I am new to Spring and am using Spring 3.2.5 RELEASE. I have a custom UserDetailsSevice called MongoUserDetailsService. This is my application-security.xml.
<http auto-config="true">
<intercept-url pattern="/secured/*" access="ROLE_USER" />
<form-login login-processing-url="/login" login-page="/loginPage"
username-parameter="username" password-parameter="password"
default-target-url="/secured/mypage" authentication-failure-url="/loginPage?auth=fail" />
<logout logout-url="/logout" logout-success-url="/logoutPage" />
</http>
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="mongoUserDetailsService">
<password-encoder hash="plaintext" />
</authentication-provider>
</authentication-manager>
and here is my dispatcher-servlet.xml
<context:component-scan base-package="com.srccodes.spring.controller" />
<mvc:annotation-driven />
<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/pages/" />
<property name="suffix" value=".jsp" />
</bean>
<bean id="mongoUserDetailsService" class="com.srccodes.spring.security.MongoUserDetailsService">
</bean>
I receive a bean not found error in application-security.xml where the authentication-provider is provided. I have checked the paths and they are correct.
I am adding my web.xml as well.
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<!-- Spring context files to be loaded -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext.xml,
/WEB-INF/application-security.xml,
/WEB-INF/mongo-config.xml
</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- filter declaration for Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
in application-security.xml file must import the dispatcher-servlet.xml the following code is showing the import sysntax:
1- if dispatcher-servlet.xml is buildPath:
<import resource="classpath:DIR/dispatcher-servlet.xml" />
2- if it is WEB-INF DIR
<import resource="DIR/dispatcher-servlet.xml" />
i hope to help you
If you've defined your application-security.xml as a root context (i.e, it's loaded via ... ContextLoaderListener) and your dispatcher-servlet.xml via DispatcherServlet, you'll have visibility/scoping issues. The DispatcherServlet context are children to root context, therefore beans defined in DispatcherServlet context ARE NOT visible to root context, but root context beans ARE visible to all children servlet contexts.
So move your mongoUserDetailsService to your application-security.xml
UPDATE:
You are loading your dispatcher-servlet.xml configurations twice, once explicitly at
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/dispatcher-servlet.xml
/WEB-INF/application-security.xml
/WEB-INF/mongo-config.xml
</param-value>
</context-param>
and again implicitly (by Spring convention) with the DispatcherServlet. You should checkout the Spring reference for better understanding of ApplicationContext and DispatcherServlet
You need to remove dispatcher-servlet.xml from contextConfigLocations
Your dispatcher-servlet.xml should only include Spring MVC related config. Unless it's your intention, the following component-scan is too inclusive, you should limit it to spring mvc related (e.g. controllers), move things like security, repositories to a root context.
<context:component-scan base-package="com.srccodes.spring" />
<context:component-scan base-package="com.srccodes.spring.security" />
<context:component-scan base-package="com.srccodes.spring.domain" />
<context:component-scan base-package="com.srccodes.spring.repositories" />
<context:component-scan base-package="com.srccodes.spring.controller" />
move your mongoUserDetailsService to the application-security.xml
Related
I am studying a existing Spring MVC 3 project, while looking into spring and context config files I get confused, please clear it or suggest me If something is wrong.
Upadte root-context.xml file
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
<!-- Root Context: defines shared resources visible to all other web components -->
<bean id="messageSource" class="org.springframework.context.support.ReloadableResourceBundleMessageSource">
<property name="basenames">
<list>
<value>classpath:messages</value>
</list>
</property>
<property name="defaultEncoding" value="UTF-8" />
</bean>
<bean id="localeChangeInterceptor"
class="org.springframework.web.servlet.i18n.LocaleChangeInterceptor">
<property name="paramName" value="lang" />
</bean>
<bean id="localeResolver"
class="org.springframework.web.servlet.i18n.CookieLocaleResolver">
<property name="defaultLocale" value="en" />
</bean>
<bean id="themeSource" class="org.springframework.ui.context.support.ResourceBundleThemeSource">
<property name="basenamePrefix" value="detailtheme-" />
</bean>
<bean id="themeResolver" class="org.springframework.web.servlet.theme.CookieThemeResolver">
<property name="defaultThemeName" value="en" />
</bean>
<!-- Helper bean to load all properties files -->
<bean id="LoadPropertiesFiles" class="org.commons.utilities.LoadPropertiesFileHelper"
init-method="loadPropertiesFileMethod" lazy-init="false" />
</beans>
Here I don't understand what is lang? What I understand is it's a veriable name whose value is assigned to paramName (DEFAULT_PARAM_NAME), but I don't understand how value is assigned to lang because I don't find any single location where some value (like en,hi..etc) is set.
