hibernate - loginId not passed to UserDetailsService for spring security -


in spring security, using class customuserdetailsservice implements userdetailsservice , method public userdetails loaduserbyusername(string email) <input id="j_username" type="text" placeholder="log-in id"/> email (as login id) not passed loaduserbyusername(). meant blank "" if give text. can reasons of it?

chrome shift + ctrl + i

enter image description here

parameter username of loaduserbyusername in custom userdetailsservice empty similar, not relevant guess?

some main important error logs.

the email passed customuserdetailsservice in method loaduserbyusername is:  debug ---- 1 email entered lookup :  debug --- debug --- b hibernate: select users0_.id id1_15_, users0_.description descript2_15_, users0_.email email3_15_, users0_.isenabled isenable4_15_, users0_.name name5_15_, users0_.password password6_15_, users0_.type type7_15_ users users0_ users0_.email=? print error in retrieving user index: 0, size: 0 java.lang.indexoutofboundsexception: index: 0, size: 0     @ java.util.arraylist.rangecheck(arraylist.java:604)     @ java.util.arraylist.get(arraylist.java:382)     @ web.dao.impl.jpa.usersdaoimpl.getuserbyloginid(usersdaoimpl.java:67)     @ web.service.common.customuserdetailsservice.loaduserbyusername(customuserdetailsservice.java:54)     @ org.springframework.security.authentication.dao.daoauthenticationprovider.retrieveuser(daoauthenticationprovider.java:101)     @ org.springframework.security.authentication.dao.abstractuserdetailsauthenticationprovider.authenticate(abstractuserdetailsauthenticationprovider.java:132)     @ org.springframework.security.authentication.providermanager.authenticate(providermanager.java:156)     @ org.springframework.security.authentication.providermanager.authenticate(providermanager.java:174)     @ org.springframework.security.web.authentication.usernamepasswordauthenticationfilter.attemptauthentication(usernamepasswordauthenticationfilter.java:94)     @ org.springframework.security.web.authentication.abstractauthenticationprocessingfilter.dofilter(abstractauthenticationprocessingfilter.java:195)     @ org.springframework.security.web.filterchainproxy$virtualfilterchain.dofilter(filterchainproxy.java:342)     @ org.springframework.security.web.authentication.logout.logoutfilter.dofilter(logoutfilter.java:105)     @ org.springframework.security.web.filterchainproxy$virtualfilterchain.dofilter(filterchainproxy.java:342)     @ org.springframework.security.web.context.securitycontextpersistencefilter.dofilter(securitycontextpersistencefilter.java:87)     @ org.springframework.security.web.filterchainproxy$virtualfilterchain.dofilter(filterchainproxy.java:342)     @ org.springframework.security.web.filterchainproxy.dofilterinternal(filterchainproxy.java:192)     @ org.springframework.security.web.filterchainproxy.dofilter(filterchainproxy.java:160)     @ org.springframework.web.filter.delegatingfilterproxy.invokedelegate(delegatingfilterproxy.java:346)     @ org.springframework.web.filter.delegatingfilterproxy.dofilter(delegatingfilterproxy.java:259)     @ org.apache.catalina.core.applicationfilterchain.internaldofilter(applicationfilterchain.java:243)     @ org.apache.catalina.core.applicationfilterchain.dofilter(applicationfilterchain.java:210)     @ org.apache.catalina.core.standardwrappervalve.invoke(standardwrappervalve.java:222)     @ org.apache.catalina.core.standardcontextvalve.invoke(standardcontextvalve.java:123)     @ org.apache.catalina.authenticator.authenticatorbase.invoke(authenticatorbase.java:472)     @ org.apache.catalina.core.standardhostvalve.invoke(standardhostvalve.java:168)     @ org.apache.catalina.valves.errorreportvalve.invoke(errorreportvalve.java:99)     @ org.apache.catalina.valves.accesslogvalve.invoke(accesslogvalve.java:929)     @ org.apache.catalina.core.standardenginevalve.invoke(standardenginevalve.java:118)     @ org.apache.catalina.connector.coyoteadapter.service(coyoteadapter.java:407)     @ org.apache.coyote.http11.abstracthttp11processor.process(abstracthttp11processor.java:1002)     @ org.apache.coyote.abstractprotocol$abstractconnectionhandler.process(abstractprotocol.java:585)     @ org.apache.tomcat.util.net.jioendpoint$socketprocessor.run(jioendpoint.java:310)     @ java.util.concurrent.threadpoolexecutor.runworker(threadpoolexecutor.java:1110)     @ java.util.concurrent.threadpoolexecutor$worker.run(threadpoolexecutor.java:603)     @ java.lang.thread.run(thread.java:722)

