Databases
StackOverflow2013
Postsdbo
POspring security 3.1 isAuthenticated() not working
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POspring security 3.1 isAuthenticated() not working
    primarykey
    data
    text
    <p>I'm starting a new project with spring mvc 3 and spring security 3.1.0. I coded a Authentication provider, a UserDetails class. Very simple. The authentication is working properly, but when i use in my jsp (template one using sitemesh) it seems that it doesn´t work a all.</p> <p>Here is my example.</p> <pre><code>&lt;security:authorize access="isAuthenticated()"&gt; &lt;ul class="nav"&gt; &lt;li class="${selectedMenu.equals('index') ? 'active' : ''}"&gt;&lt;a href="&lt;c:url value="/" /&gt;"&gt;Home&lt;/a&gt;&lt;/li&gt; .... &lt;/ul&gt; &lt;/security:authorize&gt; &lt;p class="navbar-text pull-right"&gt;Logged in as &lt;a href="#"&gt;&lt;security:authentication property="principal.username"/&gt;&lt;/a&gt;&lt;/p&gt; </code></pre> <p>i never see the ul and is blank..</p> <p>I don´t know what i missing</p> <p>Here is my configuration:</p> <p>security-applicationContext.xml</p> <pre><code>&lt;beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd"&gt; &lt;http pattern="/resources/**" security="none"/&gt; &lt;http use-expressions="true"&gt; &lt;intercept-url pattern="/**" access="isFullyAuthenticated()" /&gt; &lt;form-login login-page='/spring_security_login' default-target-url='/index.html' always-use-default-target='true' /&gt; &lt;session-management session-fixation-protection="none" /&gt; &lt;/http&gt; &lt;authentication-manager&gt; &lt;authentication-provider user-service-ref="AuthRepository"&gt; &lt;password-encoder ref="passwordEncoder"/&gt; &lt;/authentication-provider&gt; &lt;/authentication-manager&gt; &lt;/beans:beans&gt; </code></pre> <p>UserDetails</p> <pre><code>package ar.com.held.auth; import java.util.ArrayList; import java.util.Collection; import org.springframework.security.core.GrantedAuthority; import ar.com.held.model.User; public class UserDetails implements org.springframework.security.core.userdetails.UserDetails { /** * */ private static final long serialVersionUID = -2636146093986968636L; private User user; private String userName; private String password; public User getUser() { return user; } public UserDetails(User user){ this.user = user; this.userName = user.getUsername(); this.password = user.getPassword(); } @Override public Collection&lt;? extends GrantedAuthority&gt; getAuthorities() { return new ArrayList&lt;GrantedAuthority&gt;(); } @Override public String getPassword() { return this.password; } @Override public String getUsername() { return this.userName; } @Override public boolean isAccountNonExpired() { return true; } @Override public boolean isAccountNonLocked() { return true; } @Override public boolean isCredentialsNonExpired() { return true; } @Override public boolean isEnabled() { return true; } } </code></pre> <p>AuthRepository</p> <pre><code>package ar.com.held.auth; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl; import org.springframework.stereotype.Repository; import ar.com.held.model.User; import ar.com.held.repository.UserRepository; /*** * Authentication users repository * * */ @Repository(value="AuthRepository") public class AuthRepository extends JdbcDaoImpl { @Autowired private UserRepository userRepository; @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { User user = userRepository.findByUserName(username); if(user==null) throw new UsernameNotFoundException(username+" no es un usuario registrado"); return new ar.com.held.auth.UserDetails(user); } @Override protected void checkDaoConfig() { } } </code></pre> <p><em><strong></em> edited***</strong></p> <p>here is the debug information when i request a JSP page when i am logged in:</p> <pre><code>2012-02-14 18:18:28 AntPathRequestMatcher [DEBUG] Checking match of request : '/companies/list'; against '/resources/**' 2012-02-14 18:18:28 FilterChainProxy [DEBUG] /companies/list at position 1 of 10 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter' 2012-02-14 18:18:28 HttpSessionSecurityContextRepository [DEBUG] Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@127c16e: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@127c16e: Principal: ar.com.held.auth.UserDetails@1250cda; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffd3270: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 4E06EC71A480C21A3CB08DDE2EBFDAF5; Not granted any authorities' 2012-02-14 18:18:28 FilterChainProxy [DEBUG] /companies/list at position 2 of 10 in additional filter chain; firing Filter: 'LogoutFilter' 2012-02-14 18:18:28 FilterChainProxy [DEBUG] /companies/list at position 3 of 10 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter' 2012-02-14 