Does this mean if add added blow to web.xml:
<!-- Spring Security related configuration -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/dp_web/service/*</url-pattern>
</filter-mapping>
I must use <http> to configure something in applicationContext.xml?
In my case,I removed above stuff from web.xml,added
@Secured({"ROLE_USER"})
to class ServiceBase and let all other service inherit from it,and added
this:
<security:global-method-security secured-annotations="enabled" />
to applicationContext.xml,and remove all other spring security related from
it,rerun my web app,all inherited service invoking
give 500 error,so security mechanism do works, but obviously,following code
is not enough:
User user = new User(login, password, true, true, true, true, new
ArrayList<GrantedAuthority>());
Authentication auth = new UsernamePasswordAuthenticationToken(user, password,
new ArrayList<GrantedAuthority>());
try {
auth = this.authenticationProvider.authenticate(auth);
} catch (BadCredentialsException e) {
throw new ClientSideBadCredentialsException(e.getMessage(), e);
}
SecurityContext sc = new SecurityContextImpl();
sc.setAuthentication(auth);
SecurityContextHolder.setContext(sc);
So question is what else I should do except:
1,add @Secured({"ROLE_USER"}) to parent service
2,add <security:global-method-security secured-annotations="enabled" /> to
applictionContext.xml
On Tuesday, July 5, 2016 at 4:38:31 PM UTC+8, Alexander Leshkin wrote:
> On Tuesday, July 5, 2016 at 6:02:38 AM UTC+3, Alex Luya wrote:
>>
>> and blow to applicationContext.xml:
>>
>> <bean id="springSecurityFilterChain"
>> class="org.springframework.web.filter.DelegatingFilterProxy"/>
>>
>>
>> I think this causes recursion. Try to remove this bean declarion. Spring
> security should internally create bean with name
> *springSecurityFilterChain.*
> See
> http://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#ns-web-xml
>
>> In this case, the bean is named "springSecurityFilterChain", which is an
>> internal infrastructure bean created by the namespace to handle web
>> security. Note that you should not use this bean name yourself. Once you’ve
>> added this to your web.xml, you’re ready to start editing your
>> application context file. Web security services are configured using the
>> <http> element.
>
>
>
>
--
You received this message because you are subscribed to the Google Groups "GWT
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to google-web-toolkit+unsubscr...@googlegroups.com.
To post to this group, send email to google-web-toolkit@googlegroups.com.
Visit this group at https://groups.google.com/group/google-web-toolkit.
For more options, visit https://groups.google.com/d/optout.
