Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Adding custom filter in spring framework problem?

843811Mar 22 2010 — edited Mar 22 2010
hello there
iam trying to make a custom AuthenticationProcessingFilter to save some user data in the session after successful login

here's my filter:

package projects.internal;

import java.io.IOException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.Authentication;
import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;

public class MyAuthenticationProcessingFilter extends AuthenticationProcessingFilter {

	
	protected void onSuccessfulAuthentication(HttpServletRequest request,
			HttpServletResponse response, Authentication authResult)
			throws IOException {
		super.onSuccessfulAuthentication(request, response, authResult);
		request.getSession().setAttribute("myValue", "My value is set");
	}
}
and here's my security.xml file:


<beans:beans xmlns="http://www.springframework.org/schema/security"  
	xmlns:beans="http://www.springframework.org/schema/beans" 
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.springframework.org/schema/beans 
	http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                        http://www.springframework.org/schema/security 
                        http://www.springframework.org/schema/security/spring-security-3.0.xsd">

	<global-method-security pre-post-annotations="enabled">

	</global-method-security>
	<http use-expressions="true" auto-config="false" entry-point-ref="authenticationProcessingFilterEntryPoint">
		<intercept-url pattern="/" access="permitAll" />
		<intercept-url pattern="/images/**" filters="none" />
		<intercept-url pattern="/scripts/**" filters="none" />
		<intercept-url pattern="/styles/**" filters="none" />
		<intercept-url pattern="/p/login.jsp" filters="none" />
		<intercept-url pattern="/p/register" filters="none" />
		<intercept-url pattern="/p/**" access="isAuthenticated()" />
		      
	    <form-login
			login-processing-url="/j_spring_security_check"
			login-page="/p/login.jsp"			
			authentication-failure-url="/p/login_error.jsp" />
		<logout />
	</http>
	
	<authentication-manager alias="authenticationManager">
	<authentication-provider>
			 <jdbc-user-service data-source-ref="dataSource"/>
		</authentication-provider>
	</authentication-manager>
	
	<beans:bean id="authenticationProcessingFilter" class="projects.internal.MyAuthenticationProcessingFilter">
	<custom-filter position="AUTHENTICATION_PROCESSING_FILTER" />
    </beans:bean>
    
    <beans:bean id="authenticationProcessingFilterEntryPoint" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
    </beans:bean>
    
	
	</beans:beans>
it gives an error here:
<custom-filter position="AUTHENTICATION_PROCESSING_FILTER" />
multiple annotation found at this line:cvc-attribute.3
cvc-complex-type.4
cvc-enumeration-vaild

what is the problem?
thanks in advance

Edited by: cs.student on Mar 21, 2010 9:49 PM
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Apr 19 2010
Added on Mar 22 2010
#other-security-apis-tools-and-issues
1 comment
742 views