login.jsp form

                                  <form action="${pagecontext.request.contextpath}/j_spring_security_check" method="post">                    <table>                   <tbody>                     <tr>                       <td>                         <img style="height:30px;" src="company.png" />                       </td>                        <td>                         <input type="text" placeholder="company name" />                       </td>                        <td>                       </td>                      </tr>                      <tr>                       <td>                           <img style="height:30px;" src="person.png" />                       </td>                        <td>                         <input id="j_username" type="text" placeholder="log-in id"/>                       </td>                        <td>                         <input type="submit" value="log-in" />                       </td>                      </tr>                      <tr>                       <td>                         <img style="height:30px;" src="password.png" />                       </td>                        <td>                         <input id="j_password" type="password" placeholder="password" />                       </td>                        <td>                         <input type="reset" />                       </td>                      </tr>                     <tr>                       <td>                       </td>                       <td style="text-align:right;">                         forgot password?                       </td>                       <td>                       </td>                     </tr>                       </tbody>                     </table>                   </form>

customuserdetailservice

    /*  * change template, choose tools | templates  * , open template in editor.  */ package web.service.common;  import java.util.arraylist; import java.util.collection; import java.util.list; import javax.annotation.resource; import org.springframework.beans.factory.annotation.autowired; import org.springframework.dao.dataaccessexception; import org.springframework.security.core.grantedauthority; import org.springframework.security.core.userdetails.user; import org.springframework.security.core.userdetails.userdetails; import org.springframework.security.core.userdetails.userdetailsservice; import org.springframework.security.core.userdetails.usernamenotfoundexception; import org.springframework.stereotype.repository; import org.springframework.stereotype.service; import web.dao.usersdao; import web.dao.impl.jpa.usersdaoimpl; import web.entity.users;   /**  *  * @author syncsys  */ @service public class customuserdetailsservice implements userdetailsservice{      @resource    private usersdao userdao;    /**   * retrieves springuser record containing springuser's credentials , access.   */  public userdetails loaduserbyusername(string email)    throws usernamenotfoundexception, dataaccessexception {     // declare null spring user   userdetails springuser = null;    try {     system.out.println("the email passed customuserdetailsservice in method loaduserbyusername is: " +email);    // search database springuser matches specified email    // can provide custom dao access persistence layer    // or use jdbc access database    // dbuser our custom domain springuser. not same spring's user       system.out.println("debug ---- 1");    users dbuser = userdao.getuserbyloginid(email);     // populate spring user object details dbuser    // here pass email, password, , access level    // getauthorities() translate access level correct role type  system.out.println("debug ---- 2");    springuser =  new user(      dbuser.getemail(),      dbuser.getpassword().tolowercase(),      true,      true,      true,      true,      //getauthorities(dbuser.getaccess()) );      getauthorities(2) );  system.out.println("debug ---- 3");   } catch (exception e) {    system.out.println("print error in retrieving user");    e.printstacktrace();     system.out.println(e.getmessage());    throw new usernamenotfoundexception("error in retrieving user");   }    system.out.println("debug ---- 4");   // return springuser spring processing.   // take note we're not 1 evaluating whether springuser authenticated or valid   // merely retrieve springuser matches specified email   return springuser;  }   /**   * retrieves correct role type depending on access level, access level integer.   * basically, interprets access value whether it's regular springuser or admin.   *   * @param access integer value representing access of springuser   * @return collection of granted authorities   */   public collection<grantedauthority> getauthorities(integer access) {    // create list of grants springuser    list<grantedauthority> authlist = (list<grantedauthority>) new arraylist<grantedauthority>(2);     // users granted role_user access    // therefore springuser gets role_user default    system.out.println("grant role_user user");    authlist.add(new grantedauthorityimpl("role_user"));     // check if springuser has admin access    // interpret integer(1) admin springuser  //   if ( access.compareto(1) == 0) { //    // user has admin access //    logger.debug("grant role_admin user"); //    authlist.add(new grantedauthorityimpl("role_admin")); //   }     // return list of granted authorities    return authlist;    }  }

user dao

package web.dao.impl.jpa;  import java.util.arraylist; import java.util.list; import javax.persistence.entitymanager; import javax.persistence.persistencecontext; import javax.persistence.query;  import org.hibernate.session; import org.springframework.beans.factory.annotation.autowired; import org.springframework.security.core.userdetails.usernamenotfoundexception; import org.springframework.stereotype.repository; import web.dao.usersdao; import web.entity.users;    /**  *   * @version $revision$  * @since   1.0  */ @repository public class usersdaoimpl implements usersdao {      /**      * jpa entity manager      */ //        @autowired     private entitymanager entitymanager;      /**      * set entity manager      *       * @param entitymanager      */          /**      * saves or updates existing user entity instance.      *       * @param user  user entity      * @return      managed user entity instance      */     public users saveorupdate(users user) {         if(user.getid() == 0) {             entitymanager.persist(user);                         return user;          }         else             entitymanager.merge(user);                         return user;     }          public users getuserbyloginid(string email){             system.out.println("email entered lookup : "+email);             system.out.println("debug --- a");             string querystring = "select user users user " +                          "where user.email = :email";             query query = entitymanager.createquery(querystring);             system.out.println("debug --- b");             query.setparameter("email", email);              list<?> list = query.getresultlist();              system.out.println("email retrieved is" +((users)list.get(0)).getemail() );             system.out.println("debug --- c");             if(list == null || list.size() == 0) throw new usernamenotfoundexception("user not found");            users user = (users)list.get(0);            system.out.println("debug --- d");            system.out.println(user.getemail());            return user; //            return (users)list.get(0);          }       @persistencecontext     public void setentitymanager(entitymanager entitymanager) {         this.entitymanager = entitymanager;     }      /**      * helper method return hibernate session jpa      * entity manager implementation.      *       * @return hibernate {#link session}      */     protected session gethibernatesession() {         return entitymanager.unwrap(session.class);     }    }

user controller

/*  * change template, choose tools | templates  * , open template in editor.  */ package web.controller;  import org.springframework.beans.factory.annotation.autowired; import org.springframework.stereotype.controller; import org.springframework.ui.modelmap; import org.springframework.web.bind.annotation.requestmapping; import org.springframework.web.bind.annotation.requestmethod; import org.springframework.web.bind.annotation.requestparam; import web.entity.users; import web.service.userservice;  /**  *  * @author syncsys  */ @controller public class usercontroller {     @autowired     private userservice userservice;        @requestmapping(value = "/login", method = requestmethod.get)     public string getloginpage(@requestparam(value="error", required=false) boolean error,       modelmap model) {      system.out.println("received request show login page");       // add error message model if login unsuccessful      // 'error' parameter set true based on when authentication has failed.      // declared under authentication-failure-url attribute inside spring-security.xml      /* see below:       <form-login        login-page="/krams/auth/login"        authentication-failure-url="/krams/auth/login?error=true"        default-target-url="/krams/main/common"/>*/      if (error == true) {       // assign error message       model.put("error", "you have entered invalid username or password!");      } else {       model.put("error", "");      }       // resolve /web-inf/jsp/loginpage.jsp      return "login";     }  //    @requestmapping(value = "/create", method = requestmethod.get )     @requestmapping(value = "/create" )     public string creatuser(modelmap model){         users user = new users();         user.setemail("myemail@mydomain.com");         user.setname("myname");         userservice.saveorupdate(user);         system.out.println("created--------------------");         return "create";            }      @requestmapping("/users")     public string showusers(modelmap model){         return "index";            }       @requestmapping("/loginfail")     public string loginfail(modelmap model){         return "login-fail";            } }