The most confusing thing is one more bean with same class is defined in servlet-context.xml as :
<mvc:interceptors>
<beans:bean class="org.springframework.web.servlet.i18n.LocaleChangeInterceptor">
<beans:property name="paramName" value="lang" />
</beans:bean>
...
</mvc:interceptors>
Why two beans of same class is defined, is this wrong? if not, then what is work of bean defined in root-context.xml and servlet-context.xml?
Below is web.xml for reference:
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/root-context.xml</param-value>
</context-param>
<!-- Listener to prevent class loader leaks -->
<listener>
<listener-class>se.jiderhamn.classloader.leak.prevention.ClassLoaderLeakPreventor</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>appServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/appServlet/servlet-context.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>appServlet</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<filter>
<filter-name>CharacterEncodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CharacterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>sitemesh</filter-name>
<filter-class>org.sitemesh.config.ConfigurableSiteMeshFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>sitemesh</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<jsp-config>
<taglib>
<taglib-uri>/tagTld</taglib-uri>
<taglib-location>/resources/tld/EnumTag.tld</taglib-location>
</taglib>
</jsp-config>
</web-app>
LocaleChangeInterceptor will intercept web requests to your web app, and look for query param with name lang (E.g. http://mywebapp.com/login?lang=en), and try to set app's locale accordingly so that you can do localization of your web app.
As far as two files root-context.xml and servlet-context.xml is concerned - first file is being used by <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> and second file is being used by org.springframework.web.servlet.DispatcherServlet.
ContextLoaderListener can be used to initialize Spring even when you are not necessarily using Spring MVC. The DispatcherServlet is specific to Spring MVC and is needed if you are making use of it.
It may be possible to get rid of root-context.xml, but it will require you to review design of your app as there may be non-SpringMVC components that depend on beans defined root-context.xml.
Indeed, this bean definition does not belong to the root context, so you can safely delete the one defined in root-context.xml and just leave the one in servlet-context.xml.
As for the paramName parameter, this is the name of the request parameter that will be used to change the locale - see reference documentation.
I know this has been asked a lot, but none of the answers seem to actually work for me. I've been banging my head against Spring Security for the last two days and had zero luck. The documentation claims it's super easy to setup, but I can't help but feel like it is missing something.
My web.xml:
<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<display-name>SpringProject</display-name>
<!-- Spring Configuration Files -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
classpath*:mvcDispatcher-servlet.xml
classpath*:application-security.xml
</param-value>
</context-param>
<!-- Spring Security Filters -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>
org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Spring Listeners -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- MVC Filter -->
<servlet>
<servlet-name>mvcDispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>mvcDispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
</web-app>
And my application-security.xml:
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<global-method-security secured-annotations="enabled" />
<http use-expressions="true">
<form-login login-page="/login"
login-processing-url="/j_spring_security_check"
default-target-url="/view"
authentication-failure-url="/login?login_error=t" />
<intercept-url pattern="/login" access="isAnonymous()" />
<intercept-url pattern="/**" access="isAuthenticated()" />
</http>
<authentication-manager>
<authentication-provider user-service-ref="userService" />
</authentication-manager>
<user-service id="userService">
<user name="user" password="password" authorities="ROLE_ADMIN" />
</user-service>
</beans:beans>
When I deploy (to WAS8.0) and attempt to get to my login page, I get the error:
com.ibm.ws.webcontainer.webapp.WebApp logServletError SRVE0293E: [Servlet Error]-[mvcDispatcher]: org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'springSecurityFilterChain' is defined
If I change web.xml from:
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
classpath*:mvcDispatcher-servlet.xml
classpath*:application-security.xml
</param-value>
</context-param>
to:
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
WEB-INF/mvcDispatcher-servlet.xml
WEB-INF/application-security.xml
</param-value>
</context-param>
I get the error
[Servlet Error]-[mvcDispatcher]: org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Unable to locate Spring NamespaceHandler for XML schema namespace [http://www.springframework.org/schema/security]
I have no idea what is causing this or why Spring Security is not working here. It's been incredibly frustrating. Any assistance is greatly appreciated, thanks!
