Adding custom filter in spring framework problem? | ansaurus

tags:

spring-security

views:

790

answers:

1

Q:

Adding custom filter in spring framework problem?

hello there iam trying to make a custom AuthenticationProcessingFilter to save some user data in the session after successful login

here's my filter:

Code:

package projects.internal;

import java.io.IOException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.Authentication;
import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;

public class MyAuthenticationProcessingFilter extends AuthenticationProcessingFilter {


 protected void onSuccessfulAuthentication(HttpServletRequest request,
   HttpServletResponse response, Authentication authResult)
   throws IOException {
  super.onSuccessfulAuthentication(request, response, authResult);
  request.getSession().setAttribute("myValue", "My value is set");
 }
}

and here's my security.xml file

Code:

<beans:beans xmlns="http://www.springframework.org/schema/security"  
 xmlns:beans="http://www.springframework.org/schema/beans" 
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation="http://www.springframework.org/schema/beans 
 http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                        http://www.springframework.org/schema/security 
                        http://www.springframework.org/schema/security/spring-security-3.0.xsd"&gt;

 <global-method-security pre-post-annotations="enabled">

 </global-method-security>
 <http use-expressions="true" auto-config="false" entry-point-ref="authenticationProcessingFilterEntryPoint">
  <intercept-url pattern="/" access="permitAll" />
  <intercept-url pattern="/images/**" filters="none" />
  <intercept-url pattern="/scripts/**" filters="none" />
  <intercept-url pattern="/styles/**" filters="none" />
  <intercept-url pattern="/p/login.jsp" filters="none" />
  <intercept-url pattern="/p/register" filters="none" />
  <intercept-url pattern="/p/**" access="isAuthenticated()" />

     <form-login
   login-processing-url="/j_spring_security_check"
   login-page="/p/login.jsp"   
   authentication-failure-url="/p/login_error.jsp" />
  <logout />
 </http>

 <authentication-manager alias="authenticationManager">
 <authentication-provider>
    <jdbc-user-service data-source-ref="dataSource"/>
  </authentication-provider>
 </authentication-manager>

 <beans:bean id="authenticationProcessingFilter" class="projects.internal.MyAuthenticationProcessingFilter">
 <custom-filter position="AUTHENTICATION_PROCESSING_FILTER" />
    </beans:bean>

    <beans:bean id="authenticationProcessingFilterEntryPoint" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
    </beans:bean>


 </beans:beans>

it gives an error here: Code:

<custom-filter position="AUTHENTICATION_PROCESSING_FILTER" />

multiple annotation found at this line:cvc-attribute.3 cvc-complex-type.4 cvc-enumeration-vaild

what is the problem? thanks in advance

A:

I don't believe that's a valid filter position in Spring Security 3.0 schema. Check out Security Namespace Configuration. I don't see it listed anymore. Perhaps try BASIC_AUTH_FILTER

Gandalf 2010-03-23 20:11:37

related questions

Acegi/Spring Security Grails plug-in not seeing changes to a User instance

different DelegatingFilterProxy and FilterToBeanProxy

How to immediately enable the authority after update user authority in spring security?

springdoclet usage?

Grails Security Problem and Search Engine optimization

Spring Security: Advice needed on how to handle GrantedAuthority

Why is my (Spring Security) servlet filter getting called twice?

Grails Acegi Plugin springsecurity.GrailsDaoImpl - User [admin] has no GrantedAuthority

Spring Security: What is the UserDetailsManager interface used for? And more!

Combining namespace based configuration with different authentication methods in spring-security

Spring Security: Custom Authentication Provider for 'one time password' and 'securit questions'

Spring Security: How to get the initial target url

Permissions checking in server-side API

Cannot locate 'org.springframework.security.annotation.Jsr250MethodDefinitionSource'

How to grant access for all authenticated users?

Spring embedded ldap server in unit tests

What are some good sample applications using Spring and Hibernate?

Problem migrating Spring Web App from tomcat 5.5 to tomcat 6.0

How to throw an informative exception from AccessDecisionManager that uses voters

How can I determine what roles are required to access a URL with Spring Security?

Creating a custom authentication with Acegi/Spring Security

Unit testing with Spring Security

Securing Remote Access over JMXMP with Spring Security

When using Spring Security, what is the proper way to obtain current username (i.e. SecurityContext) information in a bean?

Spring security: adding "On unsuccessful login event listener"