18:18:28 FilterChainProxy [DEBUG] /companies/list at position 4 of 10 in additional filter chain; firing Filter: 'DefaultLoginPageGeneratingFilter' 2012-02-14 18:18:28 FilterChainProxy [DEBUG] /companies/list at position 5 of 10 in additional filter chain; firing Filter: 'RequestCacheAwareFilter' 2012-02-14 18:18:28 FilterChainProxy [DEBUG] /companies/list at position 6 of 10 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter' 2012-02-14 18:18:28 FilterChainProxy [DEBUG] /companies/list at position 7 of 10 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter' 2012-02-14 18:18:28 AnonymousAuthenticationFilter [DEBUG] SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@127c16e: Principal: ar.com.held.auth.UserDetails@1250cda; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffd3270: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 4E06EC71A480C21A3CB08DDE2EBFDAF5; Not granted any authorities' 2012-02-14 18:18:28 FilterChainProxy [DEBUG] /companies/list at position 8 of 10 in additional filter chain; firing Filter: 'SessionManagementFilter' 2012-02-14 18:18:28 FilterChainProxy [DEBUG] /companies/list at position 9 of 10 in additional filter chain; firing Filter: 'ExceptionTranslationFilter' 2012-02-14 18:18:28 FilterChainProxy [DEBUG] /companies/list at position 10 of 10 in additional filter chain; firing Filter: 'FilterSecurityInterceptor' 2012-02-14 18:18:28 FilterSecurityInterceptor [DEBUG] Secure object: FilterInvocation: URL: /companies/list; Attributes: [isFullyAuthenticated()] 2012-02-14 18:18:28 FilterSecurityInterceptor [DEBUG] Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@127c16e: Principal: ar.com.held.auth.UserDetails@1250cda; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffd3270: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 4E06EC71A480C21A3CB08DDE2EBFDAF5; Not granted any authorities 2012-02-14 18:18:28 AffirmativeBased [DEBUG] Voter: org.springframework.security.web.access.expression.WebExpressionVoter@10932b8, returned: 1 2012-02-14 18:18:28 FilterSecurityInterceptor [DEBUG] Authorization successful 2012-02-14 18:18:28 FilterSecurityInterceptor [DEBUG] RunAsManager did not change Authentication object 2012-02-14 18:18:28 FilterChainProxy [DEBUG] /companies/list reached end of additional filter chain; proceeding with original chain 2012-02-14 18:18:28 DispatcherServlet [DEBUG] DispatcherServlet with name 'spring' processing GET request for [/Held/companies/list] 2012-02-14 18:18:28 RequestMappingHandlerMapping [DEBUG] Looking up handler method for path /companies/list 2012-02-14 18:18:28 RequestMappingHandlerMapping [DEBUG] Returning handler method [public java.lang.String ar.com.held.controller.CompanyController.list(org.springframework.ui.Model)] 2012-02-14 18:18:28 DefaultListableBeanFactory [DEBUG] Returning cached instance of singleton bean 'companyController' 2012-02-14 18:18:28 DispatcherServlet [DEBUG] Last-Modified value for [/Held/companies/list] is: -1 2012-02-14 18:18:28 SharedEntityManagerCreator$SharedEntityManagerInvocationHandler [DEBUG] Creating new EntityManager for shared EntityManager invocation 2012-02-14 18:18:28 SessionImpl [DEBUG] Opened session at timestamp: 13292543088 2012-02-14 18:18:28 LogicalConnectionImpl [DEBUG] Obtaining JDBC connection 2012-02-14 18:18:28 DriverManagerDataSource [DEBUG] Creating new JDBC DriverManager Connection to [jdbc:mysql://localhost:3306/held] 2012-02-14 18:18:28 LogicalConnectionImpl [DEBUG] Obtained JDBC connection 2012-02-14 18:18:28 SQL [DEBUG] select company0_.id as id7_, company0_.version as version7_, company0_.city as city7_, company0_.state as state7_, company0_.street as street7_, company0_.name as name7_, company0_.owner_id as owner7_7_ from Company company0_ where company0_.owner_id=? 2012-02-14 18:18:28 StatefulPersistenceContext [DEBUG] Initializing non-lazy collections 2012-02-14 18:18:28 EntityManagerFactoryUtils [DEBUG] Closing JPA EntityManager 2012-02-14 18:18:28 LogicalConnectionImpl [DEBUG] Releasing JDBC connection 2012-02-14 18:18:28 LogicalConnectionImpl [DEBUG] Released JDBC connection 2012-02-14 18:18:28 ConnectionProxyHandler [DEBUG] HHH000163: Logical connection releasing its physical connection 2012-02-14 18:18:28 DefaultListableBeanFactory [DEBUG] Invoking afterPropertiesSet() on bean with name 'company/list' 2012-02-14 18:18:28 DefaultListableBeanFactory [DEBUG] Returning cached instance of singleton bean 'org.springframework.transaction.config.internalTransactionAdvisor' 2012-02-14 18:18:28 DefaultListableBeanFactory [DEBUG] Returning cached instance of singleton bean 'org.springframework.security.methodSecurityMetadataSourceAdvisor' 2012-02-14 18:18:28 DefaultListableBeanFactory [DEBUG] Returning cached instance of singleton bean 