problème persistant avec acegi
débutante en j2e,je travaille avec jsf et glassfish V2,je veux sécuriser avec acegi.
ça fait plusieurs jours deja,j'ai ecrit un code apparemment correct(j'ai consulté moult tutos et forums),j'essaieça ne MARCHE PAS.ça affiche acegilogin.jsp?login_error=1 avec le message "bad credentials",même si le login/pass sont bons !
voici le stack :
Citation:
java.lang.ClassNotFoundException: org.acegisecurity.BadCredentialsException
at org.apache.felix.framework.searchpolicy.R4SearchPolicyCore.findClass(R4SearchPolicyCore.java:198)
at org.apache.felix.framework.searchpolicy.R4SearchPolicy.findClass(R4SearchPolicy.java:45)
at org.apache.felix.framework.searchpolicy.ContentClassLoader.loadClass(ContentClassLoader.java:109)
at java.lang.ClassLoader.loadClass(ClassLoader.java:248)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:247)
at java.io.ObjectInputStream.resolveClass(ObjectInputStream.java:604)
at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1575)
at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1496)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1732)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1329)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:351)
at org.apache.catalina.session.StandardSession.readRemainingObject(StandardSession.java:1835)
at org.apache.catalina.session.StandardSession.readObject(StandardSession.java:1767)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:974)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1849)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1753)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1329)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:351)
at org.apache.catalina.session.StandardSession.deserialize(StandardSession.java:1106)
at org.apache.catalina.session.StandardManager.readSessions(StandardManager.java:513)
at com.sun.enterprise.web.WebModule.loadSessions(WebModule.java:1432)
at com.sun.enterprise.web.WebContainer.loadWebModule(WebContainer.java:2207)
at com.sun.enterprise.web.WebContainer.loadWebModule(WebContainer.java:1890)
at com.sun.enterprise.web.WebApplication.start(WebApplication.java:85)
at com.sun.enterprise.v3.server.ApplicationLifecycle.start(ApplicationLifecycle.java:560)
at com.sun.enterprise.v3.server.ApplicationLifecycle.start(ApplicationLifecycle.java:547)
at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:189)
at org.glassfish.deployment.admin.DeployCommand.execute(DeployCommand.java:329)
at com.sun.enterprise.v3.admin.CommandRunner$2.execute(CommandRunner.java:302)
at com.sun.enterprise.v3.admin.CommandRunner.doCommand(CommandRunner.java:312)
at com.sun.enterprise.v3.admin.CommandRunner.doCommand(CommandRunner.java:119)
at com.sun.enterprise.v3.admin.CommandRunner.doCommand(CommandRunner.java:99)
at org.glassfish.deployment.admin.ReDeployCommand.execute(ReDeployCommand.java:94)
at com.sun.enterprise.v3.admin.CommandRunner$2.execute(CommandRunner.java:297)
at com.sun.enterprise.v3.admin.CommandRunner.doCommand(CommandRunner.java:312)
at com.sun.enterprise.v3.admin.CommandRunner.doCommand(CommandRunner.java:119)
at com.sun.enterprise.v3.admin.CommandRunner.doCommand(CommandRunner.java:99)
at com.sun.enterprise.v3.admin.AdminAdapter.doCommand(AdminAdapter.java:250)
at com.sun.enterprise.v3.admin.AdminAdapter.service(AdminAdapter.java:176)
at com.sun.grizzly.tcp.http11.GrizzlyAdapter.service(GrizzlyAdapter.java:147)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:180)
at com.sun.grizzly.http.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:633)
at com.sun.grizzly.http.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:570)
at com.sun.grizzly.http.DefaultProcessorTask.process(DefaultProcessorTask.java:827)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:152)
at com.sun.enterprise.v3.services.impl.GlassfishProtocolChain.executeProtocolFilter(GlassfishProtocolChain.java:71)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:103)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:89)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:76)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:67)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:56)
at com.sun.grizzly.util.WorkerThreadImpl.processTask(WorkerThreadImpl.java:325)
at com.sun.grizzly.util.WorkerThreadImpl.run(WorkerThreadImpl.java:184)
voici le web.xml
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136
| <?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<context-param>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>client</param-value>
</context-param>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value> WEB-INF/applicationContextSecurity.xml
</param-value>
</context-param>
<context-param>
<param-name>javax.faces.CONFIG_FILES</param-name>
<param-value>/WEB-INF/faces-config.xml</param-value>
</context-param>
<context-param>
<param-name>com.sun.faces.validateXml</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>com.sun.faces.verifyObjects</param-name>
<param-value>false</param-value>
</context-param>
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<listener>
<listener-class>
org.acegisecurity.ui.session.HttpSessionEventPublisher
</listener-class>
</listener>
<filter>
<filter-name>Acegi Security Filter</filter-name>
