One can configure exception mapping by explicitly configuring authenticationProcessingFilter as shown below:
1. disable http auto-config, ie auto-config="false". Exception would be thrown is auto-config is on.
<sec:http ref="authenticationProcessingFilterEntryPoint" config="false">
<sec:intercept-url pattern="/webflow/flows/**" access="ROLE_ALL" />
<sec:intercept-url pattern="/j_spring_security_check"
access="IS_AUTHENTICATED_ANONYMOUSLY" />
<sec:logout url="/j_spring_security_logout" session="true"></sec:logout>
</sec:http>
2. Register authenticationProcessingFilter, authenticationProcessingFilterEntryPoint
<bean id="authenticationProcessingFilter"3. Register authenticationManager using security namespace:
class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
<sec:custom-filter position="AUTHENTICATION_PROCESSING_FILTER"/>
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationFailureUrl" value="/login.jsp?login_error=1"/>
<property name="exceptionMappings">
<props>
<prop key="org.springframework.security.BadCredentialsException">
/error.jsp
</prop>
<prop key="org.springframework.security.CredentialsExpiredException">
/getnewpassword.jsp
</prop>
<prop key="org.springframework.security.LockedException">
/lockedoutpage.jsp
</prop>
<prop key="org.springframework.security.DisabledException">
/unauthorizeduser.jsp
</prop>
</props>
</property>
<property name="defaultTargetUrl" value="/home">
<property name="filterProcessesUrl" value="/j_spring_security_check" />
</bean>
<sec:authentication-manager alias="authenticationManager">4. Register authenticationProvider using security namespace:
<sec:authentication-provider>
<sec:user-service>
<sec:user name="rod" password="koala" authorities="ROLE_SUPERVISOR">
</sec:user>
</sec:user-service>
</sec:authentication-provider>
1 comment:
I keep getting this error:
2008-08-21 18:39:55.019::WARN: Nested in org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 33 in XML document from ServletC
ontext resource [/WEB-INF/applicationContext-security.xml] is invalid; nested exception is org.xml.sax.SAXParseException: cvc-complex-type.3.2.2: Attr
ibute 'ref' is not allowed to appear in element 'sec:http'.:
org.xml.sax.SAXParseException: cvc-complex-type.3.2.2: Attribute 'ref' is not allowed to appear in element 'sec:http'.
at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:236)
at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.error(ErrorHandlerWrapper.java:172)
at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:382)
at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:316)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator$XSIErrorReporter.reportError(XMLSchemaValidator.java:429)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.reportSchemaError(XMLSchemaValidator.java:3185)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.processAttributes(XMLSchemaValidator.java:2680)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.handleStartElement(XMLSchemaValidator.java:2094)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.startElement(XMLSchemaValidator.java:705)
at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.scanStartElement(XMLNSDocumentScannerImpl.java:330)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(XMLDocumentFragmentScannerImpl.ja
va:1693)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:368)
when I use this example.
Can you help me?
Post a Comment