'org.springframework.transaction.config.internalTransactionAdvisor' 2012-02-14 18:18:28 DefaultListableBeanFactory [DEBUG] Returning cached instance of singleton bean 'org.springframework.security.methodSecurityMetadataSourceAdvisor' 2012-02-14 18:18:28 DispatcherServlet [DEBUG] Rendering view [org.springframework.web.servlet.view.JstlView: name 'company/list'; URL [/WEB-INF/view/company/list.jsp]] in DispatcherServlet with name 'spring' 2012-02-14 18:18:28 JstlView [DEBUG] Added model object 'companies' of type [java.util.ArrayList] to request in view with name 'company/list' 2012-02-14 18:18:28 JstlView [DEBUG] Forwarding to resource [/WEB-INF/view/company/list.jsp] in InternalResourceView 'company/list' 2012-02-14 18:18:30 DispatcherServlet [DEBUG] Successfully completed request 2012-02-14 18:18:30 ExceptionTranslationFilter [DEBUG] Chain processed normally 2012-02-14 18:18:30 SecurityContextPersistenceFilter [DEBUG] SecurityContextHolder now cleared, as request processing completed 2012-02-14 18:18:30 AntPathRequestMatcher [DEBUG] Checking match of request : '/resources/img/hp_notepad2_mechapencil.ico'; against '/resources/**' 2012-02-14 18:18:30 FilterChainProxy [DEBUG] /resources/img/hp_notepad2_mechapencil.ico has an empty filter list 2012-02-14 18:18:30 DispatcherServlet [DEBUG] DispatcherServlet with name 'spring' processing GET request for [/Held/resources/img/hp_notepad2_mechapencil.ico] 2012-02-14 18:18:30 RequestMappingHandlerMapping [DEBUG] Looking up handler method for path /resources/img/hp_notepad2_mechapencil.ico 2012-02-14 18:18:30 RequestMappingHandlerMapping [DEBUG] Did not find handler method for [/resources/img/hp_notepad2_mechapencil.ico] 2012-02-14 18:18:30 SimpleUrlHandlerMapping [DEBUG] Matching patterns for request [/resources/img/hp_notepad2_mechapencil.ico] are [/resources/**] 2012-02-14 18:18:30 SimpleUrlHandlerMapping [DEBUG] URI Template variables for request [/resources/img/hp_notepad2_mechapencil.ico] are {} 2012-02-14 18:18:30 SimpleUrlHandlerMapping [DEBUG] Mapping [/resources/img/hp_notepad2_mechapencil.ico] to HandlerExecutionChain with handler [org.springframework.web.servlet.resource.ResourceHttpRequestHandler@1ca2fb0] and 1 interceptor 2012-02-14 18:18:30 DispatcherServlet [DEBUG] Last-Modified value for [/Held/resources/img/hp_notepad2_mechapencil.ico] is: -1 2012-02-14 18:18:30 ResourceHttpRequestHandler [DEBUG] Trying relative path [img/hp_notepad2_mechapencil.ico] against base location: ServletContext resource [/resources/] 2012-02-14 18:18:30 ResourceHttpRequestHandler [DEBUG] Found matching resource: ServletContext resource [/resources/img/hp_notepad2_mechapencil.ico] 2012-02-14 18:18:30 ResourceHttpRequestHandler [DEBUG] Determined media type 'image/x-icon' for ServletContext resource [/resources/img/hp_notepad2_mechapencil.ico] 2012-02-14 18:18:30 ResourceHttpRequestHandler [DEBUG] Resource not modified - returning 304 2012-02-14 18:18:30 DispatcherServlet [DEBUG] Null ModelAndView returned to DispatcherServlet with name 'spring': assuming HandlerAdapter completed request handling 2012-02-14 18:18:30 DispatcherServlet [DEBUG] Successfully completed request </code></pre> <hr> <p>Can you help me?.. Am i missing something?</p> <p>Thanks in advance.</p>
    singulars
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. PTQuestion
    1. USMüsli
    1. USMüsli
    plurals
    1. PL
      singulars
      1. LTLinked
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    1. VO
      singulars
      1. POspring security 3.1 isAuthenticated() not working
      1. USMüsli
      1. VTBountyStart
    2. VO
      singulars
      1. POspring security 3.1 isAuthenticated() not working
      1. This table or related slice is empty.
      1. VTUpMod
    3. VO
      singulars
      1. POspring security 3.1 isAuthenticated() not working
      1. This table or related slice is empty.
      1. VTBountyClose
    1. COYou'll need to provide some more details. What is the URL? What does the debug log contain when you request the JSP?
      singulars
      1. POspring security 3.1 isAuthenticated() not working
      1. USShaun the Sheep
    2. COi've edited the post with the debug information. Thanks
      singulars
      1. POspring security 3.1 isAuthenticated() not working
      1. USMüsli
    3. COOh.. i see.. thanks to the debug information i did a test.. i wrote <security:authentication property="principal.username"/> on my list.jsp and to my surprise is rendered. So it means i have a problem with my sitemesh template.. because i use sitemesh for templating and the same line in my template is not rendered... I hope be clear....
      singulars
      1. POspring security 3.1 isAuthenticated() not working
      1. USMüsli
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload