Spring security - resource j_spring_security_check not avaiable -


i trying build spring based web application , start configuring simple authentication system based on username & password tuples stored in database table.

it understanding can achieved using spring security, cannot work.

the following web.xml file.

<?xml version="1.0" encoding="utf-8"?> <web-app     version="2.5"     xmlns="http://java.sun.com/xml/ns/javaee"     xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"     xsi:schemalocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">      <servlet>         <servlet-name>servlet</servlet-name>         <servlet-class>org.springframework.web.servlet.dispatcherservlet</servlet-class>         <init-param>             <param-name>contextconfiglocation</param-name>             <param-value>/web-inf/spring/servlet/servlet-context.xml</param-value>         </init-param>         <load-on-startup>1</load-on-startup>     </servlet>      <servlet-mapping>         <servlet-name>servlet</servlet-name>         <url-pattern>/</url-pattern>     </servlet-mapping>

follows servlet-context.xml file. bob , sam users there testing purposes. after right switch jdbc based user service.

<?xml version="1.0" encoding="utf-8"?> <beans      xmlns="http://www.springframework.org/schema/beans"     xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"     xmlns:mvc="http://www.springframework.org/schema/mvc"     xmlns:context="http://www.springframework.org/schema/context"     xmlns:sec="http://www.springframework.org/schema/security"     xsi:schemalocation="         http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd         http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd         http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd         http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">      <sec:http use-expressions="true">         <sec:intercept-url pattern="/**" access="permitall" />         <sec:form-login             login-page="/home.html"             login-processing-url="/j_spring_security_check"             authentication-failure-url="/login-error.html"             default-target-url="/welcome.html" />         <sec:logout logout-success-url="/home.html" />     </sec:http>      <sec:authentication-manager>         <sec:authentication-provider>             <sec:password-encoder hash="md5"/>             <sec:user-service>                 <sec:user name="bob" password="12b141f35d58b8b3a46eea65e6ac179e" authorities="role_supervisor, role_user" />                 <sec:user name="sam" password="d1a5e26d0558c455d386085fad77d427" authorities="role_user" />             </sec:user-service>         </sec:authentication-provider>     </sec:authentication-manager>      <context:component-scan base-package="cz.dusanrychnovsky.whattoreadnext" />     <mvc:annotation-driven /> </beans>

this home controller.

@controller public class homecontroller  {        @requestmapping(value = "/home.html")     public string home() {         return "home";     }      @requestmapping(value = "/login-error.html")     public string loginerror(model model) {         model.addattribute("loginerror", true);         return "home";     } }

and thymeleaf based view.

<!doctype html system "http://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring3-3.dtd"> <html      xmlns="http://www.w3.org/1999/xhtml"     xmlns:th="http://www.thymeleaf.org">      <head>         <title>contacts</title>         <meta http-equiv="content-type" content="text/html; charset=utf-8" />     </head>     <body>         <div id="content">             <h1>welcome site!</h1>              <p th:if="${loginerror}">wrong user or password</p>              <form th:action="@{/j_spring_security_check}" method="post">                  <label for="j_username">email address</label>:                  <input type="text" id="j_username" name="j_username" /> <br />                  <label for="j_password">password</label>:                  <input type="password" id="j_password" name="j_password" /> <br />                  <input type="submit" value="log in" />               </form>         </div>     </body> </html>

when deploy war file local tomcat installation , visit http://localhost:8080/test/home.html url, home page opens fine. when fill in form, though, gets submitted http://localhost:8080/test/j_spring_security_check, 404 - requested resource () not available. error.

what doing wrong? please bear me i'm newcomer both spring mvc/security , thymeleaf.

  1. you need configure spring security filter in web.xml

  2. you cannot configure spring security in servlet-context.xml, because servlet-context.xml belongs specific dispatcherservlet, spring security filter works before request reaches servlet.

    you need create root application context using contextloaderlistener , put spring security configuration there.

    actually, long don't need separate servlet-context.xml , applicationcontext.xml, i'd suggest move servlet-context.xml applicationcontext.xml , leave servlet-context.xml empty (that is, leave <beans> element empty).


-

Popular posts from this blog

Apache NiFi ExecuteScript: Groovy script to replace Json values via a mapping file -

i working apache nifi 0.5.1 on groovy script replace incoming json values ones contained in mapping file. mapping file looks (it simple .txt): header1;header2;header3 a;some text;a2 i have started following: import groovy.json.jsonbuilder import groovy.json.jsonslurper import java.nio.charset.standardcharsets def flowfile = session.get(); if (flowfile == null) { return; } flowfile = session.write(flowfile, { inputstream, outputstream -> def content = """ { "field1": "a" "field2": "a", "field3": "a" }""" def slurped = new jsonslurper().parsetext(content) def builder = new jsonbuilder(slurped) builder.content.field1 = "a" builder.content.field2 = "some text" builder.content.field3 = "a2" outputstream.write(builder.toprettystring().ge...
Read more

node.js - How do I prevent MongoDB replica set from querying the primary? -

read-operations-only: is there way have mongodb replica set, make mongodb instance on box connected to, mongodb gets queried? i have 3 ec2 instances behind aws load balancer. on each ec2 instance runs mongodb, part of replica set. i have express endpoints on nodejs , connect replica set follows mongodb.mongoclient.connect('mongodb://1.1.1.1,2.2.2.2,3.3.3.3.', function (err, db) { if (err) { complete('{}'); } else { i distribute load of queries evenly across 3 instances of mongodb replica set instead of default having queries routed ec2 instance primary mongodb defined, because destroys point of load balancer (which balance load of queries across 3 instances evenly). my understanding when connecting mongodb replica set, primary instance selected unless primary instance down, , therefore purpose of every secondary instance serve backup. in example people call hot,cold,cold. because there 2...
Read more