dispatcher

<?xml version="1.0" encoding="utf-8"?> <beans xmlns="http://www.springframework.org/schema/beans"   xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"   xmlns:mvc="http://www.springframework.org/schema/mvc"   xmlns:context="http://www.springframework.org/schema/context"   xmlns:tx="http://www.springframework.org/schema/tx"   xsi:schemalocation="         http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd         http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd         http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.2.xsd         http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd" >       <context:component-scan base-package="web" >     <context:include-filter type="annotation" expression="org.springframework.stereotype.service"       />         <context:include-filter type="annotation" expression="org.springframework.stereotype.repository"    />     </context:component-scan>    <mvc:annotation-driven /> <!--  <context:annotation-config />-->     <bean class="org.springframework.web.servlet.mvc.support.controllerclassnamehandlermapping"/>      <!--     controllers use controllerclassnamehandlermapping above,     index controller using parameterizableviewcontroller, must     define explicit mapping it.     -->     <bean id="urlmapping" class="org.springframework.web.servlet.handler.simpleurlhandlermapping">         <property name="mappings">             <props>                 <prop key="index.htm">indexcontroller</prop>             </props>         </property>     </bean>      <bean id="viewresolver"                 class="org.springframework.web.servlet.view.internalresourceviewresolver"> <!--          class="org.springframework.web.servlet.view.internalresourceviewresolver">-->  <!--             class="org.springframework.web.servlet.view.urlbasedviewresolver" >-->           <property name="prefix" value="/web-inf/view/jsp/" />             <property name="suffix" value=".jsp" />     </bean>              <!--     index controller.     -->     <bean name="indexcontroller"           class="org.springframework.web.servlet.mvc.parameterizableviewcontroller">           <property name="viewname" value="index" />     </bean>         <!---      ##########################################################################     hibernate      --> <!--    <bean id="datasource" class="org.springframework.jdbc.datasource.drivermanagerdatasource">         <property name="driverclassname" value="org.postgresql.driver" />         <property name="url" value="${jdbc.url}jdbc:postgresql://localhost:5432/postgres" />         <property name="username" value="postgres" />         <property name="password" value="abc" />     </bean>      <bean id="sessionfactory" class="org.springframework.orm.hibernate4.localsessionfactorybean">         <property name="datasource" ref="datasource"/>         <property name="packagestoscan" value="web.entity" />         </property>         <property name="hibernateproperties">             <props>                 <prop key="hibernate.dialect">org.hibernate.dialect.postgresqldialect</prop>                 <prop key="hibernate.show_sql">true</prop>                 <prop key="cache.provider_class">org.hibernate.cache.internal.nocacheprovider</prop>             </props>          </property>     </bean>      <tx:annotation-driven transaction-manager="transactionmanager"/>      <bean id="transactionmanager" class="org.springframework.orm.hibernate4.hibernatetransactionmanager">         <property name="sessionfactory" ref="sessionfactory"/>     </bean>      ###########################################################     -->   <!--      jpa based instead of hibernate  -->         <bean class="org.springframework.orm.jpa.support.persistenceannotationbeanpostprocessor"/> <!--          configures entitymanagerfactory object used jpa/spring managed persistent objects.       -->     <bean id="entitymanagerfactory" class="org.springframework.orm.jpa.localcontainerentitymanagerfactorybean">         <property name="persistencexmllocation" value="classpath*:meta-inf/persistence.xml" />         <property name="persistenceunitname" value="persistence-unit-demo" />          <property name="datasource" ref="datasource" />                 <property name="packagestoscan" value="web.entity" />         <property name="jpavendoradapter">             <bean class="org.springframework.orm.jpa.vendor.hibernatejpavendoradapter">                                 <property name="database" value="postgresql" /> <!--    giving errors       <property name="databaseplatorm" value="org.hibernate.dialect.postgresqldialect"/>--> <!--                                <property name="database" value="hsql" />-->                 <property name="showsql" value="true" />                 <property name="generateddl" value="true" />                                     </bean>         </property>                    <property name="jpaproperties">                     <props>                         <prop key="hibernate.hbm2ddl.auto">create-drop</prop>                     </props>                 </property>                              </bean>      <bean id="jpadialect" class="org.springframework.orm.jpa.vendor.hibernatejpadialect" />     <!-- pulls database connection tomcat container's context database pool via jndi --> <!--    <jee:jndi-lookup id="datasource" jndi-name="jdbc/mssqlserver" resource-ref="true"/>-->          <bean id="datasource" class="org.springframework.jdbc.datasource.drivermanagerdatasource" >             <property name="driverclassname" value="org.postgresql.driver" />             <property name="url" value="jdbc:postgresql://localhost:5432/postgres" />             <property name="username" value="postgres" />             <property name="password" value="abc" />         </bean>        <!--         sets our transaction manager.       -->     <bean id="transactionmanager" class="org.springframework.orm.jpa.jpatransactionmanager">         <property name="entitymanagerfactory" ref="entitymanagerfactory" />         <property name="jpadialect" ref="jpadialect" />         <property name="datasource" ref="datasource" /> <!-- giving errors               <property name="loadtimeweaver">                     <bean class="org.springframework.instrument.classloading.instrumentationloadtimeweaver" />                 </property>-->     </bean>          <!--         defines our transaction manager transactional annotations.      -->     <tx:annotation-driven transaction-manager="transactionmanager" />      <bean id="sessionfactory" factory-bean="entitymanagerfactory" factory-method="getsessionfactory" />      </beans>

