StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POSpring Security on a JSF 2.1 web app
text
Body
copied!<p>I'm just getting started with Spring Security 3.1 and I haven't found a way to implment it on top of a JSF 2.1 web app. I currently have:</p> <p>A web.xml with:</p> <pre><code> <context-param> <param-name>contextConfigLocation</param-name> <param-value>classpath:applicationContext-business.xml /WEB-INF/applicationContext-security.xml </param-value> </code></pre> <p></p> <pre><code><filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> </code></pre> <p>And my applicationContext-security.xml:</p> <pre><code><beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd"> <http pattern="/resources/**" security="none" /> <http use-expressions="true"> <intercept-url pattern="/administracion/departamentos/**" access="recursoshumanos" /> <intercept-url pattern="/administracion/derechos/**" access="recursoshumanos" /> <intercept-url pattern="/administracion/diasfestivos/**" access="recursoshumanos" /> <intercept-url pattern="/administracion/dias/**" access="recursoshumanos" /> <intercept-url pattern="/administracion/solicitudes/**" access="recursoshumanos" /> <intercept-url pattern="/administracion/empleados/**" access="recursoshumanos" /> </http> <authentication-manager> <authentication-provider> <user-service> <user name="rod" password="koala" authorities="recursoshumanos" /> <user name="dianne" password="emu" authorities="jefe" /> <user name="scott" password="wombat" authorities="jefe" /> </user-service> </authentication-provider> </authentication-manager> </code></pre> <p> </p> <p>I'm guessing this example would work with a regular .jsp but I'm probably missing additional steps to make it work with JSF, unfortunately, I haven't been able to find a fully working example so far. What do i need to do? Thanks!</p> <p>Edit: The problem is that i can still navigate freely to the secured areas of the application without needing to log in.</p> <p>Edit: BTW, I just noticed that a filter to the root of the web app does indeed trigger the authentication mechanism. It still fails everywhere else though. </p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload