google app engine - Spring Security: SecurityContextHolder.getContext().getAuthentication() returns null on Wicket Page -

-

i using spring mvc(for rest), spring security 3 , apache wicket (ui) on google app engine. working fine except having trouble in getting authentication on wicket page through securitycontextholder after login.

i have google'd issue, none seems working me. suspect wrong web xml. can please help. thanks.

i using tutorials spring security on google app engine http://blog.springsource.org/2010/08/02/spring-security-in-google-app-engine/

here web.xml

<?xml version="1.0" encoding="utf-8"?> <web-app>          <display-name>mtp portal</display-name>  <context-param>     <param-name>contextconfiglocation</param-name>     <param-value>         /web-inf/mtp-web-servlet.xml, /web-inf/mtp-web-security-context.xml     </param-value> </context-param>  <filter>     <filter-name>springsecurityfilterchain</filter-name>     <filter-class>org.springframework.web.filter.delegatingfilterproxy</filter-class> </filter>  <filter-mapping>     <filter-name>springsecurityfilterchain</filter-name>     <url-pattern>/*</url-pattern> </filter-mapping>  <listener>     <listener-class>org.springframework.web.context.contextloaderlistener</listener-class> </listener>  <servlet>     <servlet-name>mtp-web</servlet-name>     <servlet-class>org.springframework.web.servlet.dispatcherservlet</servlet-class> </servlet>  <servlet-mapping>     <servlet-name>mtp-web</servlet-name>     <url-pattern>/api/*</url-pattern> </servlet-mapping>  <filter>     <filter-name>wicketapp</filter-name>     <filter-class>org.apache.wicket.protocol.http.wicketfilter</filter-class>     <init-param>         <param-name>applicationfactoryclassname</param-name>         <param-value>org.apache.wicket.spring.springwebapplicationfactory</param-value>     </init-param> </filter>  <filter-mapping>     <filter-name>wicketapp</filter-name>     <url-pattern>/*</url-pattern> </filter-mapping>

here spring security config:

<?xml version="1.0" encoding="utf-8"?> <b:beans xmlns="http://www.springframework.org/schema/security"      xmlns:b="http://www.springframework.org/schema/beans"      xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"      xsi:schemalocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd     http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">  <global-method-security pre-post-annotations="enabled"/>  <http pattern="/images/**" security="none"/> <http pattern="/css/**" security="none"/> <http pattern="/js/**" security="none"/> <http pattern="/api/**" security="none"/> <http pattern="/favicon.ico" security="none"/> <http pattern="/disabled" security="none"/>  <http use-expressions="true" entry-point-ref="gaeentrypoint" auto-config="true">     <intercept-url pattern="/" access="permitall"/>     <intercept-url pattern="/api/**" access="permitall"/>     <intercept-url pattern="/admin/logout" access="permitall"/>     <intercept-url pattern="/register" access="hasrole('new_user')"/>     <intercept-url pattern="/admin/**" access="hasrole('admin')"/>     <custom-filter position="pre_auth_filter" ref="gaefilter"/> </http>  <b:bean id="gaeentrypoint"         class="com.peerbuccoss.apps.mtp.web.authentication.impl.googleaccountsauthenticationentrypoint"/>  <b:bean id="gaefilter" class="com.peerbuccoss.apps.mtp.web.authentication.filter.gaeauthenticationfilter">     <b:property name="authenticationmanager" ref="authenticationmanager"/>     <b:property name="failurehandler">         <b:bean class="org.springframework.security.web.authentication.exceptionmappingauthenticationfailurehandler">             <b:property name="exceptionmappings">                 <b:map>                     <b:entry key="org.springframework.security.authentication.disabledexception"                              value="/disabled"/>                 </b:map>             </b:property>         </b:bean>     </b:property> </b:bean>  <authentication-manager alias="authenticationmanager">     <authentication-provider ref="gaeauthenticationprovider"/> </authentication-manager>  <b:bean id="gaeauthenticationprovider"         class="com.peerbuccoss.apps.mtp.web.authentication.provider.googleaccountsauthenticationprovider"/>

i'm not sure url failing obtain securitycontext (perhaps can provide example url), securitycontext not populated url mapped security="none". because security="none" instructs spring security ignore url entirely. if need access securitycontext on url allowed every user, need use permitall.

ps: if not might provide example url having trouble getting authentication. might provide details on mean "having trouble in getting authentication on wicket page" (i.e. null, throwing exception, etc).


Comments

Post a Comment

Popular posts from this blog

c# - SVN Error : "svnadmin: E205000: Too many arguments" -

-
i trying reposotries using c# code process svncommand = null; var psi = new processstartinfo("svnadmin"); psi.redirectstandardoutput = true; psi.redirectstandarderror = true; psi.useshellexecute = false; psi.arguments= @"dump c:\repositories\myrepo > c:\temp\myrepodumpfile.dump"; using (svncommand = process.start(psi)) { var myoutput = svncommand.standardoutput; var myerror = svncommand.standarderror; debug.write("output :" + environment.newline + environment.newline + myoutput.readtoend() + environment.newline + "error :" + environment.newline + environment.newline + myerror.readtoend()); svncommand.close(); } when use dump command commandline svnadmin dump c:\repositories\myrepo > c:\temp\myrepodumpfile.dump it works fine when try ...
Read more

c++ - Using OpenSSL in a multi-threaded application -

-
i have been writing soap client application in c++ on ubuntu using openssl https transport , pthreads threading. have number of threads - 1 central data acquisition thread periodically gets worker threads make soap requests via shared mutex protected queues. reading documentation openssl found is openssl thread-safe? in openssl faq describes mechanisms required ensure thread safety when using openssl. implemented , works fine. the reason question conceptual difficulty really. thinking implementing same functionality application has already, instead of using threads, create 2 seperate applications : 1 worker thread (of multiple copies running) , main data acquisition thread. use tcp sockets communicate between 2 rather mutex protected queues. may bad idea not important - confusing me would have implement same functions required ensure openssl thread safety in second approach or not? my guess not have , treated independent (indeed surely must many applications use openssl) re...
Read more

All overlapping substrings matching a java regex -

-
is there api method returns (possibly overlapping) substrings match regular expression? for example, have text string: string t = 04/31 412-555-1235; , , have pattern: pattern p = new pattern("\\d\\d+"); matches strings of 2 or more characters. the matches are: 04, 31, 412, 555, 1235. how overlapping matches? i want code return: 04, 31, 41, 412, 12, 55, 555, 55, 12, 123, 1235, 23, 235, 35. theoretically should possible -- there obvious o(n^2) algorithm enumerates , checks substrings against pattern. edit rather enumerating substrings, safer use region(int start, int end) method in matcher . checking pattern against separate, extracted substring might change result of match (e.g. if there non-capturing group or word boundary check @ start/end of pattern). edit 2 actually, it's unclear whether region() expect zero-width matches. specification vague, , experiments yield disappointing results. for example: string line = "xx90xx"; strin...
Read more