Try following in your web.xml.
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>WEB-INF/application-security.xml</param-value>
</context-param>
Note:
The WEB-INF directory is not on the classpath.
The DispatcherServlet looks for WEB-INF/[servlet-name]-servlet.xml by default.
I have a webapp which I deploy on google appengine. I believe that the issue is not related to GAE, but there is something that I am missing...
Basically, I want to force the user to be authenticated in order to see/use anything that is under /secured dir. I have HTML page that is under this dir, but the user can easily navigate to it (without being authenticated). How do I secure it using SS?
I read this and that, tried it but it did not help :-(
My config - web.xml:
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>contextAttribute</param-name>
<param-value>org.springframework.web.servlet.FrameworkServlet.CONTEXT.spring</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- to integrate Spring with AppEngine project -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring-servlet.xml</param-value>
</context-param>
<!-- if we work with Spring-security, we already have a listener -->
<!-- listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener-->
<servlet>
<servlet-name>spring</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>spring</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
spring-servlet.xml:
<context:annotation-config />
<context:property-placeholder location="classpath:client.properties" />
<context:component-scan base-package="com.nice.coffee" />
<context:component-scan base-package="com.ohadr.auth_flows" />
<context:component-scan base-package="com.ohadr.crypto" />
<mvc:annotation-driven />
<mvc:default-servlet-handler />
<!-- dont use debug! https://jira.spring.io/browse/SEC-1885 >
<sec:debug />
-->
<mvc:resources mapping="/secured/**" location="/secured/" />
<sec:http pattern="/login/**" security="none" />
<sec:http pattern="/forgotPasswordPage" security="none" />
<sec:http pattern="/forgotPassword" security="none" />
<sec:http pattern="/createAccountPage" security="none" />
<sec:http pattern="/createAccount" security="none" />
<sec:http authentication-manager-ref="authenticationManager">
<sec:intercept-url pattern="/**/ohad.html" access="ROLE_ADMIN" />
<sec:intercept-url pattern="/secured/**" access="ROLE_USER" />
<sec:anonymous />
<sec:form-login login-page="/login/login.htm"
authentication-success-handler-ref="authenticationSuccessHandler"
authentication-failure-handler-ref="authenticationFailureHandler" />
</sec:http>
<sec:authentication-manager alias="authenticationManager">
<sec:authentication-provider
user-service-ref="userDetailsService">
<sec:password-encoder hash="sha-256">
<sec:salt-source user-property="username" />
</sec:password-encoder>
</sec:authentication-provider>
</sec:authentication-manager>...
my proj hierarchy:
...thanks in advance!
Rather than putting the secured pags under src/main/webapp/secured, which get served up directly, put them in src/main/resources/secured, and change your resources statement to
<mvc:resources mapping="/secured/**" location="classpath:/secured/" />
It appears that my problem was in this line:
<mvc:resources mapping="/secured/**" location="/secured/" />
spring-mvc is "confused" where both location and mapping are with the same name. So when a request to a resource enters the application, e.g. .../secured/my.html, spring-mvc does not use the mapping at all.
The solution was to change the location name (or the mapping, but I changed the location-name) so i ended up with:
<mvc:resources mapping="/secured/**" location="/secured_resources/" />
and all my resources (html, JS, etc) were under a dir called 'secured_resources'. Then, when a request arrived to the application, e.g .../secured/my.html, it was mapped successfully using MVC, hence the browser is redirected to login page, etc.
My autowire works fine from Controller and all the subclasses down below the controller. But when I try to Autowire any bean (using annotations) from Spring Security module like through UserDetails or through my customlogout handler.
