Thanks for the reply Jared. But I have tried by removing the /login, /logout and /loginfailed from the filterChainDefinitions. I have tried using authc and I have tried using anon, authc. Nothing works. I also updated my login.jsp to change the names of the fields to username and password. It is still returning to the login.jsp page without any errors.
-----Original Message----- From: Jared Bunting [mailto:[email protected]] Sent: 04 January 2012 21:32 To: [email protected] Subject: Re: Not able to login - No error shown I suspect that your /login filter chain mapping should NOT be "anon". If the authc filter never sees requests to that url, then it can't do the authentication. In general, the authc filter handles allowing through its "special" urls by itself - you shouldn't have to help it. I suspect that there's also no need to map /loginfailed to anon, but I can't think of any harm that would do. -Jared On Wed 04 Jan 2012 08:09:11 AM CST, Deepthi Jayaram wrote: > Hi, > > > > I have just started working on an application to integrate Spring MVC, > Apache Shiro and Ehcache. The requirement is that the user is > authenticated and authorized by Apache Shiro and his session is > maintained in a distributed environment using Ehcache. > > > > The following is my web.xml > > > > <code> > > <?xml version=/"1.0"/ encoding=/"UTF-8"/?> > > <web-app > > xmlns:xsi=/"http://www.w3.org/2001/XMLSchema-instance"/ > > xmlns=/"http://java.sun.com/xml/ns/javaee"/ > > xmlns:web=/"http://java.sun.com/xml/ns/javaee/web-app_2_4.xsd"/ > > xsi:schemaLocation=/"http://java.sun.com/xml/ns/javaee > http://java.sun.com/xml/ns/javaee/web-app_2_4.xsd"/ version=/"2.4"/> > > <display-name>PlatformWeb</display-name> > > <context-param> > > <param-name>contextConfigLocation</param-name> > > > <param-value>/WEB-INF/spring/appServlet/root-context._xml_</param-value> > > </context-param> > > <listener> > > > <listener-class>_org_._springframework_.web.context.ContextLoaderListener</listener-class> > > </listener> > > <!-- _Shiro_ Security --> > > <filter> > > <filter-name>shiroFilter</filter-name> > > > <filter-class>_org_._springframework_.web.filter.DelegatingFilterProxy</filter-class> > > <init-param> > > <param-name>targetFilterLifecycle</param-name> > > <param-value>true</param-value> > > </init-param> > > </filter> > > <filter-mapping> > > <filter-name>shiroFilter</filter-name> > > <url-pattern>/*</url-pattern> > > </filter-mapping> > > <servlet> > > <servlet-name>appServlet</servlet-name> > > > <servlet-class>_org_._springframework_.web._servlet_.DispatcherServlet</servlet-class> > > <init-param> > > <param-name>contextConfigLocation</param-name> > > > <param-value>/WEB-INF/spring/appServlet/_servlet_-context._xml_</param-value> > > </init-param> > > <load-on-startup>1</load-on-startup> > > </servlet> > > <servlet-mapping> > > <servlet-name>appServlet</servlet-name> > > <url-pattern>/</url-pattern> > > </servlet-mapping> > > </web-app> > > </code> > > > > The following is my root-context.xml > > > > <code> > > <?xml version=/"1.0"/ encoding=/"UTF-8"/?> > > <beans:beans xsi:schemaLocation=/" > http://www.springframework.org/schema/mvc > http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd / > > /http://www.springframework.org/schema/beans > http://www.springframework.org/schema/beans/spring-beans-3.0.xsd/ > > /http://www.springframework.org/schema/context > http://www.springframework.org/schema/context/spring-context.xsd/ > > /http://www.springframework.org/schema/tx > http://www.springframework.org/schema/tx/spring-tx.xsd/ > > /http://www.springframework.org/schema/aop > http://www.springframework.org/schema/aop/spring-aop-3.0.xsd"/ > > xmlns:beans=/"http://www.springframework.org/schema/beans"/ > > xmlns:xsi=/"http://www.w3.org/2001/XMLSchema-instance"/ > > xmlns:mvc=/"http://www.springframework.org/schema/mvc"/ > > xmlns:context=/"http://www.springframework.org/schema/context"/ > > xmlns:p=/"http://www.springframework.org/schema/p"/ > > xmlns:tx=/"http://www.springframework.org/schema/tx"/ > > xmlns:aop=/"http://www.springframework.org/schema/aop"/> > > <beans:bean id=/"ds"/ > class=/"com.mysql.jdbc.jdbc2.optional.MysqlDataSource"/> > > <beans:property name=/"serverName"/ > value=/"<ip addr>"/ /> > > <beans:property name=/"user"/ > value=/"root"/ /> > > <beans:property name=/"password"/ > value=/"root"/ /> > > <beans:property name=/"databaseName"/ > value=/"<database name>"/ /> > > </beans:bean> > > <!-- Security Manager --> > > <beans:bean id=/"securityManager"/ > class=/"org.apache.shiro.web.mgt.DefaultWebSecurityManager"/> > > <beans:property name=/"sessionMode"/ value=/"native"/ /> > > <beans:property name=/"realm"/ ref=/"jdbcRealm"/ /> > > <beans:property name=/"sessionManager"/ ref=/"sessionManager"//> > > <beans:property name=/"cacheManager"/ ref=/"cacheManager"//> > > </beans:bean> > > > > <!