I am working with springMVC development. I had TilesViewResolver bean as below
<beans:bean class="org.springframework.web.servlet.view.tiles2.TilesViewResolver"
id="tilesviewResolver" />
<beans:bean class="org.springframework.web.servlet.view.tiles2.TilesConfigurer"
id="tilesConfigurer">
<beans:property name="definitions">
<beans:list>
<beans:value>/WEB-INF/tile-layout-definition.xml</beans:value>
</beans:list>
</beans:property>
using above I got error,
part of error
java.lang.NoClassDefFoundError: org/apache/tiles/TilesApplicationContext
java.lang.Class.getDeclaredMethods0(Native Method)
java.lang.Class.privateGetDeclaredMethods(Class.java:2701)
java.lang.Class.getDeclaredMethods(Class.java:1975)
org.springframework.util.ReflectionUtils.getDeclaredMethods(ReflectionUtils.java:606)
It was solved using this.
sloved code
<beans:bean class="org.springframework.web.servlet.view.tiles3.TilesViewResolver"
id="tilesviewResolver" />
<beans:bean class="org.springframework.web.servlet.view.tiles3.TilesConfigurer"
id="tilesConfigurer">
<beans:property name="definitions">
<beans:list>
<beans:value>/WEB-INF/tile-layout-definition.xml</beans:value>
</beans:list>
</beans:property>
</beans:bean>
But I have no idea how it was solved. Is it using the latest version of tiles (tiles3 other than tiles2) or any other?
Related
I'm quite stuck migrating our web application from Wicket 1.4 to Wicket 6.20.
I'm also moving Spring Security to version 3.2.8.RELEASE from previous (and old) version 2.0.4.
Here it is a copy of Spring security context configuration:
<bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy">
<security:filter-chain-map path-type="ant" >
<security:filter-chain request-matcher-ref="requestMatcher"
filters="
securityContextPersistenceFilter,
concurrentSessionFilter,sessionManagementFilter"
pattern="/**" />
</security:filter-chain-map>
</bean>
<beans:bean id="securityContextPersistenceFilter"
class="org.springframework.security.web.context.SecurityContextPersistenceFilter">
<beans:constructor-arg ref="securityContextRepository"></beans:constructor-arg>
</beans:bean>
<beans:bean id="sessionManagementFilter"
class="org.springframework.security.web.session.SessionManagementFilter">
<beans:constructor-arg ref="securityContextRepository"></beans:constructor-arg>
<beans:constructor-arg ref="sas"></beans:constructor-arg>
</beans:bean>
<beans:bean id="requestMatcher" class="org.springframework.security.web.util.matcher.AntPathRequestMatcher" >
<beans:constructor-arg value="/**"></beans:constructor-arg>
</beans:bean>
<beans:bean id="concurrentSessionFilter"
class="org.springframework.security.web.session.ConcurrentSessionFilter">
<beans:constructor-arg ref="sessionRegistry" ></beans:constructor-arg>
<beans:constructor-arg value="/petrol/login" ></beans:constructor-arg>
</beans:bean>
<beans:bean id="sas" class="org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy">
<beans:constructor-arg>
<beans:list>
<beans:bean class="org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy">
<beans:constructor-arg ref="sessionRegistry"/>
<beans:property name="maximumSessions" value="1" />
<beans:property name="exceptionIfMaximumExceeded" value="true" />
</beans:bean>
<beans:bean class="org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy">
</beans:bean>
<beans:bean class="org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy">
<beans:constructor-arg ref="sessionRegistry"/>
</beans:bean>
</beans:list>
</beans:constructor-arg>
</beans:bean>
<beans:bean id="sessionRegistry"
class="org.springframework.security.core.session.SessionRegistryImpl" />
<beans:bean id="authenticationManager"
class="org.springframework.security.authentication.ProviderManager">
<beans:property name="providers">
<beans:list>
<beans:ref local="petrolAuthenticationProvider" />
</beans:list>
</beans:property>
</beans:bean>
<beans:bean name='securityContextRepository'
class='org.springframework.security.web.context.HttpSessionSecurityContextRepository'>
<beans:property name='allowSessionCreation' value='true' />
</beans:bean>
<beans:bean id="petrolAuthenticationProvider"
class="it.loginet.petrol.infrastructure.security.PetrolAuthenticationProvider">
<beans:property name="utenteRepository" ref="utenteRepository" />
</beans:bean>
SessionManagementFilter should filter our Request, testing if concurrent logins are allowed for a user.
