xml - Security namespace does not support decoration of element [custom-filter] -


i need perform custom authorization, i've predetermined authenticationmanager , loginurlauthenticationentrypoint , set usernamepasswordauthenticationfilter.

here spring-security.xml: 

<beans xmlns="http://www.springframework.org/schema/beans"        xmlns:security="http://www.springframework.org/schema/security"        xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"        xsi:schemalocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd     http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd">      <security:http auto-config="false" entry-point-ref="alterauthenticationentrypoint" create-session="always" use-expressions="true">         <security:intercept-url pattern="/blog**" access="hasrole('role_admin')"/>     </security:http>      <security:authentication-manager alias="authenticationmanager">         <security:authentication-provider>             <security:user-service>                 <security:user name="d" password="secret" authorities="role_admin"/>             </security:user-service>         </security:authentication-provider>     </security:authentication-manager>      <security:custom-filter position="form_login_filter" ref="customizedformloginfilter"/><!--replace default one-->      <bean id="customizedformloginfilter"           class="org.springframework.security.web.authentication.usernamepasswordauthenticationfilter">         <property name="authenticationmanager"                   ref="alterauthenticationmanager"/>         <property name="allowsessioncreation" value="true"/>      </bean>      <!--custom auth manager-->     <bean id="alterauthenticationmanager" class="com.fluid.ixtrm.newmodule.security.customauthenticationmanager"/>      <!--authentication entry point-->     <bean id="alterauthenticationentrypoint" class="com.fluid.ixtrm.newmodule.security.customauthenticationentrypoint">         <constructor-arg type="java.lang.string" value="/blog"/>     </bean>  </beans>

both classes (customauthenticationentrypoint extends loginurlauthenticationentrypoint , customauthenticationmanager implements authenticationmanager) implemented, code samples (i don't think cause problem).

i'm getting following error: 

org.springframework.beans.factory.parsing.beandefinitionparsingexception: configuration problem: security namespace not support decoration of element [custom-filter] offending resource: servletcontext resource [/web-inf/spring-security.xml]

i use spring security 3.2.3, , custom-filter tag present in spring-security-3.2.xsd. tell me please incorrect in security config.

your configuration not valid, see spring security reference:

41.1.19 <custom-filter>

this element used add filter filter chain. doesn’t create additional beans used select bean of type javax.servlet.filter defined in application context , add @ particular position in filter chain maintained spring security. full details can found in namespace chapter.

parent elements of <custom-filter>

  • http

your modified configuration of <security:http>:

<security:http auto-config="false" entry-point-ref="alterauthenticationentrypoint" create-session="always" use-expressions="true">    <security:intercept-url pattern="/blog**" access="hasrole('role_admin')"/>    <security:custom-filter position="form_login_filter" ref="customizedformloginfilter"/> </security:http>

Comments

Post a Comment

Popular posts from this blog

aws api gateway - SerializationException in posting new Records via Dynamodb Proxy Service in API -

i getting "__type": "com.amazon.coral.service#serializationexception" as reply in postman & in test console in api gateway trying post record directly dynamodb using api proxy services.. referring aws article - https://aws.amazon.com/blogs/compute/using-amazon-api-gateway-as-a-proxy-for-dynamodb/ here's mapping { "tablename": "tablenamegoeshere", "item": { "id" : "$context.requestid" "eventname" : "$input.path('$.eventname')", "timestamp" : $input.path('$.timestamp'), "answers": "$util.parsejson($input.path('$.answers'))" } } update: did asked ... , worked if try add array of json objects gives me above same error - here's trying now. please - couldnt find on google well #set($inputroot = $input.path('$')) { "tablename": "answer", "item": {
Read more

asp.net - Problems sending emails from forum -

i have been redesigning site has message board, has been written guy looked after site. it has few problems , written in .asp , uses .mdb files database. you can see whole thing here . feel free post if helps, test thing have set using original files , new database. the basic problem when posts message, supposed email sent them, have posted it. when replies, originator supposed message, replier has been posted. i’d have thought @ point in process there should script/file in postmessage.asp? the postmessage.asp page below. <% option explicit %> <!-- #include virtual="common/adovbs.inc" --> <html> <head> <meta http-equiv="content-type" content="text/html; charset=windows-1252"> <meta name="generator" content="microsoft frontpage 4.0"> <meta name="progid" content="frontpage.editor.document"> <title>new page 2</title> <base target="_self"
Read more