-- Caching --> > > <beans:bean id=/"cacheManager"/ > class=/"org.apache.shiro.cache.ehcache.EhCacheManager"/> > > <beans:property name=/"cacheManager"/ ref=/"ehCacheManager"/ /> > > </beans:bean> > > > > <beans:bean id=/"ehCacheManager" > /class=/"org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/ /> > > > > <beans:bean id=/"sessionDAO"/ > class=/"org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO"/ /> > > > > <beans:bean id=/"sessionManager" > /class=/"org.apache.shiro.web.session.mgt.DefaultWebSessionManager"/> > > <beans:property name=/"sessionDAO"/ ref=/"sessionDAO"/ /> > > </beans:bean> > > > > > > <!-- JDBC Realm Settings --> > > <beans:bean id=/"jdbcRealm"/ > class=/"org.apache.shiro.realm.jdbc.JdbcRealm"/> > > <beans:property name=/"name"/ value=/"jdbcRealm"/ /> > > <beans:property name=/"dataSource"/ ref=/"ds"/ /> > > <beans:property name=/"authenticationQuery"/ > > value=/"SELECT password FROM users WHERE username=? and > enabled=1"/ /> > > <beans:property name=/"userRolesQuery"/ > > value=/"SELECT r.name FROM roles r, users u, users_roles > ur WHERE u.id=ur.user_id AND r.id=ur.role_id AND u.username=?"/ /> > > <beans:property name=/"permissionsQuery"/ > > value=/"SELECT p.authority FROM roles r, permissions p, > roles_permissions rp WHERE r.id=rp.role_id AND p.id=rp.permission_id > AND r.name=?"/ /> > > <beans:property name=/"permissionsLookupEnabled"/ > value=/"true"/ /> > > </beans:bean> > > > > <!-- Spring Integration --> > > <beans:bean id=/"lifecycleBeanPostProcessor"/ > class=/"org.apache.shiro.spring.LifecycleBeanPostProcessor"/ /> > > > > <!-- Enable _Shiro_ Annotations for Spring-configured beans. Only > run after > > the lifecycleBeanProcessor has run: --> > > <beans:bean id=/"annotationProxy"/ > > > class=/"org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"/ > > depends-on=/"lifecycleBeanPostProcessor"/ /> > > <beans:bean > > > class=/"org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor"/> > > <beans:property name=/"securityManager"/ > ref=/"securityManager"/ /> > > </beans:bean> > > > > <!-- Secure Spring _remoting_: Ensure any Spring _Remoting_ method > invocations > > can be associated with a Subject for security checks. --> > > <beans:bean id=/"secureRemoteInvocationExecutor"/ > > > class=/"org.apache.shiro.spring.remoting.SecureRemoteInvocationExecutor"/> > > <beans:property name=/"securityManager"/ > ref=/"securityManager"/ /> > > </beans:bean> > > > > <!-- _Shiro_ filter --> > > <beans:bean id=/"shiroFilter"/ > class=/"org.apache.shiro.spring.web.ShiroFilterFactoryBean"/> > > <beans:property name=/"securityManager"/ > ref=/"securityManager"/ /> > > <beans:property name=/"loginUrl"/ value=/"/login"/ /> > > <beans:property name=/"successUrl"/ value=/"/index"/ /> > > <beans:property name=/"unauthorizedUrl"/ value=/"/loginfailed"/ /> > > <beans:property name=/"filterChainDefinitions"/> > > <beans:value> > > <!-- !!! Order matters !!! --> > > /login = anon > > /logout = anon > > /_loginfailed_ = anon > > /** = _authc_ > > </beans:value> > > </beans:property> > > </beans:bean> > > </beans:beans> > > </code> > > > > The following is an extract from my controller > > > > <code> > > @RequestMapping(value = "/login") > > *public* String login(ModelMap model) { > > *return* "login"; > > } > > @RequestMapping(value = "/index", method = RequestMethod./GET/) > > *public* String listMembers(ModelMap model) { > > /logger/.info("Listing Platform Team > members..."); > > model.put("member", *new* TeamMember()); > > model.put("memberList", > memberService.listMembers()); > > *return* "member"; > > } > > </code> > > > > The following is my login.jsp > > > > <code> > > <form name=/"loginform"/ action=/""/ method=/"post"/> > > <table align=/"left"/ border=/"0"/ cellspacing=/"0"/ cellpadding=/"3"/> > > <tr> > > <td>_Username_:</td> > > <td><input type=/"text"/ name=/"user"/ maxlength=/"30"/></td> > > </tr> > > <tr> > > <td>Password:</td> > > <td><input type=/"password"/ name=/"pass"/ maxlength=/"30"/></td> > > </tr> > > <tr> > > <td colspan=/"2"/ align=/"left"/><input type=/"checkbox"/ > name=/"remember"/><font size=/"2"/>Remember Me</font></td> > > </tr> > > <tr> > > <td colspan=/"2"/ align=/"right"/><input type=/"submit"/ > name=/"submit"/ value=/"Login"/></td> > > </tr> > > </table> > > </form> > > </code> > > > > When I run this, I do not get any build or runtime errors. But when I > try to login with authentic credentials, I come back to login.jsp page > with no errors. I would appreciate any help on this. Thanks in advance. > > Deepthi >
