Have you checked that the encoder used by Spring filter is the same you use
to encode it in your DB ?
Password Encoding is made of a salt and an algorithm.
2010/6/10 Daniel Henze <dhe...@googlemail.com>
> Thanks for your reply.
>
> Yes, I did check that. And it's ok, lovely long and encrypted passwords.
>
> Daniel
>
> Am 10.06.2010 09:51, schrieb Christophe Cordenier:
>
> Hi
>>
>> I guess you already did it but have you checked if the password is stored
>> in
>> SHA1 ?
>>
>> 2010/6/10 Daniel Henze<dhe...@googlemail.com>
>>
>>
>>
>>> Hi there,
>>>
>>> I installed Tapestry-Spring-Security and followed the installation and
>>> configuration advise. But I have no luck as the login does not work for
>>> me
>>> and always returns "Username and/or password was wrong!". There was a
>>> recent
>>> post about the "Bad credentials" and it was the wrong SaltService at the
>>> end, but I doubt that is the reason here as I'm following standard
>>> installation.
>>>
>>> I tried different approaches (the IUserService extending the
>>> UserDetailsService and all methods implemented in UserServiceImpl) to not
>>> setting the Password encoder and even switching from MySQL to HSQLDB and
>>> back. It's probably just a glitch, but I'd appreciate if someone could
>>> enlighten me.
>>>
>>> Cheers
>>> Daniel
>>>
>>> -----------
>>>
>>> My Setup:
>>>
>>> class: User implements UserDetails
>>>
>>> service: UserDetailsServiceImpl implements UserDetailsService
>>> public UserDetails loadUserByUsername(String username) throws
>>> UsernameNotFoundException, DataAccessException {
>>> User u = userDao.findByUsername(username);
>>> if (u != null) {
>>> return u;
>>> }
>>> return null;
>>> }
>>>
>>> service: UserServiceImpl implements IUserService (Domain specific
>>> methods,
>>> e.g. User creation)
>>>
>>> DAO: UserDAOHibernate
>>> public User findByUsername(String username) {
>>> return (User) session.createCriteria(User.class)
>>> .add(Restrictions.eq("username", username))
>>> .uniqueResult();
>>> }
>>>
>>> page: LoginPage and it's template
>>>
>>> AppModule:
>>> public static void bind(ServiceBinder binder) {
>>> ...
>>> binder.bind(IUserService.class, UserServiceImpl.class);
>>> }
>>>
>>> public static void contributeApplicationDefaults(
>>> MappedConfiguration<String, String> configuration) {
>>> ...
>>> configuration.add("spring-security.failure.url",
>>> "/loginpage/failed");
>>> configuration.add("spring-security.accessDenied.url",
>>> "/forbidden");
>>> ...
>>> }
>>>
>>> public static UserDetailsService buildUserDetailsService(
>>> @Inject UserDAO userDao) {
>>> System.out.println("Building UserDetailService");
>>> return new UserDetailsServiceImpl(userDao);
>>> }
>>>
>>> public static void contributeAlias(
>>> Configuration<AliasContribution<PasswordEncoder>>
>>> configuration) {
>>>
>>> configuration.add(AliasContribution.create(
>>> PasswordEncoder.class,
>>> new ShaPasswordEncoder()));
>>> }
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
>>> For additional commands, e-mail: users-h...@tapestry.apache.org
>>>
>>>
>>>
>>>
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
> For additional commands, e-mail: users-h...@tapestry.apache.org
>
>
--
Regards,
Christophe Cordenier.
Developer of wooki @wookicentral.com
