CODEWITHSUNDEEP
jsfspring-securityrichfaces
KVISH
KVISH

Reputation: 13178

spring web security questions

All,

I have my application setup so that i can use a specific username and password combination:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
                     http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                    http://www.springframework.org/schema/security
                     http://www.springframework.org/schema/security/spring-security-3.0.xsd">

<http use-expressions="true" access-denied-page="/start.jsf">
    <intercept-url pattern="/start.jsf" filters="none" />
    <intercept-url pattern="/web/**" access="isAuthenticated()" />
    <form-login login-page="/start.jsf" default-target-url="/web/user/homepage.jsf" authentication-failure-url="/start.jsf?state=failure"/>
    <logout logout-success-url="/start.jsf?state=logout"  />
</http>

<!--    <authentication-manager alias="authenticationManager">
    <authentication-provider>
        <password-encoder hash="md5" />
        <jdbc-user-service data-source-ref="dataSource"
            users-by-username-query="SELECT U.email_address AS username, U.password as password,  'true' as enabled FROM users U where U.email_address=?"
            authorities-by-username-query="SELECT U.email_address AS username, 'USER' as authority FROM users U WHERE U.email_address=?"
            role-prefix="ROLE_" />
    </authentication-provider>
</authentication-manager> -->

<authentication-manager alias="authenticationManager">
    <authentication-provider>
        <password-encoder hash="md5"/>
        <user-service>
            <user name="user1" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
        </user-service>
    </authentication-provider>
</authentication-manager>

</beans:beans>

Problem is that when I ask it to goto the dataSource, it cannot find the datasource. Reason for this is I have another ApplicationContext.xml in a config folder where all my java source files are. How do people normally organize the project so that this file is able to pickup the datasource file? I want to setup the project accordingly...thanks for the input!

Also, the login works, however, once the user logs in, I want to be able to get the userid/password and I'm not able to. How is that possible?

Upvotes: 0

Views: 202

Answers (1)

alexkasko
alexkasko

Reputation: 4915

Implying that you have 2 XML files (in classpath) with spring context config: main-ctx.xml and security-ctx.xml and your are instantiating your app context using main-ctx.xml.

Then you can include config from security-ctx.xml into app context using this in main-ctx.xml (depends on your files locations path may be different):

<import resource="classpath:security-ctx.xml"/>

So you can define dataSource in main-ctx.xml and use it in security-ctx.xml in authentication-manager configuration.

Upvotes: 1

Related Questions