0

Following 'Making Spring Security Work with ZK' article get error

asked 2009-02-18 15:44:45 +0800

davout gravatar image davout
1435 3 18

I'm following the instructions laid out in the 'Making Spring Security Work with ZK' article.

When I run my web app I'm getting the following error... 

ERROR: 15:41:36: org.springframework.web.context.ContextLoader: Context initialization failed
org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_filterChainProxy': Initialization of bean failed; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_filterChainList': Cannot resolve reference to bean '_rememberMeFilter' while setting bean property 'filters' with key [6]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_rememberMeFilter': Cannot resolve reference to bean '_rememberMeServices' while setting bean property 'rememberMeServices'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_rememberMeServices': Initialization of bean failed; nested exception is org.springframework.security.config.SecurityConfigurationException: More than one UserDetailsService registered. Please use a specific Id in your configuration
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:478)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409)
	at java.security.AccessController.doPrivileged(Native Method)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380)
	at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264)
	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:220)
	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:261)
	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164)
	at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:429)
	at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:729)
	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:381)
	at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:255)
	at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:199)
	at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:45)
	at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3827)
	at org.apache.catalina.core.StandardContext.start(StandardContext.java:4334)
	at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
	at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
	at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525)
	at org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:920)
	at org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:883)
	at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:492)
	at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138)
	at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
	at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)
	at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
	at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
	at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
	at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
	at org.apache.catalina.core.StandardService.start(StandardService.java:516)
	at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
	at org.apache.catalina.startup.Catalina.start(Catalina.java:566)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
	at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_filterChainList': Cannot resolve reference to bean '_rememberMeFilter' while setting bean property 'filters' with key [6]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_rememberMeFilter': Cannot resolve reference to bean '_rememberMeServices' while setting bean property 'rememberMeServices'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_rememberMeServices': Initialization of bean failed; nested exception is org.springframework.security.config.SecurityConfigurationException: More than one UserDetailsService registered. Please use a specific Id in your configuration
	at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:275)
	at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:104)
	at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:287)
	at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:126)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1244)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1008)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:470)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409)
	at java.security.AccessController.doPrivileged(Native Method)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380)
	at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264)
	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:220)
	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:261)
	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164)
	at org.springframework.security.config.FilterChainProxyPostProcessor.postProcessBeforeInitialization(FilterChainProxyPostProcessor.java:52)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyBeanPostProcessorsBeforeInitialization(AbstractAutowireCapableBeanFactory.java:350)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1329)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:471)
	... 38 more
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_rememberMeFilter': Cannot resolve reference to bean '_rememberMeServices' while setting bean property 'rememberMeServices'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_rememberMeServices': Initialization of bean failed; nested exception is org.springframework.security.config.SecurityConfigurationException: More than one UserDetailsService registered. Please use a specific Id in your configuration
	at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:275)
	at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:104)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1244)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1008)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:470)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409)
	at java.security.AccessController.doPrivileged(Native Method)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380)
	at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264)
	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:220)
	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:261)
	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164)
	at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:269)
	... 56 more
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_rememberMeServices': Initialization of bean failed; nested exception is org.springframework.security.config.SecurityConfigurationException: More than one UserDetailsService registered. Please use a specific Id in your configuration
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:478)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409)
	at java.security.AccessController.doPrivileged(Native Method)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380)
	at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264)
	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:220)
	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:261)
	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164)
	at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:269)
	... 69 more
Caused by: org.springframework.security.config.SecurityConfigurationException: More than one UserDetailsService registered. Please use a specific Id in your configuration
	at org.springframework.security.config.UserDetailsServiceInjectionBeanPostProcessor.getUserDetailsService(UserDetailsServiceInjectionBeanPostProcessor.java:111)
	at org.springframework.security.config.UserDetailsServiceInjectionBeanPostProcessor.injectUserDetailsServiceIntoRememberMeServices(UserDetailsServiceInjectionBeanPostProcessor.java:53)
	at org.springframework.security.config.UserDetailsServiceInjectionBeanPostProcessor.postProcessBeforeInitialization(UserDetailsServiceInjectionBeanPostProcessor.java:36)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyBeanPostProcessorsBeforeInitialization(AbstractAutowireCapableBeanFactory.java:350)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1329)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:471)
	... 78 more


Any ideas?