I have read and found two ways to solve it
1. Remove
2. Move some code to the parent context.xml. But looks like this doesnt help me.
My web.xml
...
<servlet>
<servlet-name>appServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/appServlet/servlet-context.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>appServlet</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<!-- The definition of the Root Spring Container shared by all Servlets
and Filters -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring/database-context.xml,
/WEB-INF/spring/application-security.xml
</param-value>
</context-param>
My servlet-context file has the following:....
<mvc:resources mapping="/resources/**" location="/" />
<!-- Resolves views selected for rendering by #Controllers to .jsp resources
in the /WEB-INF/views directory -->
<beans:bean
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<beans:property name="prefix" value="/WEB-INF/views/" />
<beans:property name="suffix" value=".jsp" />
</beans:bean>
<context:component-scan base-package="com.inventory" />
<beans:bean id="messageSource"
class="org.springframework.context.support.ReloadableResourceBundleMessageSource">
<beans:property name="basename" value="classpath:messages"></beans:property>
<beans:property name="defaultEncoding" value="UTF-8"></beans:property>
</beans:bean>
Please help..
It indicates your autowired annotations are not activated.
Include
<context:annotation-config>
in your database-context.xml, application-security.xml files.
I'm trying to integrate Spring Security and GWT. I'm also using gwt-incubator-security. I configured everything as it was described on their wiki pages.
I managed to get security working by using intercept-url, but I can't get it working using annotations. Any ideas about what the problem is?
P.S. I'm using Spring 2.5.6, Spring Security 2.0.5 and gwt-incubator-security 1.0.1. Any useful links and comments are welcome.
Here are my config files
applicationContext.xml
<?xml version="1.0" encoding="UTF-8"?>
<global-method-security secured-annotations="enabled"
jsr250-annotations="disabled" />
<http auto-config="true">
<!-- <intercept-url pattern="/**/*.rpc" access="ROLE_USER" /> -->
<intercept-url pattern="/gwt/**" access="ROLE_USER" />
<intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
</http>
<authentication-provider>
<user-service>
<user name="rod" password="koala"
authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
<user name="dianne" password="emu" authorities="ROLE_USER,ROLE_TELLER" />
<user name="scott" password="wombat" authorities="ROLE_USER" />
<user name="peter" password="opal" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
<beans:bean id="greetService" class="com.ct.test.server.GreetingServiceImpl" />
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app>
<!-- Default page to serve -->
<welcome-file-list>
<welcome-file>Spring_test.html</welcome-file>
</welcome-file-list>
<!-- Spring related configuration -->
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<!-- Initialise the Spring MVC DispatcherServlet -->
<servlet>
<servlet-name>spring</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- Map the DispatcherServlet to only intercept RPC requests -->
<servlet-mapping>
<servlet-name>spring</servlet-name>
<url-pattern>/spring_test/greet.rpc</url-pattern>
<!--
<url-pattern>/org.example.gwtwisdom.GwtWisdom/services/*</url-pattern>
-->
</servlet-mapping>
<servlet>
<servlet-name>greetServlet</servlet-name>
<servlet-class>com.ct.test.server.GreetingServiceImpl</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>greetServlet</servlet-name>
<url-pattern>/spring_test/greet.rpc</url-pattern>
</servlet-mapping>
<!-- Spring security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
spring-servlet.xml
<?xml version="1.0" encoding="UTF-8"?>
<!-- The application context definition for the DispatcherServlet -->
<bean id="urlMapping" class="com.gwtincubator.security.server.GWTSecuredHandler">
<property name="mappings">
<map>
<entry key="/spring_test/greet.rpc" value-ref="greetService" />
</map>
</property>
</bean>
Here is my sample project that i tried to integrate with Spring Security: http://www.filedropper.com/springtest_1
I'am using GWT+Spring security.
I find in your configuration, there is some misunderstanding. In fact, there is a very simple way that can let spring security work with your gwt regardless the gwt-incubator-security. You just need to declare your application context in you web.xml.
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/applicationContext-security.xml</param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
You don't declare here your MVC dispatcherServlet ! Then everything works because of the Spring Security framework mechanism.
