionTranslationFilter@71d141a, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@71d5b32]
When I trying to login I am getting this
File not found: /j_spring_security_check at com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor._processEDR(DefaultExtensionProcessor.java:893) at com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor.processEDR(DefaultExtensionProcessor.java:874) at com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor.handleRequest(DefaultExtensionProcessor.java:434) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.invokeTarget(WebAppFilterChain.java:125) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:77) at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:926) at com.ibm.ws.webcontainer.filter.WebAppFilterManager.invokeFilters(WebAppFilterManager.java:1023) at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3703) at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:304) at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:962) at com.ibm.ws.webcontainer .WSWebContainer.handleRequest(WSWebContainer.java:1662) at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:195) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:452) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest(HttpInboundLink.java:511) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest(HttpInboundLink.java:305) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:276) at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214) at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113) at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165) at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217) at com.ibm.io.async.AsyncChannelFuture.f ireCompletionActions(AsyncChannelFuture.java:161) at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138) at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204) at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775) at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905) at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1659)
The Config file
@Configuration
@EnableWebMvcSecurity
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
JdbcTemplate jdbcTemp;
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
System.out.println("SecurityConfig.configAuthentication() - START");
auth.jdbcAuthentication().dataSource(jdbcTemp.getDataSource())
.usersByUsernameQuery(
"select id,pwd,'true' as enabled from scm_users where id=?")
.authoritiesByUsernameQuery(
"select id, 'default' from scm_users where id=?");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/admin/**").access("hasRole('ROLE_ADMIN')")
.and()
.formLogin().loginPage("/userLogin.htm").failureUrl("/userLogin.htm?error")
.usernameParameter("id").passwordParameter("pwd")
.and()
.logout().logoutSuccessUrl("/userLogin.htm?logout")
.and()
.exceptionHandling().accessDeniedPage("/403")
.and()
.csrf();
}
}
web.xml
<servlet>
<servlet-name>spring</servlet-name>
<servlet-class>
org.springframework.web.servlet.DispatcherServlet
</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>spring</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<error-page>
<error-code>404</error-code>
<location>/WEB-INF/pages/PageNotFound.jsp</location>
</error-page>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring-servlet.xml
</param-value>
</context-param>
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
in my spring-servlet, which is in web-inf folder. I don not have any application context so pointed to spring-servlet.xml. Is that correct.
Spring-servlet.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"........
<mvc:annotation-driven />
<context:annotation-config />
<context:component-scan base-package="org.ibm.idea.scm.*" />
<bean class="org.springframework.web.servlet.view.ContentNegotiatingViewResolver">
<property name="mediaTypes">
<map>
<entry key="html" value="text/html"/>
<entry key="json" value="application/json"/>
</map>
</property>
<property name="viewResolvers">
<list>
<bean class="org.springframework.web.servlet.view.UrlBasedViewResolver">
<property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/>
<property name="prefix" value="/WEB-INF/pages/" />
<property name="suffix" value=".jsp" />
</bean>
</list>
</property>
<property name="defaultViews">
<list>
<bean class="org.springframework.web.servlet.view.json.MappingJacksonJsonView">
<property name="prefixJson" value="true"/>
</bean>
</list>
</property>
</bean>
<bean id="portalDataSource" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="SCMDB" />
</bean>
<bean id="portalCRMDataSource" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="CRMDB"/>
</bean>
<!--
<bean id="portalDataSource" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="jndi/SCMDB" />
</bean>
<bean id="portalCRMDataSource" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="jndi/CRMDB"/>
</bean> -->
<bean id="jdbcTemp" class="org.springframework.jdbc.core.JdbcTemplate">
<property name="dataSource" ref="portalDataSource" />
</bean>
<bean id="jdbcTempCRM" class="org.springframework.jdbc.core.JdbcTemplate">
<property name="dataSource" ref="portalCRMDataSource" />
</bean>
<bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver" />
</beans>
The login jsp form
<form class="loginInput" class="col-md-4" action="<c:url value='/j_spring_security_check' />" method="post"> <div class="row"> <div class="col-lg-12"> <p> <b>Sign In</b> </p> </div> <div class="col-lg-12"> <input type="text" placeholder="User Name" name="id" class="form-control"> </div> <div class="col-lg-12"> <input type="password" placeholder="Password" name="pwd" class="form-control"> </div>
Please point out the mistake
Regards
Adeeb
3 answers
solution1
0 2015-10-28 06:34:07
This issue is related with Websphere Web Container. Please follow the following instructions
This information is available elsewhere, but to minimize the misery for anyone viewing this thread, the issue can be resolved as follows:
WAS must be at fixpack 6.1.0.11 or higher.
A custom property must be set on the web container so WAS will play nicely with filters that decide to commit a response instead of passing responsibility along to the next filter in the chain. com.ibm.ws.webcontainer.invokefilterscompatibility = true
More info on the bug and the fix available here:
http://www-01.ibm.com/support/docview.wss?uid=swg24014758
Set this property in the WebSphere admin console using directions available here:
http://www-01.ibm.com/support/docview.wss?rss=180&uid=swg21284395
Source .
solution2
0 2015-10-28 08:23:23
One suggestion is replace your loginPage("/userLogin.htm") by the RequestMapping that you had set in controller.
Hope it help.
EDIT
Try to add this in your xml config file:
<beans>
<context:annotation-config/>
<bean class="your.package.SecurityConfig"/>
</beans>
For more detail go to here .
solution3
0 2018-09-08 08:43:42
Replace this -> <c:url value='/j_spring_security_check' />" method="post">
with -> <c:url value='/YourAppName/j_spring_security_check' />" method="post">
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.