Here are the related config files...

the 'web.xml' file... 
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="skap" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">

	<display-name>skap</display-name>

	<context-param>
		<param-name>contextConfigLocation</param-name>
		<param-value>
			/WEB-INF/classes/applicationContext.xml,/WEB-INF/classes/authenticationContext.xml
		</param-value>
	</context-param>

	<listener>
		<listener-class>
			org.springframework.web.context.ContextLoaderListener
		</listener-class>
	</listener>

	<filter>
		<filter-name>springSecurityFilterChain</filter-name>
		<filter-class>
			org.springframework.web.filter.DelegatingFilterProxy
		</filter-class>
	</filter>

	<filter-mapping>
		<filter-name>springSecurityFilterChain</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>
	
	<listener>
		<description>
			Used to cleanup when a session is destroyed
		</description>
		<display-name>ZK Session Cleaner</display-name>
		<listener-class>
			org.zkoss.zk.ui.http.HttpSessionListener
		</listener-class>
	</listener>


	<servlet>
		<description>The servlet loads the DSP pages.</description>
		<servlet-name>dspLoader</servlet-name>
		<servlet-class>
			org.zkoss.web.servlet.dsp.InterpreterServlet
		</servlet-class>
	</servlet>
	<servlet>
		<description>ZK loader for ZUML pages</description>
		<servlet-name>zkLoader</servlet-name>
		<servlet-class>
			org.zkoss.zk.ui.http.DHtmlLayoutServlet
		</servlet-class>
		<init-param>
			<param-name>update-uri</param-name>
			<param-value>/zkau</param-value>
		</init-param>
		<load-on-startup>1</load-on-startup>
	</servlet>
	<servlet>
		<description>The asynchronous update engine for ZK</description>
		<servlet-name>auEngine</servlet-name>
		<servlet-class>
			org.zkoss.zk.au.http.DHtmlUpdateServlet
		</servlet-class>
	</servlet>
	<servlet-mapping>
		<servlet-name>dspLoader</servlet-name>
		<url-pattern>*.dsp</url-pattern>
	</servlet-mapping>
	<servlet-mapping>
		<servlet-name>zkLoader</servlet-name>
		<url-pattern>*.zul</url-pattern>
	</servlet-mapping>
	<servlet-mapping>
		<servlet-name>zkLoader</servlet-name>
		<url-pattern>*.zhtml</url-pattern>
	</servlet-mapping>
	<servlet-mapping>
		<servlet-name>auEngine</servlet-name>
		<url-pattern>/zkau/*</url-pattern>
	</servlet-mapping>
	<welcome-file-list>
		<welcome-file>index.html</welcome-file>
		<welcome-file>index.htm</welcome-file>
		<welcome-file>index.jsp</welcome-file>
		<welcome-file>default.html</welcome-file>
		<welcome-file>default.htm</welcome-file>
		<welcome-file>default.jsp</welcome-file>
		<welcome-file>index.zul</welcome-file>
	</welcome-file-list>
</web-app>


the 'authenticationconext.xml' file... 
<?xml version="1.0" encoding="UTF-8"?>

<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans 
        http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
        http://www.springframework.org/schema/security 
        http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">

    <http auto-config="true">
       <intercept-url pattern="/*" access="ROLE_USER,ROLE_ADMIN"/> 
       <anonymous username="guest" granted-authority="ROLE_GUEST"/>
       <http-basic/>
    </http>
    
    <authentication-provider >
      <user-service>
         <user name="ich" password="ich" authorities="ROLE_USER"/>
         <user name="admin" password="admin" authorities="ROLE_ADMIN"/>
      </user-service>
    </authentication-provider>
    