<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>org.acegisecurity.util.FilterChainProxy</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Acegi Security Filter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
<filter>
<filter-name>UploadFilter</filter-name>
<filter-class>com.sun.webui.jsf.util.UploadFilter</filter-class>
<init-param>
<description>The maximum allowed upload size in bytes. If this is set to a negative value, there is no maximum. The default value is 1000000.</description>
<param-name>maxSize</param-name>
<param-value>1000000</param-value>
</init-param>
<init-param>
<description>The size (in bytes) of an uploaded file which, if it is exceeded, will cause the file to be written directly to disk instead of stored in memory. Files smaller than or equal to this size will be stored in memory. The default value is 4096.</description>
<param-name>sizeThreshold</param-name>
<param-value>4096</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>UploadFilter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<init-param>
<param-name>javax.faces.LIFECYCLE_ID</param-name>
<param-value>com.sun.faces.lifecycle.PARTIAL</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>ExceptionHandlerServlet</servlet-name>
<servlet-class>com.sun.errorhandler.ExceptionHandler</servlet-class>
<init-param>
<param-name>errorHost</param-name>
<param-value>localhost</param-value>
</init-param>
<init-param>
<param-name>errorPort</param-name>
<param-value>24444</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>ThemeServlet</servlet-name>
<servlet-class>com.sun.webui.theme.ThemeServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>ExceptionHandlerServlet</servlet-name>
<url-pattern>/error/ExceptionHandler</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>ThemeServlet</servlet-name>
<url-pattern>/theme/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>faces/ajouterOffreFournisseur.jsp</welcome-file>
</welcome-file-list>
<error-page>
<exception-type>javax.servlet.ServletException</exception-type>
<location>/error/ExceptionHandler</location>
</error-page>
<error-page>
<exception-type>java.io.IOException</exception-type>
<location>/error/ExceptionHandler</location>
</error-page>
<error-page>
<exception-type>javax.faces.FacesException</exception-type>
<location>/error/ExceptionHandler</location>
</error-page>
<error-page>
<exception-type>com.sun.rave.web.ui.appbase.ApplicationException</exception-type>
<location>/error/ExceptionHandler</location>
</error-page>
<jsp-config>
<jsp-property-group>
<url-pattern>*.jspf</url-pattern>
<is-xml>true</is-xml>
</jsp-property-group>
</jsp-config>
</web-app> |
applicationContextSecurity.xml:
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75
| <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
"http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<!-- ======================== FILTER CHAIN ======================= -->
<bean id="filterChainProxy"
class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/error/*=#NONE#
/back*=#NONE#
/assets/**=httpSessionContextIntegrationFilter
/j_acegi_security_check=httpSessionContextIntegrationFilter,formAuthenticationProcessingFilter
/**=httpSessionContextIntegrationFilter,exceptionTranslationFilter
</value>
</property>
</bean>
<bean id="httpSessionContextIntegrationFilter"
class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">
</bean>
<bean id="exceptionTranslationFilter"
class="org.acegisecurity.ui.ExceptionTranslationFilter">
<property name="authenticationEntryPoint">
<ref bean="formLoginAuthenticationEntryPoint" />
</property>
</bean>
<!-- ================= formLoginAuthenticationEntryPoint ================ -->
<bean id="formLoginAuthenticationEntryPoint"
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/acegilogin.jsp" />
<property name="forceHttps" value="false" />
</bean>
<bean id="formAuthenticationProcessingFilter"
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
<property name="authenticationManager">
<ref bean="authenticationManager" />
</property>
<property name="authenticationFailureUrl">
<value>/faces/acegilogin.jsp?login_error=1</value>
</property>
<property name="defaultTargetUrl">
<value>/faces/acceuil.jsp</value>
</property>
<property name="filterProcessesUrl">
<value>/j_acegi_security_check</value>
</property>
</bean>
<!-- ===================== authenticationManager ======================= -->
<bean id="authenticationManager"
class="org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref local="authenticationProvider"/>
</list>
</property>
</bean>
<!-- ===================== authenticationProvider ==================== -->
<bean id="authenticationProvider"
class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
<property name="userDetailsService">
<ref bean="userDetailsService"/>
</property>
</bean>
<!-- ===================== userDetailsService ==================== -->
<bean id="userDetailsService" class="Acegi.UserDetailsServiceImpl">
<constructor-arg ref="userRepository" />
</bean>
<bean id="userRepository" class="Acegi.UserDaoImpl">
</bean>
</beans> |
la page acegilogin.jsp :
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
|
<%@
taglib uri="http://java.sun.com/jsf/html" prefix="h"%>
<%@ taglib uri="http://java.sun.com/jsf/core" prefix="f"%>
<html>
<head>
<title>System Login</title>
</head>
<body>
<f:view>
<h:form>
<h:panelGrid columns="2">
