Well, that did help. Somehow, as it left me even more confused at the
beginning. Debugging activated, I came to realize, that the
loadByUsername method in the UserDetailsServiceImpl never even is called
on Login.
So, knowing that I started to mock around in the AppModule and pushed
things around until it finally worked. I had commented out the
daoAuthenticationProvider at some stage. Adding it again solved that
issue for me.
Christophe, thanks for your help and pointing me the right direction.
Very much appreciated.
Best regards
Daniel
just for reference, my AppModule (just the spring TSS related points)
now looks like that:
...
/*
* http://www.localhost.nu/java/tapestry-spring-security/conf.html
*/
public static UserDetailsService buildUserDetailsService(
@Inject UserDAO userDao) {
System.out.println("Building UserDetailService");
return new UserDetailsServiceImpl(userDao);
}
public static void contributeProviderManager(
OrderedConfiguration<AuthenticationProvider> configuration,
@InjectService("DaoAuthenticationProvider")
AuthenticationProvider
daoAuthenticationProvider) {
configuration.add("daoAuthenticationProvider",
daoAuthenticationProvider);
}
public static void contributeAlias(
Configuration<AliasContribution<PasswordEncoder>>
configuration) {
configuration.add(AliasContribution.create(
PasswordEncoder.class,
new ShaPasswordEncoder()));
}
...
Am 10.06.2010 10:56, schrieb Christophe Cordenier:
My advice is to debug your application to check if the password encoding at
login time is the same as the one you provided at creation time.
Put a break point in the method that retrieves the user from DB, have a look
the stack in eclipse debug mode, identifiy the Authentication Spring Filter,
go into this stackframe and debug step by step to see what's happening after
user retrieval.
Note that we use spring-security (w/o tapestry-spring-security) at
http://github.com/robink/wooki
2010/6/10 Daniel Henze<dhe...@googlemail.com>
The way I encode the password is using the following create method in
UserServiceImpl:
...
public UserServiceImpl(PasswordEncoder encoder, SaltSource salt, UserDAO
userDao, Logger logger, IRoleService roleService) {
this.encoder = encoder;
this.salt = salt;
this.userDao = userDao;
this.logger = logger;
this.roleService = roleService;
}
...
public long createUser(User user) {
String clearTextPassword = user.getPassword();
user.setPassword( encoder.encodePassword(clearTextPassword,
salt.getSalt(user)));
user.addRole(roleService.findByAuthority("USER_ROLE"));
this.save(user);
return user.getId();
}
The password is stored as VARCHAR in the DB. I had suspected that as well,
but since encoder is configured in appmodule and salt and encoder both
injected, I assumed this should be fine. Do I have to implement
SaltSourceService myself?
Am 10.06.2010 10:39, schrieb Christophe Cordenier:
Have you checked that the encoder used by Spring filter is the same you
use
to encode it in your DB ?
Password Encoding is made of a salt and an algorithm.
2010/6/10 Daniel Henze<dhe...@googlemail.com>
Thanks for your reply.
Yes, I did check that. And it's ok, lovely long and encrypted passwords.
Daniel
Am 10.06.2010 09:51, schrieb Christophe Cordenier:
Hi
I guess you already did it but have you checked if the password is
stored
in
SHA1 ?
2010/6/10 Daniel Henze<dhe...@googlemail.com>
Hi there,
I installed Tapestry-Spring-Security and followed the installation and
configuration advise. But I have no luck as the login does not work for
me
and always returns "Username and/or password was wrong!". There was a
recent
post about the "Bad credentials" and it was the wrong SaltService at
the
end, but I doubt that is the reason here as I'm following standard
installation.
I tried different approaches (the IUserService extending the
UserDetailsService and all methods implemented in UserServiceImpl) to
not
setting the Password encoder and even switching from MySQL to HSQLDB
and
back. It's probably just a glitch, but I'd appreciate if someone could
enlighten me.
Cheers
Daniel
-----------
My Setup:
class: User implements UserDetails
service: UserDetailsServiceImpl implements UserDetailsService
public UserDetails loadUserByUsername(String username) throws
UsernameNotFoundException, DataAccessException {
User u = userDao.findByUsername(username);
if (u != null) {
return u;
}
return null;
}
service: UserServiceImpl implements IUserService (Domain specific
methods,
e.g. User creation)
DAO: UserDAOHibernate
public User findByUsername(String username) {
return (User) session.createCriteria(User.class)
.add(Restrictions.eq("username", username))
.uniqueResult();
}
page: LoginPage and it's template
AppModule:
public static void bind(ServiceBinder binder) {
...
binder.bind(IUserService.class, UserServiceImpl.class);
}
public static void contributeApplicationDefaults(
MappedConfiguration<String, String> configuration) {
...
configuration.add("spring-security.failure.url",
"/loginpage/failed");
configuration.add("spring-security.accessDenied.url",
"/forbidden");
...
}
public static UserDetailsService buildUserDetailsService(
@Inject UserDAO userDao) {
System.out.println("Building UserDetailService");
return new UserDetailsServiceImpl(userDao);
}
public static void contributeAlias(
Configuration<AliasContribution<PasswordEncoder>>
configuration) {
configuration.add(AliasContribution.create(
PasswordEncoder.class,
new ShaPasswordEncoder()));
}
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