</beans:beans>

delete flag offensive retag edit

9 Replies

Sort by ยป oldest newest

answered 2009-02-18 15:56:44 +0800

YamilBracho gravatar image YamilBracho
1722 2

Do you include "zkpring.jar" in your classpath ?

link publish delete flag offensive edit

answered 2009-02-18 16:23:11 +0800

davout gravatar image davout
1435 3 18

I didn't but I've now added it to the build path. I get the same error.

link publish delete flag offensive edit

answered 2009-02-18 16:28:02 +0800

davout gravatar image davout
1435 3 18

If I comment out the changes to the 'zk.xml' file and the 'authenticationcontext.xml' file, leaving just the new entries in 'web.xml' then I get the following error... 


SEVERE: Exception starting filter springSecurityFilterChain
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'springSecurityFilterChain' is defined
	at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanDefinition(DefaultListableBeanFactory.java:387)
	at org.springframework.beans.factory.support.AbstractBeanFactory.getMergedLocalBeanDefinition(AbstractBeanFactory.java:968)
	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:246)
	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:168)
	at org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:885)
	at org.springframework.web.filter.DelegatingFilterProxy.initDelegate(DelegatingFilterProxy.java:216)
	at org.springframework.web.filter.DelegatingFilterProxy.initFilterBean(DelegatingFilterProxy.java:145)
	at org.springframework.web.filter.GenericFilterBean.init(GenericFilterBean.java:179)
	at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:275)
	at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:397)
	at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:108)
	at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3693)
	at org.apache.catalina.core.StandardContext.start(StandardContext.java:4340)
	at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
	at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
	at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525)
	at org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:920)
	at org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:883)
	at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:492)
	at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138)
	at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
	at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)
	at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
	at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
	at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
	at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
	at org.apache.catalina.core.StandardService.start(StandardService.java:516)
	at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
	at org.apache.catalina.startup.Catalina.start(Catalina.java:566)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
	at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
18-Feb-2009 16:26:12 org.apache.catalina.core.StandardContext start
SEVERE: Error filterStart
18-Feb-2009 16:26:12 org.apache.catalina.core.StandardContext start
SEVERE: Context  startup failed due to previous errors
18-Feb-2009 16:26:12 org.apache.catalina.core.ApplicationContext log
INFO: Closing Spring root WebApplicationContext
18-Feb-2009 16:26:12 org.apache.coyote.http11.Http11Protocol start
INFO: Starting Coyote HTTP/1.1 on http-8080
18-Feb-2009 16:26:12 org.apache.catalina.loader.WebappClassLoader loadClass
INFO: Illegal access: this web application instance has been stopped already.  Could not load java.net.BindException.  The eventual following stack trace is caused by an error thrown for debugging purposes as well as to attempt to terminate the thread which caused the illegal access, and has no functional impact.
java.lang.IllegalStateException
	at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1244)
	at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1204)
	at java.lang.ClassLoader.loadClassInternal(Unknown Source)
	at com.mysql.jdbc.CommunicationsException.<init>(CommunicationsException.java:161)
	at com.mysql.jdbc.MysqlIO.send(MysqlIO.java:2716)
	at com.mysql.jdbc.MysqlIO.quit(MysqlIO.java:1395)
	at com.mysql.jdbc.Connection.realClose(Connection.java:4897)
	at com.mysql.jdbc.Connection.cleanup(Connection.java:2062)
	at com.mysql.jdbc.Connection.finalize(Connection.java:3375)
	at java.lang.ref.Finalizer.invokeFinalizeMethod(Native Method)
	at java.lang.ref.Finalizer.runFinalizer(Unknown Source)
	at java.lang.ref.Finalizer.access$100(Unknown Source)
	at java.lang.ref.Finalizer$FinalizerThread.run(Unknown Source)
18-Feb-2009 16:26:12 org.apache.catalina.loader.WebappClassLoader loadClass

link publish delete flag offensive edit

answered 2009-02-18 16:30:28 +0800

terrytornado gravatar image terrytornado flag of Germany
9393 3 7 16
http://www.oxitec.de/

updated 2009-02-18 16:36:05 +0800

@davout

is this normal?
/WEB-INF/classes/applicationContext.xml,/WEB-INF/classes/authenticationContext.xml

i have the configuration files in the /WEB-INF/ folder.