But This way of configuration doesn't declare DispatcherServlet, it is simple, but in case that you need some security funcionality that need DispatcherServlet, is is a "piege". So as i've met.
Then if you insist to use gwt-incubator-security. I've read a very good solution in french, but it rest uncheck. http://hugo.developpez.com/tutoriels/java/gwt/utilisation-gwt-avec-spring-et-hibernate/
Integrate Spring in the application with GWT-SL:
In fact, for the integration of Spring and hibernate, the problem is how to configure correctly the servlet. One should be aware that the Spring has its own servlet “DispatcherServlet” so as the gwt with its “gwt servlet”.
Normally, in the tutorial for the GWT RPC, the gwt-servlet is declared in the web-xml, like
<servlet>
<servlet-name>appService</servlet-name>
<servlet-class>com.google.gwt.app.example.server.AppServiceImpl</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>appService</servlet-name>
<url-pattern>/app/appService</url-pattern>
</servlet-mapping>
If you like very much Spring, and you want to use DispatcherServlet to dispatch the request, then GWT-handler can help you to get rid of the problem.
Firstly, you load application context in the web.xml as below:
<context-param>
<param-name> contextConfigLocation </param-name>
<param-value> classpath:applicationContext_GWT.xml </param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
Then you can declare your rpc service in Spring context:
applicationContext_GWT.xml
<bean id=" appService "
class=" com.google.gwt.app.example.server.AppServiceImpl">
</bean>
But you should not forget to add the GWTHandler declaration in the application context file applicationContext_GWT.xml
The last thing is to declare the spring servlet: DispatcherServlet in the web.xml. Pay attention to the fact that this is the spring’s proper servlet not the GWT-SL’s.
web.xml
<servlet>
<servlet-name>handler</servlet-name>
<servlet-class> org.springframework.web.servlet.DispatcherServlet </servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>handler</servlet-name>
<url-pattern>*.rpc</url-pattern>
</servlet-mapping>
Servlet name is important because DispatcherServlet will search for the spring context file named by “*-servlet.xml”. As the servlet name is handler, it will search for the spring context “handler-servlet.xml”. So here we will solve the problem like this, we put the application context which is independent with the DispatcherServlet in the “applicationContext_GWT.xml”, then the one that is dependent with the DispatcherServlet in the “-servlet.xml”, as the servlet name is “handler”, then we should have “handler-servlet.xml”, then put the following configuration of GWT_SL from applicationContext_GWT.xml into handler-servlet.xml
Handler-servlet.xml
<bean id="urlProjectMapping" class="org.gwtwidgets.server.spring.GWTHandler">
<!-- Supply here mappings between URLs and services. Services must implement the RemoteService interface but are not otherwise restricted.-->
<property name="mappings">
<map>
<!-- Other mappings could follow -->
<entry key="/app/appService.rpc" value-ref="appService" />
</map>
</property>
</bean>
Then add the following configuration in the web.xml dans la declaration de servlet.
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value> /WEB-INF/handler-servlet.xml </param-value>
</init-param>
The filter pattern concerns just the RPC call with a suffix .rpc
(I didn’t use the GWT-SL, so the method above for integration has not been checked.)
After you have all the above configuration, then you create your filtreprocessentrypoint in your applicationi context file.
Hope this can help you!
It seems that you are missing namespace configuration in your applicationContext.xml.
It should look like this:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
The Acris framework also uses Spring Security. They have a description of this at their wiki http://code.google.com/p/acris/wiki/SecurityServer
I'm guessing that you need to have the schema in applicationContext.xml, and enable annotations:
<context:annotation-config />
<context:component-scan base-package="my.package" />
Reference: http://weblogs.java.net/blog/seemarich/archive/2007/11/annotation_base.html
follow the following link for Configuration of GWT with Spring :
http://raibledesigns.com/rd/entry/integrating_gwt_with_spring_security
Or
http://www.javacodegeeks.com/2010/12/securing-gwt-apps-with-spring-security.html
You could use Putnami Web Toolkit (PWT) framework, here a tutorial to integrate Spring Framework and another for Spring Security.
See https://bitbucket.org/gardellajuanpablo/gwt-sample