The problem is that when it comes to verify a successful Authentication, SecurityContextRepository already contains the SecurityContext, and it doesn't call "SessionAuthenticationStrategy.onAuthentication" method.
if (!securityContextRepository.containsContext(request)) {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication != null && !trustResolver.isAnonymous(authentication)) {
// The user has been authenticated during the current request, so call the session strategy
try {
sessionAuthenticationStrategy.onAuthentication(authentication, request, response);
} catch (SessionAuthenticationException e) {
// The session strategy can reject the authentication
logger.debug("SessionAuthenticationStrategy rejected the authentication object", e);
SecurityContextHolder.clearContext();
failureHandler.onAuthenticationFailure(request, response, e);
return;
}
.........
SaveToSessionResponseWrapper class save SPRING_SECURITY_KEY attribute on the HttpSession, the SessionManagementFilter already find this attribute on the HttpSession and actually skip the inner SessionAuthenticationStrategy validation.
What I'm doing wrong on the migration?
OK, I think I found solution to my problem..
SessionManagementFilter, as stated here (http://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#ftn.d5e3442), doesn't recognize form logins authentication as I was using it in my application.
Thus concurrency strategy inside this filter would be never called..
So I decided to extend ProviderManager class with a new SessionManagementProviderManager instance, overriding ProviderManager.authenticate() method to apply 1) initial authentication process using inner AuthenticationManager and 2)SessionAuthenticationStrategy.onAuthentication() on the resulting Authentication returned from point 1).
Maybe this answer can help someone else with same problems migrating Spring Security..
I am trying to use 2 databases in my spring project. It is working fine if I use 1 database but when add other databases I am getting following error message.
org.hibernate.HibernateException: No Session found for current thread
dispatcher-servlet
<beans:bean id="sessionFactory" class="org.springframework.orm.hibernate4.LocalSessionFactoryBean">
<beans:property name="dataSource" ref="sample" />
<beans:property name="annotatedClasses">
<beans:list>
<beans:value>com.kendoui.spring.models.Constraint</beans:value>
</beans:list>
</beans:property>
<beans:property name="hibernateProperties">
<beans:props>
<beans:prop key="hibernate.dialect">org.hibernate.dialect.SQLServer2008Dialect
</beans:prop>
<beans:prop key="hibernate.show_sql">true</beans:prop>
<beans:prop key="hibernate.format_sql">true</beans:prop>
</beans:props>
</beans:property>
</beans:bean>
<beans:bean id="transactionManager" class="org.springframework.orm.hibernate4.HibernateTransactionManager">
<beans:property name="sessionFactory" ref="sessionFactory" />
</beans:bean>
<beans:bean id="Ascent" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
<beans:property name="driverClassName" value="com.microsoft.sqlserver.jdbc.SQLServerDriver" />
<beans:property name="url" value="jdbc:sqlserver://localhost:1433;databaseName=Ascent;" />
<beans:property name="username" value="sa" />
<beans:property name="password" value="abc123" />
<beans:property name="maxActive" value="1" />
<beans:property name="maxIdle" value="1" />
</beans:bean>
<beans:bean id="sessionFactory2" class="org.springframework.orm.hibernate4.LocalSessionFactoryBean">
<beans:property name="dataSource" ref="Ascent" />
<beans:property name="annotatedClasses">
<beans:list>
<beans:value>com.kendoui.spring.models.ItemOperationSequence</beans:value>
</beans:list>
</beans:property>
<beans:property name="hibernateProperties">
<beans:props>
<beans:prop key="hibernate.dialect">org.hibernate.dialect.SQLServer2008Dialect</beans:prop>
<beans:prop key="hibernate.show_sql">true</beans:prop>
<beans:prop key="hibernate.format_sql">true</beans:prop>
</beans:props>
</beans:property>
</beans:bean>
<beans:bean id="transactionManager2" class="org.springframework.orm.hibernate4.HibernateTransactionManager">
<beans:property name="sessionFactory" ref="sessionFactory2" />
</beans:bean>
<!-- Enable annotation driven transactions. Required by getCurrentSession(). -->
<tx:annotation-driven/>
DAO implemantation
#Transactional("transactionManager2")
#Component
public class ItemOprSeqDaoImpl implements ItemOprSeqDao {
#Autowired
private SessionFactory sessionFactory;
#Override
public List<ItemOperationSequence> getList(String Itemcode) {
Session session = sessionFactory.getCurrentSession();
String queryStr= "select * from [#is_itemtrvoprdetails]";
Query query= session.createSQLQuery(queryStr).addEntity(ItemOperationSequence.class);
List <ItemOperationSequence> d=query.list();
return d;
}
}
I tried many different things but it is not working.