Stephan

PS: I'm not at place. I post my configs this evening.

link publish delete flag offensive edit

answered 2009-02-18 16:37:40 +0800

davout gravatar image davout
1435 3 18

Yes, that makes no difference. I've usedd that before in other Spring projects

link publish delete flag offensive edit

answered 2009-02-18 20:05:56 +0800

terrytornado gravatar image terrytornado flag of Germany
9393 3 7 16
http://www.oxitec.de/

updated 2009-02-18 20:11:59 +0800

@davout

Spring-Security have own packages. It's not in the springframework packages.
Download Site is here.

here are my config files.


web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 
	                    http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
	id="WebApp_ID" version="2.5">


	<display-name>zkoss</display-name>


	<!-- ////////////////// -->
	<!--  SPRING-Security -->
	<filter>
		<filter-name>springSecurityFilterChain</filter-name>
		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
	</filter>

	<listener>
		<listener-class>
			org.springframework.security.ui.session.HttpSessionEventPublisher</listener-class>
	</listener>

	<filter-mapping>
		<filter-name>springSecurityFilterChain</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

	<context-param>
		<param-name>contextConfigLocation</param-name>
		<param-value>
			/WEB-INF/applicationContext-zkoss.xml, classpath:applicationContext-db.xml,
			classpath:applicationContext-hibernate.xml
 			, /WEB-INF/SpringSecurityContext.xml
		</param-value>
	</context-param>

	<listener>
		<display-name>Spring Context Loader</display-name>
		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
	</listener>
	<listener>
		<listener-class>
			org.springframework.web.context.request.RequestContextListener</listener-class>
	</listener>


	<!-- ////////////////// -->
	<!--  ZKoss -->
	<listener>
		<description>Used to cleanup when a session is destroyed</description>
		<display-name>ZK Session Cleaner</display-name>
		<listener-class>org.zkoss.zk.ui.http.HttpSessionListener</listener-class>
	</listener>

	<servlet>
		<description>The servlet loads the DSP pages.</description>
		<servlet-name>dspLoader</servlet-name>
		<servlet-class>org.zkoss.web.servlet.dsp.InterpreterServlet</servlet-class>
	</servlet>
	<servlet>
		<description>ZK loader for ZUML pages</description>
		<servlet-name>zkLoader</servlet-name>
		<servlet-class>org.zkoss.zk.ui.http.DHtmlLayoutServlet</servlet-class>
		<!--
			Must. Specifies URI of the update engine (DHtmlUpdateServlet). It
			must be the same as <url-pattern> for the update engine.
		-->
		<init-param>
			<param-name>update-uri</param-name>
			<param-value>/zkau</param-value>
		</init-param>
		<load-on-startup>1</load-on-startup>
	</servlet>
	<servlet>
		<description>The asynchronous update engine for ZK</description>
		<servlet-name>auEngine</servlet-name>
		<servlet-class>org.zkoss.zk.au.http.DHtmlUpdateServlet</servlet-class>
	</servlet>
	<servlet-mapping>
		<servlet-name>dspLoader</servlet-name>
		<url-pattern>*.dsp</url-pattern>
	</servlet-mapping>
	<servlet-mapping>
		<servlet-name>zkLoader</servlet-name>
		<url-pattern>*.zul</url-pattern>
	</servlet-mapping>
	<servlet-mapping>
		<servlet-name>zkLoader</servlet-name>
		<url-pattern>*.zhtml</url-pattern>
	</servlet-mapping>
	<servlet-mapping>
		<servlet-name>auEngine</servlet-name>
		<url-pattern>/zkau/*</url-pattern>
	</servlet-mapping>