web.xml

    <?xml version="1.0" encoding="utf-8"?> <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">      <listener>         <listener-class>org.springframework.web.context.contextloaderlistener</listener-class>     </listener>     <servlet>         <servlet-name>springdispatcher</servlet-name>         <servlet-class>org.springframework.web.servlet.dispatcherservlet</servlet-class>         <load-on-startup>1</load-on-startup>     </servlet>     <servlet-mapping>         <servlet-name>springdispatcher</servlet-name>         <url-pattern>/</url-pattern>     </servlet-mapping>     <session-config>         <session-timeout>             30         </session-timeout>     </session-config>     <welcome-file-list>         <welcome-file>redirect.jsp</welcome-file>     </welcome-file-list>           <filter>         <filter-name>springsecurityfilterchain</filter-name>         <filter-class>org.springframework.web.filter.delegatingfilterproxy</filter-class>     </filter>      <filter-mapping>         <filter-name>springsecurityfilterchain</filter-name>         <url-pattern>/*</url-pattern>     </filter-mapping>      <context-param>         <param-name>contextconfiglocation</param-name>         <param-value>             /web-inf/spring-security.xml             /web-inf/applicationcontext.xml         </param-value>     </context-param> </web-app>

applicationcontext.xml

<?xml version="1.0" encoding="utf-8"?> <beans xmlns="http://www.springframework.org/schema/beans"        xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"        xmlns:p="http://www.springframework.org/schema/p"        xmlns:aop="http://www.springframework.org/schema/aop"        xmlns:tx="http://www.springframework.org/schema/tx"        xsi:schemalocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd        http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd        http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd">      <!--bean id="propertyconfigurer"           class="org.springframework.beans.factory.config.propertyplaceholderconfigurer"           p:location="/web-inf/jdbc.properties" />  <bean id="datasource"     class="org.springframework.jdbc.datasource.drivermanagerdatasource"     p:driverclassname="${jdbc.driverclassname}"     p:url="${jdbc.url}"     p:username="${jdbc.username}"     p:password="${jdbc.password}" /-->      <!-- add persistence support here (jpa, hibernate, etc) -->      <import resource="springdispatcher-servlet.xml" />  </beans>

