Multiple authentication providers: /j_spring_security_check and social login
Question
I have a problem with my security xml configuration. I am not able to access the username and password from my login form for local login (social login works fine)
In very short: When the user submits the login form, the first emergence into my code is in UserDetailService
public SpringSecurityLocalUser loadUserByUsername(final String userId) throws UsernameNotFoundException
where userId is an empty String. Thus no way to authenticate. How do I get access to username and password? Adviice would be much appreciated
UPDATE I am now quite confident the issue is due to my need for a seond authentication provider. (ie, one local as well as one social). But not sure how to configure this
security_applicationContext.xml
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:security="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd"> <security:http use-expressions="true" entry-point-ref="appAuthenticationEntryPoint"> <security:intercept-url pattern="/login" access="permitAll()" /> <security:intercept-url pattern="/flow-entry.html" access="hasRole('ROLE_USER')"/> <security:intercept-url pattern="/flow-jobpostdata.html" access="permitAll()"/> <security:intercept-url pattern="/flow-jobpostdata_anydegree.html" access="permitAll()"/> <security:intercept-url pattern="/j_spring_security_check" access="permitAll()"/> <!-- Adds social authentication filter to the Spring Security filter chain. --> <security:custom-filter before="PRE_AUTH_FILTER" ref="socialAuthenticationFilter"/> <security:custom-filter position="FORM_LOGIN_FILTER" ref="SecurityAuthFilter"/> </security:http> <!-- authentication manager and its provider( social provider deals with social login & local user provider deals with form login ) --> <security:authentication-manager alias="authenticationManager"> <security:authentication-provider ref="socialAuthenticationProvider"/> <security:authentication-provider user-service-ref="localUserDetailService"/> </security:authentication-manager> <bean id="socialAuthenticationProvider" class="org.springframework.social.security.SocialAuthenticationProvider"> <constructor-arg ref="inMemoryUsersConnectionRepository"/> <constructor-arg ref="socialUserDetailService"/> </bean> <bean id="appAuthenticationEntryPoint" class=" jake.delivery.controller.welcome.AppAuthenticationEntryPoint"> <constructor-arg name="loginFormUrl" value="/login"/> <bean id="failureHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler"> <constructor-arg name="defaultFailureUrl" value="/services/accessdenied"/> </bean> <bean class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter" id="SecurityAuthFilter"> <property name="authenticationManager" ref="authenticationManager"/> <property name="authenticationSuccessHandler" ref="successHandler"/> <property name="authenticationFailureHandler" ref="failureHandler"/> <property name="filterProcessesUrl" value="/j_spring_security_check"/> <property name="rememberMeServices" ref="rememberMeServices"/ </bean> <!-- social login filter which is a pre authentication filter and works for /auth service url --> <bean id="socialAuthenticationFilter" class="org.springframework.social.security.SocialAuthenticationFilter"> <constructor-arg name="authManager" ref="authenticationManager"/> <constructor-arg name="userIdSource" ref="userIdSource"/> <constructor-arg name="usersConnectionRepository" ref="inMemoryUsersConnectionRepository"/> <constructor-arg name="authServiceLocator" ref="appSocialAuthenticationServiceRegistry"/> <property name="authenticationSuccessHandler" ref="successHandler"/> </bean> <!-- inmemory connection repository which holds connection repository per local user --> <bean id="inMemoryUsersConnectionRepository" class="org.springframework.social.connect.mem.InMemoryUsersConnectionRepository"> <constructor-arg name="connectionFactoryLocator" ref="appSocialAuthenticationServiceRegistry"/> <property name="connectionSignUp" ref="connectionSignUp"/> </bean> <!-- service registry will holds connection factory of each social provider--> <bean id="appSocialAuthenticationServiceRegistry" class="jake.delivery.controller.welcome.AppSocialAuthenticationServiceRegistry"> <constructor-arg> <list> <ref bean="facebookAuthenticationService"/> </list> </constructor-arg> </bean> <bean id="facebookAuthenticationService" class="org.springframework.social.facebook.security.FacebookAuthenticationService"> <constructor-arg name="apiKey" value="xxxxxxx"/> <constructor-arg name="appSecret" value="xxxxxx"/> </bean> <bean id="userIdSource" class="org.springframework.social.security.AuthenticationNameUserIdSource"/> <bean id="connectionSignUp" class="jake.delivery.controller.welcome.AppConnectionSignUp"/> </beans>
UserDetailService implementation
package jake.prototype2.service.loginservices;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import jake.prototype2.model.structure.SSm;
public class LocalUserDetailService implements UserDetailsService {
public LocalUserDetailService()
{
SSm.getLogger().debug("init" );
}
@Override
@Transactional
public SpringSecurityLocalUser loadUserByUsername(final String userId) throws UsernameNotFoundException
{
SSm.getLogger().debug(this.getClass().getName()+"\n\n\n\n\n I don't do anything yet\n\n\n\n\n\n",new Exception());
SSm.getLogger().debug("userId" + userId);
throw new UsernameNotFoundException(" fork me sideways ");
}
}
Stacktrace. Although there has been no exception, I captured the stacktrace for reference purposes.
java.lang.Exception at jake.prototype2.service.loginservices.LocalUserDetailService.loadUserByUsername(LocalUserDetailService.java:32) at jake.prototype2.service.loginservices.LocalUserDetailService.loadUserByUsername(LocalUserDetailService.java:16) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:497) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:302) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99) at org.springframew ork.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:281) at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:208) at com.sun.proxy.$Proxy50.loadUserByUsername(Unknown Source) at org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:114) at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:144) at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:174) at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthe nticationFilter.java:94) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:124) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66) at org.springframework.web.filter.OncePerRequestFilter.doFilter (OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFil terProxy.java:346) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:121) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) at org.apache.catalina.core. StandardHostValve.invoke(StandardHostValve.java:142) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:673) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1526) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1482) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.ja va:61) at java.lang.Thread.run(Thread.java:745)
1 answers
solution1
1 ACCPTED 2016-09-28 17:29:14
The issue was actually to do with requiring multiple authentication providers.
It turns out that only one line of configuration was missing:
<!-- authentication manager and its provider( social provider deals with social login & local user provider deals with form login ) -->
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="socialAuthenticationProvider"/>
<security:authentication-provider ref="customAuthenticationProvider" />
<security:authentication-provider user-service-ref="localUserDetailService"/>
</security:authentication-manager>
<bean id="customAuthenticationProvider" class="jake.delivery.controller.welcome.CustomAuthenticationProvider">
<property name="auService" ref="auService" />
</bean>
I needed to add an additional line to authentication-manager for customAuthenticationProvider .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.