	<!-- ////////////////////// -->
	<!-- Miscellaneous -->
	<session-config>
		<session-timeout>60</session-timeout>
		<timeout-uri>/timeout.zul</timeout-uri>
	</session-config>

	<welcome-file-list>
		<welcome-file>index.zul</welcome-file>
		<welcome-file>index.zhtml</welcome-file>
	</welcome-file-list>

</web-app>


zk.xml

<?xml version="1.0" encoding="UTF-8"?>

<zk>

	<log>
		<log-base>org.zkoss</log-base>
	</log>


	<!-- Spring-Security -->
	<system-config>
		<!-- 	<disable-event-thread />  -->
	</system-config>

	<listener>
		<description>ThreadLocal Synchronization Listener
		</description>
		<listener-class>org.zkoss.zkplus.util.ThreadLocalListener
		</listener-class>
	</listener>

	<preference>
		<name>ThreadLocal</name>
		<value>
			org.springframework.security.context.ThreadLocalSecurityContextHolderStrategy=contextHolder
		</value>
	</preference>
	<!-- END Spring-Security -->


	<!-- Configure the error page -->
	<error-page>
		<exception-type>java.lang.Throwable
		</exception-type>
		<location>/error.zul</location>
	</error-page>

	<session-config>
		<session-timeout>3600</session-timeout>
		<timer-as-inactive>true</timer-as-inactive>
	</session-config>


	<!-- Zeichensatz und Groesse -->
	<language-config>
		<addon-uri>/WEB-INF/lang-addon.xml
		</addon-uri>
	</language-config>



</zk>

spring-security.cml

<?xml version="1.0" encoding="UTF-8"?>

	<!-- Spring namespace-based configuration -->

<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans"
	xmlns:zksp="http://www.zkoss.org/2008/zkspring" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd
                        http://www.zkoss.org/2008/zkspring http://www.zkoss.org/2008/zkspring/zkspring.xsd"
>



	<!-- Enable the @Secured annotation to secure service layer methods -->
	<global-method-security secured-annotations="enabled" />

	<http auto-config="true">
		<logout logout-url="/j_spring_logout" logout-success-url="/index.zul" />
		<form-login login-page="/zkloginDialog.zul" authentication-failure-url="/zkloginDialog.zul?login_error=1"
			default-target-url="/pages/index.zul" />

		<intercept-url pattern="/pages/**" access="IS_AUTHENTICATED_REMEMBERED" />
		<intercept-url pattern="/WEB-INF/pages/**" access="IS_AUTHENTICATED_REMEMBERED" />
		<intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />


		<!--  Per user one session !!  -->
		<concurrent-session-control max-sessions="1" />
	</http>



	<!-- users and rights-->
	<beans:bean id="myUserDetailsService" class="org.myfirm.policy.PolicyManager">
		<beans:property name="userService" ref="userService" />
	</beans:bean>

	<beans:bean id="passwordEncoder" class="org.myfirm.policy.PasswordEncoderImpl">
	</beans:bean>

	<authentication-provider user-service-ref="myUserDetailsService">
		<password-encoder ref="passwordEncoder" >
			<salt-source user-property="token" />
		</password-encoder>
	
	</authentication-provider>




	<zksp:zk-event login-template-close-delay="5">
		<zksp:intercept-event path="//**/btn_*" event="onClick" access="IS_AUTHENTICATED_REMEMBERED" />
		<zksp:intercept-event path="/**" event="onClick" access="IS_AUTHENTICATED_ANONYMOUSLY" />
	</zksp:zk-event>
</beans:beans>

hope you find a differnt working.
Stephan

link publish delete flag offensive edit

answered 2009-02-19 21:13:42 +0800

davout gravatar image davout
1435 3 18

I've applied your suggestions.... no difference, I get the same exception. 