I tried using <beans:qualifier value="Ascent" /> in my servlet
and
#Qualifier(value="SessionFactory2") in my DAO
but nothing seems to work.
Anyone knows the answer to this problem. I would really appreciate if you could help.
Thanks in advance.
<tx:annotation-driven/> should be declared twice once for each transaction manager.
<tx:annotation-driven transaction-manager="transactionManager2"/>
and
<tx:annotation-driven transaction-manager="transactionManager"/>
Also add #Qualifier for
#Autowired
#Qualifier(value="SessionFactory2")
private SessionFactory sessionFactory;
You need to define a ChainedTransactionManager with both HibernateTransactionManagers as input.
I am not used to spring xml configuration, but it should look like this.
Than just use only #Transactional without a value.
<beans:bean id="transactionManager1" class="org.springframework.orm.hibernate4.HibernateTransactionManager">
<beans:property name="sessionFactory" ref="sessionFactory" />
</beans:bean>
<beans:bean id="transactionManager2" class="org.springframework.orm.hibernate4.HibernateTransactionManager">
<beans:property name="sessionFactory" ref="sessionFactory2" />
</beans:bean>
<beans:bean id="transactionManager" class="org.springframework.data.transaction.ChainedTransactionManager">
<beans:constructor-arg>
<list>
<beans:ref bean="transactionManager1" />
<beans:ref bean="transactionManager2" />
</list>
</beans:constructor-arg>
</beans:bean>
Okay I solved the problem by doing this.
first declared transaction-manager
<tx:annotation-driven transaction-manager="transactionManager1"/>
Then in my DAO used
#Transactional("transactionManager2")
#Component
public class ItemOprSeqDaoImpl implements ItemOprSeqDao {
#Autowired
#Qualifier("sessionFactory2")
private SessionFactory sessionFactory;
//then rest of the code
}
Its working fine now. Thanks you guys for your help.
I have a code snippet
<beans:bean id="accessDecisionManager"
class="org.springframework.security.access.vote.AffirmativeBased">
<beans:property name="decisionVoters">
<beans:list>
<beans:bean
class="org.springframework.security.access.vote.AuthenticatedVoter" />
<beans:bean class="org.springframework.security.access.vote.RoleVoter" />
</beans:list>
</beans:property>
</beans:bean>
I want to migrate this to spring 4
According to http://docs.spring.io/spring-security/site/migrate/current/3-to-4/html5/migrate-3-to-4-xml.html#m3to4-deprecations-core-aadm
I know that if i have something like this:
<b:bean class="org.springframework.security.access.vote.UnanimousBased">
<b:property name="decisionVoters" ref="voters"/>
</b:bean>
I have to do :
<b:bean class="org.springframework.security.access.vote.UnanimousBased">
<b:constructor-arg ref="voters"/>
</b:bean>
But i don't know how to do it in my case.. please help
I would also appreciate if you could point out the signifacance of property name thank you.
Sorry pretty stupid of me. This seems to work perfect.