spring-security.xml

<?xml version="1.0" encoding="utf-8"?> <beans xmlns="http://www.springframework.org/schema/beans"  xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"     xmlns:security="http://www.springframework.org/schema/security"  xsi:schemalocation="http://www.springframework.org/schema/beans       http://www.springframework.org/schema/beans/spring-beans-3.1.xsd    http://www.springframework.org/schema/security    http://www.springframework.org/schema/security/spring-security-3.1.xsd">   <!-- configure spring-security  -->  <security:http auto-config="true" use-expressions="true" access-denied-page="/loginfail" >    <security:intercept-url pattern="/login**" access="permitall"/> <!--  <security:intercept-url pattern="/krams/main/admin" access="hasrole('role_admin')"/>-->   <security:intercept-url pattern="/tem/*" access="hasrole('role_user')"/>     <security:form-login     login-page="/login"     authentication-failure-url="/loginfail?error=true"     default-target-url="/index"/>    <security:logout     invalidate-session="true"     logout-success-url="/logout"     logout-url="/logout"/>   </security:http>   <!-- declare authentication-manager use custom userdetailsservice -->  <security:authentication-manager>          <security:authentication-provider user-service-ref="customuserdetailsservice">   <!--         <security:password-encoder ref="passwordencoder"/>-->          </security:authentication-provider>  </security:authentication-manager>   <!-- use md5 encoder since user's passwords stored md5 in database   <bean class="org.springframework.security.authentication.encoding.md5passwordencoder" id="passwordencoder"/>  -->  <!-- custom service spring retrieve users , corresponding access levels  -->  <bean id="customuserdetailsservice" class="web.service.common.customuserdetailsservice"/>      </beans>

:) added name=j_username in <input id="j_username" name="j_username" type="text" placeholder="log-in id"/> , worked.

thanks l3eta on rizon irc chat network.


Comments

Post a Comment

Popular posts from this blog

basic authentication with http post params android -

i doing basic authentication passing username , password , using basicnamevaluepair sending post params response service. my method: public stringbuilder callservicehttppost(string username, string password, string type) { // create new httpclient , post header httpclient httpclient = new defaulthttpclient(); httppost httppost = new httppost(webservice + type); httpresponse response = null; stringbuilder total = new stringbuilder(); try { url url = new url(webservice + type); /*string base64encodedcredentials = base64.encodetostring((username + ":" + password).getbytes(), base64.url_safe | base64.no_wrap);*/ string base64encodedcredentials = "basic " + base64.encodetostring( (username + ":" + password).getbytes(), base64.no_wrap); httppost.setheader("auth...
Read more

vb.net - Virtual Keyboard commands -

i wondering difference between virtual these keyboard commands is: keyeventf_extendedkey , keyeventf_keyup is. everywhere have looked gives me description based off integers , not want know each of them does. you've tagged question vb.net, these have nothing @ vb.net. they're constants defined in windows header files, use win32 api functions. as far difference, can't tell looking @ values. individual values not particularly important, that's why named identifiers used. what's important used , documentation functions tells mean. the first one, keyeventf_extendedkey , used keybdinput structure (which used along e.g. sendinput function) pass information synthesized keyboard input. if flag used, means scan code should interpreted extended key. technically, means scan code preceded prefix byte value 224 (&he0 in hexadecimal notation). the second one, keyeventf_keyup , 1 of flags available use structure. means key being released (going up)...
Read more

How to get multiresult with multicondition in Sql Server -

i need solve this. hopefully can giving me advices. for sample, i've got data : proclib.march 1 first 10 rows flight date depart orig dest miles boarded capacity ----------------------------------------------------------------- 114 01mar94 7:10 lga lax 2475 172 210 202 01mar94 10:43 lga ord 740 151 210 219 01mar94 9:31 lga lon 3442 198 250 622 01mar94 12:19 lga fra 3857 207 250 132 01mar94 15:35 lga yyz 366 115 178 271 01mar94 13:17 lga par 3635 138 250 302 01mar94 20:22 lga 229 105 180 114 02mar94 7:10 lga lax 2475 119 210 202 02mar94 10:43 lga ord 740 120 210 219 02mar94 9:31 lga lon 344...
Read more