0

I have been having a problem that has troubled me for a while. Searching on this site and google hasn't yielded much help. I have already posted the problem on the spring source forum here but nobody has answered yet so I thought I might try here. You always get an answer on stackoverflow :-)

I have a custom UserDetailsService with autowired users dao bean. When I run the application in dev mode I get the login page. On login, nothing happens. Strange enough the app doesn't break or throw an error. I used some println statements to find out the farthest point the login service gets to my UserDaoImpl class on this line, 

List<User> temp = getHibernateTemplate().find("select h from users h where username='" + username + "'");

it stops there, any println messages after that don't show on the console. In brief this are my configurations. If you need more details kindly look at detailed explanation I posted on spring source forum. 

<http auto-config="true">
   <intercept-url pattern="/gwtsecurity/**" access="ROLE_USER"/>
   <intercept-url pattern="/gwt/**" access="ROLE_USER"/>
   <intercept-url pattern="/**/*.html" access="ROLE_USER"/>
   <intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
   <intercept-url pattern="/login.jsp*" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
   <form-login login-page="/login.jsp"/>
</http>

<beans:bean id="userDetailsService" class="com.kibyegn.server.auth.UserDetailsServiceImpl">
</beans:bean>

<beans:bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
   <beans:property name="userDetailsService" ref="userDetailsService"/>
</beans:bean>

<beans:bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
   <beans:property name="providers">
       <beans:list>
           <beans:ref local="daoAuthenticationProvider" />
       </beans:list>
   </beans:property>
</beans:bean>

<authentication-manager>
   <authentication-provider user-service-ref="userDetailsService">
   </authentication-provider>
</authentication-manager>

and my hibernate config file

<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
    <property name="driverClassName" value="org.postgresql.Driver" />
    <property name="url" value="jdbc:postgresql://127.0.0.1:5432/GwtApp" />
    <property name="username" value="postgres" />
    <property name="password" value="password" />
</bean>
<!-- HIBERNATE CONFIGURATION -->
<bean id="sessionFactory" class="org.springframework.orm.hibernate3.annotation.AnnotationSessionFactoryBean">
    <property name="dataSource" ref="dataSource" />
    <property name="annotatedClasses">
        <list>
            <value>com.kibyegn.client.model.User</value>
        </list>
    </property>
    <property name="hibernateProperties">
        <props>
            <prop key="hibernate.dialect">org.hibernate.dialect.PostgreSQLDialect</prop>
            <prop key="hibernate.show_sql">true</prop>
            <prop key="hibernate.hbm2ddl.auto">update</prop>
        </props>
    </property>
</bean>
<bean id="hibernateTemplate" class="org.springframework.orm.hibernate3.HibernateTemplate">
    <property name="sessionFactory" ref="sessionFactory" />
</bean>
<bean id="userDao"
    class="com.kibyegn.client.dao.UserDaoImpl"
    scope="singleton">
    <property name="hibernateTemplate" ref="hibernateTemplate" />
</bean>

<bean id="userDetailsService"
    class="com.kibyegn.server.auth.UserDetailsServiceImpl">
</bean>

Could someone please save me from my misery. Help is highly appreciated. Kibet.

Improve this question
5
  • Note that you code is vulnerable to SQL injections, use parameters instead: find("select h from users h where username=?", username) Commented Feb 23, 2011 at 10:40
  • thanks, il take that into consideration. Commented Feb 23, 2011 at 11:03
  • Your log4j is properly configured to do spring security logging? e.g.: With this line on the src/main/resources/log4j.properties file: log4j.logger.org.springframework.security=DEBUG Commented Feb 23, 2011 at 18:24
  • To get all the log information, you should also un-comment the Log4jConfigListener in web.xml: <listener> <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class> </listener> Commented Feb 23, 2011 at 18:29
  • I've done that and good enough I now have a stack trace. (AbstractUserDetailsAuthenticationProvider.java:authenticate:131) User 'kibet' not found (AbstractAuthenticationProcessingFilter.java:unsuccessfulAuthentication:318) Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Bad credentials. I don't know why the login fails because I have the user 'kibet' in the database. Commented Feb 24, 2011 at 14:13

1 Answer 1

Reset to default
1

I fixed it, the problem was that I was importing the Entity and Table class from org.hibernate.annotations instead of javax.persistence. After changing that, I got some errors but I fixed them and it now works.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.