<beans:bean id="accessDecisionManager"
class="org.springframework.security.access.vote.AffirmativeBased">
<beans:constructor-arg>
<beans:list>
<beans:bean
class="org.springframework.security.access.vote.AuthenticatedVoter" />
<beans:bean class="org.springframework.security.access.vote.RoleVoter" />
</beans:list>
</beans:constructor-arg>
</beans:bean>
Below is my step configuration -
<beans:bean id="myInputFileReader" class="com.rbos.fm.risk.batch.spring.reader.InputFileReader" scope="step">
<beans:property name="delegate">
<beans:bean class="org.springframework.batch.item.file.FlatFileItemReader"
scope="step">
<beans:property name="resource" ref="inputFileSystemResource" />
<beans:property name="linesToSkip" value="1" />
<beans:property name="lineMapper">
<beans:bean class="org.springframework.batch.item.file.mapping.DefaultLineMapper">
<beans:property name="lineTokenizer">
<beans:bean class="org.springframework.batch.item.file.transform.DelimitedLineTokenizer">
<beans:property name="delimiter" value="|"/>
</beans:bean>
</beans:property>
<beans:property name="fieldSetMapper">
<beans:bean class="com.test.MyFieldMapper1" scope="prototype"/>
</beans:property>
</beans:bean>
</beans:property>
</beans:bean>
</beans:property>
<beans:property name="param1" value="#{jobParameters['param1']}"/>
<beans:property name="param2" value="#{jobParameters['param2']}"/>
<beans:property name="param3" value="#{jobParameters['param3']}"/>
</beans:bean>
<beans:bean id="fileItemWriter" class="org.springframework.batch.item.file.FlatFileItemWriter">
<beans:property name="resource" ref="outputFileSystemResource" />
<beans:property name="lineAggregator">
<beans:bean class="org.springframework.batch.item.file.transform.DelimitedLineAggregator">
<beans:property name="delimiter" value="|"/>
<beans:property name="fieldExtractor">
<beans:bean class="org.springframework.batch.item.file.transform.BeanWrapperFieldExtractor">
<beans:property name="names"
value="outcolomn1, outcolomn2, outcolomn3, outcolomn4"/>
</beans:bean>
</beans:property>
</beans:bean>
</beans:property>
</beans:bean>
<step id="myPreProcessing1">
<tasklet>
<chunk reader="myInputFileReader" processor="myFileProcessor1" writer="fileItemWriter"
commit-interval="10000"/>
</tasklet>
</step>
I have to add other (similar) steps. I would like to use same readers and writers as only change in reader will be a new FieldSetMapper and writer will be a new BeanWrapperFieldExtractor. So ideally, I would like to specify a reader and writer on parent level and would like to refer them in all the steps by just overriding new mapper and extractor.
Use Bean Definition Inheritance. Create an abstract bean definition and have your actual definitions use this as a parent.
<beans:bean id="parentInputFileReader" class="com.rbos.fm.risk.batch.spring.reader.InputFileReader" scope="step" abstract="true">
<beans:property name="delegate">
<beans:bean class="org.springframework.batch.item.file.FlatFileItemReader">
<beans:property name="resource" ref="inputFileSystemResource" />
<beans:property name="linesToSkip" value="1" />
</beans:bean>
</beans:property>
<beans:property name="param1" value="#{jobParameters['param1']}"/>
<beans:property name="param2" value="#{jobParameters['param2']}"/>
<beans:property name="param3" value="#{jobParameters['param3']}"/>
</beans:bean>
<beans:bean id="parentLineMapper" class="org.springframework.batch.item.file.mapping.DefaultLineMapper" abstract="true">
<beans:property name="lineTokenizer">
<beans:bean class="org.springframework.batch.item.file.transform.DelimitedLineTokenizer">
<beans:property name="delimiter" value="|"/>
</beans:bean>
</beans:property>
</beans:bean>
Now that you have parent beans you can reference them using the parent attribute and only configure those properties that are needed or need to be modified from the default.
<bean id="myInputFileReader" parent="parent">
<beans:property name="lineMapper">
<bean parent="parentLineMapper" >
<beans:property name="fieldSetMapper">
<beans:bean class="com.test.MyFieldMapper1" />
</beans:property>
</bean>
</beans:property />
</bean>
I solved my issue here.
I had forgotten about the following:
<beans:bean id="authenticationProcessingFilterEntryPoint" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<beans:property name="loginFormUrl" value="/index.jsp" />
<beans:property name="forceHttps" value="false" />
</beans:bean>
As you can see from above I do have /index.jsp and that is where it is trying to go.
The other issue is the following line
<concurrent-session-control max-sessions="1" exception-if-maximum-exceeded="true"/>
So this tells me to throw and exception.
So in the end - everything appears to be working as expected.
Original Post:
As the subject states I have the following configuration:
<beans:bean id="authenticationProcessingFilter" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
<custom-filter position="AUTHENTICATION_PROCESSING_FILTER" />
<beans:property name="defaultTargetUrl" value="/admin/adminLanding.html"/>
<beans:property name="authenticationManager" ref="authenticationManager" />
<beans:property name="authenticationFailureUrl" value="/login.jsp?login_error=1"/>
<beans:property name="allowSessionCreation" value="true" />
<beans:property name="targetUrlResolver" ref="roleBasedTargetUrlResolver" />
</beans:bean>
My expectation is that when a authentication fails or has expired that it would make use of the setting for authenticationFailureURL. But what I get is the following error in my log:
The requested resource (/ecotrak/index.jsp) is not available.
I do not understand why it is looking for index.jsp when I have given /login.jsp?login_error=1 as the value.
Any direction it this?