<h:outputLabel value="User Name" for="j_username" />
<h:inputText id="j_username"
value="#{LoginBacking.userId}" size="40" maxlength="80"></h:inputText>
<h:outputLabel value="Password" for="j_password" />
<h:inputText id="j_password"
value="#{LoginBacking.password}" size="40" maxlength="80"
></h:inputText>
</h:panelGrid>
<h:commandButton action="login" value="Login" />
<h:messages id="messages" layout="table" globalOnly="true"
showSummary="true" showDetail="false" />
</h:form>
</f:view>
</body>
</html> |
faces-config.xml:
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
| <managed-bean>
<managed-bean-name>LoginBacking</managed-bean-name>
<managed-bean-class>Acegi.LoginBacking</managed-bean-class>
<managed-bean-scope>request</managed-bean-scope>
</managed-bean>
<navigation-rule>
<from-view-id>/acegilogin.jsp</from-view-id>
<navigation-case>
<from-outcome>login</from-outcome>
<to-view-id>/j_acegi_security_check</to-view-id>
<redirect/>
</navigation-case>
</navigation-rule>
</faces-config> |
LogingBacking.java
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52
| package Acegi;
import javax.faces.application.FacesMessage;
import javax.faces.context.FacesContext;
import javax.faces.event.ActionEvent;
import org.acegisecurity.ui.AbstractProcessingFilter;
public class LoginBacking {
// properties
private String userId;
private String password;
/**
* default empty constructor
*/
public LoginBacking() {
Exception ex = (Exception) FacesContext
.getCurrentInstance()
.getExternalContext()
.getSessionMap()
.get(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY);
if (ex != null)
FacesContext.getCurrentInstance().addMessage(
null,
new FacesMessage(FacesMessage.SEVERITY_ERROR, ex
.getMessage(), ex.getMessage()));
}
public String send() {
// do real logic
return ("success");
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getUserId() {
return userId;
}
public void setUserId(String userId) {
this.userId = userId;
}
} |
UserDetailsServiceImpl :
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37
| org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.UserDetailsService;
import org.acegisecurity.userdetails.UsernameNotFoundException;
import org.springframework.dao.DataAccessException;
public class UserDetailsServiceImpl implements UserDetailsService {
private UserDao userDao;
public UserDetailsServiceImpl(UserDao userDao) {
this.userDao = userDao;
}
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException, DataAccessException {
AppUser user = userDao.findUser(username);
if (user == null)
throw new UsernameNotFoundException("User not found: " + username);
else {
return makeAcegiUser(user);
}
}
private org.acegisecurity.userdetails.User makeAcegiUser(AppUser user) {
return new org.acegisecurity.userdetails.User(user.getLogin(), user
.getPassword(), true, true, true, true,
makeGrantedAuthorities(user));
}
private GrantedAuthority[] makeGrantedAuthorities(AppUser user) {
GrantedAuthority[] result = new GrantedAuthority[user.getRoles().size()];
int i = 0;
for (String role : user.getRoles()) {
result[i++] = new GrantedAuthorityImpl(role);
}
return result;
}
} |
UserDaoImpl :
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
|
import java.util.HashSet;
import java.util.Set;
public class UserDaoImpl implements UserDao {
public AppUser findUser(String userName) {
AppUser appUser = null;
Set<String> roles = new HashSet<String>();
if (userName.equals("john")) {
roles.add("ROLE_URLACCESS");
appUser = new AppUser("john", "John", "Turner", "john", roles);
} else if (userName.equals("jim")) {
appUser = new AppUser("jim", "Jim", "Daniel", "jim", roles);
} else if (userName.equals("tina")) {
roles.add("ROLE_ALLACCESS");
appUser = new AppUser("tina", "Tina", "Joseph", "tina", roles);
}
return appUser;
}
} |
AppUser :
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84
| import java.io.Serializable;
import java.util.Set;
public class AppUser implements Serializable {
private String firstName;
private String lastName;
private String login;
private String password;
private Set<String> roles;
public AppUser() {
}
public AppUser(String login, String firstName, String lastName,
String password, Set<String> roles) {
this.login = login;
this.firstName = firstName;
this.lastName = lastName;
this.password = password;
this.roles = roles;
assert !roles.isEmpty();
}
public void setLogin(String login) {
this.login = login;
}
public String getLogin() {
return login;
}
public String getFirstName() {
return firstName;
}
public void setFirstName(String firstName) {
this.firstName = firstName;
}
public String getLastName() {
return lastName;
}
public void setLastName(String lastName) {
this.lastName = lastName;
}
public void setPassword(String password) {
this.password = password;
}
public String getPassword() {
return password;
}
public String toString() {
return firstName + " " + lastName;
}
public String getFullName() {
return toString();
}
public boolean isPasswordValid(String password) {
return getPassword().equals(password);
}
boolean hasRole(String role) {
return roles.contains(role);
}
public Set<String> getRoles() {
return roles;
}
public void setRoles(Set<String> roles) {
this.roles = roles;
}
} |
voilà tout mon code!! maintenant si quelqu'un veut bien me sauver la vie svp,je lui serais très reconnaissante !! merci d'avance !