ERROR: 20:54:44: org.springframework.web.context.ContextLoader: Context initialization failed
org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_filterChainProxy': Initialization of bean failed; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_filterChainList': Cannot resolve reference to bean '_rememberMeFilter' while setting bean property 'filters' with key [6]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_rememberMeFilter': Cannot resolve reference to bean '_rememberMeServices' while setting bean property 'rememberMeServices'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_rememberMeServices': Initialization of bean failed; nested exception is org.springframework.security.config.SecurityConfigurationException: More than one UserDetailsService registered. Please use a specific Id in your configuration
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:478)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409)


Here's are the adapted config files. First 'web.xml' . Does the order of the tags in this file matter? 
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="skap" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">

	<display-name>skap</display-name>

	<filter>
		<filter-name>springSecurityFilterChain</filter-name>
		<filter-class>
			org.springframework.web.filter.DelegatingFilterProxy
		</filter-class>
	</filter>

	<listener>
		<listener-class>
			org.springframework.security.ui.session.HttpSessionEventPublisher
		</listener-class>
	</listener>

	<filter-mapping>
		<filter-name>springSecurityFilterChain</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

	<context-param>
		<param-name>contextConfigLocation</param-name>
		<param-value>
			/WEB-INF/classes/applicationContext.xml,/WEB-INF/classes/authenticationContext.xml
		</param-value>
	</context-param>

	<listener>
		<listener-class>
			org.springframework.web.context.ContextLoaderListener
		</listener-class>
	</listener>

	<listener>
		<listener-class>
			org.springframework.web.context.request.RequestContextListener</listener-class>
	</listener>


	<listener>
		<description>
			Used to cleanup when a session is destroyed
		</description>
		<display-name>ZK Session Cleaner</display-name>
		<listener-class>
			org.zkoss.zk.ui.http.HttpSessionListener
		</listener-class>
	</listener>


	<servlet>
		<description>The servlet loads the DSP pages.</description>
		<servlet-name>dspLoader</servlet-name>
		<servlet-class>
			org.zkoss.web.servlet.dsp.InterpreterServlet
		</servlet-class>
	</servlet>
	<servlet>
		<description>ZK loader for ZUML pages</description>
		<servlet-name>zkLoader</servlet-name>
		<servlet-class>
			org.zkoss.zk.ui.http.DHtmlLayoutServlet
		</servlet-class>
		<init-param>
			<param-name>update-uri</param-name>
			<param-value>/zkau</param-value>
		</init-param>
		<load-on-startup>1</load-on-startup>
	</servlet>
	<servlet>
		<description>The asynchronous update engine for ZK</description>
		<servlet-name>auEngine</servlet-name>
		<servlet-class>
			org.zkoss.zk.au.http.DHtmlUpdateServlet
		</servlet-class>
	</servlet>
	<servlet-mapping>
		<servlet-name>dspLoader</servlet-name>
		<url-pattern>*.dsp</url-pattern>
	</servlet-mapping>
	<servlet-mapping>
		<servlet-name>zkLoader</servlet-name>
		<url-pattern>*.zul</url-pattern>
	</servlet-mapping>
	<servlet-mapping>
		<servlet-name>zkLoader</servlet-name>
		<url-pattern>*.zhtml</url-pattern>
	</servlet-mapping>
	<servlet-mapping>
		<servlet-name>auEngine</servlet-name>
		<url-pattern>/zkau/*</url-pattern>
	</servlet-mapping>
	<welcome-file-list>
		<welcome-file>index.html</welcome-file>
		<welcome-file>index.htm</welcome-file>
		<welcome-file>index.jsp</welcome-file>
		<welcome-file>default.html</welcome-file>
		<welcome-file>default.htm</welcome-file>
		<welcome-file>default.jsp</welcome-file>
		<welcome-file>index.zul</welcome-file>
	</welcome-file-list>
</web-app>


Then the spring security config file... 
<?xml version="1.0" encoding="UTF-8"?>

<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans 
        http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
        http://www.springframework.org/schema/security 
        http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">

    <http auto-config="true">
       <intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/> 
       <anonymous username="guest" granted-authority="ROLE_GUEST"/>
       <http-basic/>
    </http>
    
    <authentication-provider >
      <user-service>
         <user name="ich" password="ich" authorities="ROLE_USER"/>
         <user name="admin" password="admin" authorities="ROLE_ADMIN"/>
      </user-service>
    </authentication-provider>
    
</beans:beans>


Now finally the ZK file... 
<zk>

	<listener>
		<description>ThreadLocal Synchronization Listener</description>
		<listener-class>
			org.zkoss.zkplus.util.ThreadLocalListener
		</listener-class>
	</listener>

	<preference>
		<name>ThreadLocal</name>
		<value>
			org.springframework.security.context.ThreadLocalSecurityContextHolderStrategy=contextHolder
		</value>
	</preference>
	 
	<richlet>
		<richlet-class>org.zkoss.zkdemo.test.TestRichlet</richlet-class>
		<richlet-url>/test</richlet-url>
		<!-- Any number of initial parameters.
		<init-param>
			<param-name>any</param-name>
			<param-value>any</param-value>
		</init-param>
		-->
	</richlet>
	<language-mapping>
		<language-name>xml</language-name>
		<extension>zxml</extension>
	</language-mapping>
	

	<!-- Optional -->
	<session-config>
		<timeout-uri>/timeout.zul</timeout-uri>
		<!-- An empty URL can cause the browser to reload the same URL
		<timeout-uri></timeout-uri>
		-->
	</session-config>

	<!-- Optional -->
	<listener>
		<description> Mointor the statistic</description>
		<listener-class>org.zkoss.zk.ui.util.Statistic</listener-class>
	</listener>

</zk>


The main differences between your config and mine are...
* I'm using http-basic login
* I'm using the ThreadLocal Synchronization Listener approach in the zk.xml file

Any ideas??

link publish delete flag offensive edit

answered 2009-02-19 21:44:51 +0800

davout gravatar image davout
1435 3 18

Some progress....

I found a reference to a similar problem on the Spring support forums... if I remove auto-config="true" from the <http> tag inside the Spring security config file then it now works!

Not sure if I understand why.

link publish delete flag offensive edit

answered 2009-02-20 10:27:06 +0800

terrytornado gravatar image terrytornado flag of Germany
9393 3 7 16
http://www.oxitec.de/

updated 2009-02-20 10:27:43 +0800

@davout

yes, here is something from the documentation.

2.2.2.1. What does auto-config Include?

The auto-config attribute, as we have used it above, is just a shorthand syntax for:

  <http>
    <intercept-url pattern="/**" access="ROLE_USER" />
    <form-login />
    <anonymous />
    <http-basic />
    <logout />
    <remember-me />
  </http>
  
          

These other elements are responsible for setting up form-login, 
anonymous authentication, basic authentication, logout handling 
and remember-me services respectively. They each have attributes 
which can be used to alter their behaviour.

auto-config Requires a UserDetailsService

whishes
Stephan

link publish delete flag offensive edit
Your reply
Please start posting your answer anonymously - your answer will be saved within the current session and published after you log in or create a new account. Please try to give a substantial answer, for discussions, please use comments and please do remember to vote (after you log in)!

[hide preview]

Question tools

Follow

RSS

Stats

Asked: 2009-02-18 15:44:45 +0800

Seen: 1,484 times

Last updated: Feb 20 '09

Related questions

Using controller

Error: Replicated language: xul/html

php

Window Overlapped

Echo/Casabac [closed]

OnClick on label

Problem with Checkbox [closed]

Look of a control [closed]

Documentation?

Combo Box

About Us | Faq | Help | Privacy Policy | Contact Us
Copyright Potix Corporation 2015.
Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
Support Options
  • Email Support
  • Training
  • Consulting
  • Outsourcing
Learn More