voyent
Spring Security tutorial isn't correct anymore?  XML
Forum Index -> General Help
Author Message
Maarten1985

Joined: 18/Mar/2011 12:06:31
Messages: 4
Offline


IceFaces 2.0.2
JSF 2.1.6
Spring 3.1
Spring Security 3.1

I've tried to implement the Spring Security 3 and ICEfaces 2 tutorial into my project, but when starting the application I'm getting the following error.

rg.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChain#3' while setting bean property 'sourceList' with key [3]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#3': Cannot resolve reference to bean 'sessionManagementFilter' while setting constructor argument with key [7]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sessionManagementFilter' defined in ServletContext resource [/WEB-INF/applicationContext.xml]: Error setting property values; nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'invalidSessionUrl' of bean class [org.springframework.security.web.session.SessionManagementFilter]: Bean property 'invalidSessionUrl' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:353)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:153)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1360)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1118)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:294)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:225)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:291)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:567)
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:913)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:464)
at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:384)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:283)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:111)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4206)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:4705)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1057)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:840)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1057)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:463)
at org.apache.catalina.core.StandardService.start(StandardService.java:525)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:754)
at org.apache.catalina.startup.Catalina.start(Catalina.java:595)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#3': Cannot resolve reference to bean 'sessionManagementFilter' while setting constructor argument with key [7]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sessionManagementFilter' defined in ServletContext resource [/WEB-INF/applicationContext.xml]: Error setting property values; nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'invalidSessionUrl' of bean class [org.springframework.security.web.session.SessionManagementFilter]: Bean property 'invalidSessionUrl' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:353)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:153)
at org.springframework.beans.factory.support.ConstructorResolver.resolveConstructorArguments(ConstructorResolver.java:616)
at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:148)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1035)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:939)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:485)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:294)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:225)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:291)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)
... 32 more
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sessionManagementFilter' defined in ServletContext resource [/WEB-INF/applicationContext.xml]: Error setting property values; nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'invalidSessionUrl' of bean class [org.springframework.security.web.session.SessionManagementFilter]: Bean property 'invalidSessionUrl' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1396)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1118)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:294)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:225)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:291)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)
... 46 more
Caused by: org.springframework.beans.NotWritablePropertyException: Invalid property 'invalidSessionUrl' of bean class [org.springframework.security.web.session.SessionManagementFilter]: Bean property 'invalidSessionUrl' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?
at org.springframework.beans.BeanWrapperImpl.setPropertyValue(BeanWrapperImpl.java:1064)
at org.springframework.beans.BeanWrapperImpl.setPropertyValue(BeanWrapperImpl.java:924)
at org.springframework.beans.AbstractPropertyAccessor.setPropertyValues(AbstractPropertyAccessor.java:76)
at org.springframework.beans.AbstractPropertyAccessor.setPropertyValues(AbstractPropertyAccessor.java:58)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1393)
... 54 more
6-jan-2012 11:51:26 org.apache.catalina.core.StandardContext listenerStart
SEVERE: Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChain#3' while setting bean property 'sourceList' with key [3]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#3': Cannot resolve reference to bean 'sessionManagementFilter' while setting constructor argument with key [7]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sessionManagementFilter' defined in ServletContext resource [/WEB-INF/applicationContext.xml]: Error setting property values; nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'invalidSessionUrl' of bean class [org.springframework.security.web.session.SessionManagementFilter]: Bean property 'invalidSessionUrl' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:353)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:153)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1360)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1118)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:294)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:225)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:291)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:567)
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:913)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:464)
at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:384)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:283)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:111)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4206)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:4705)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1057)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:840)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1057)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:463)
at org.apache.catalina.core.StandardService.start(StandardService.java:525)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:754)
at org.apache.catalina.startup.Catalina.start(Catalina.java:595)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#3': Cannot resolve reference to bean 'sessionManagementFilter' while setting constructor argument with key [7]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sessionManagementFilter' defined in ServletContext resource [/WEB-INF/applicationContext.xml]: Error setting property values; nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'invalidSessionUrl' of bean class [org.springframework.security.web.session.SessionManagementFilter]: Bean property 'invalidSessionUrl' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:353)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:153)
at org.springframework.beans.factory.support.ConstructorResolver.resolveConstructorArguments(ConstructorResolver.java:616)
at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:148)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1035)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:939)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:485)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:294)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:225)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:291)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)
... 32 more
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sessionManagementFilter' defined in ServletContext resource [/WEB-INF/applicationContext.xml]: Error setting property values; nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'invalidSessionUrl' of bean class [org.springframework.security.web.session.SessionManagementFilter]: Bean property 'invalidSessionUrl' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1396)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1118)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:294)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:225)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:291)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)
... 46 more
Caused by: org.springframework.beans.NotWritablePropertyException: Invalid property 'invalidSessionUrl' of bean class [org.springframework.security.web.session.SessionManagementFilter]: Bean property 'invalidSessionUrl' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?
at org.springframework.beans.BeanWrapperImpl.setPropertyValue(BeanWrapperImpl.java:1064)
at org.springframework.beans.BeanWrapperImpl.setPropertyValue(BeanWrapperImpl.java:924)
at org.springframework.beans.AbstractPropertyAccessor.setPropertyValues(AbstractPropertyAccessor.java:76)
at org.springframework.beans.AbstractPropertyAccessor.setPropertyValues(AbstractPropertyAccessor.java:58)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1393)
... 54 more 


When looking in the APIdoc for org.springframework.security.web.session.SessionManagementFilter there's no invalidSessionUrl and redirectStrategy anymore in Spring Security 3.1.

I believe that your tutorial is wrong. It works fine with Spring Security 3.0.7.
dostpanky

Joined: 20/Mar/2010 00:00:00
Messages: 1
Offline


Any updates? we are also facing same issue.
futhark77

Joined: 18/Sep/2009 00:00:00
Messages: 56
Offline


I did not encounter this particular error but I have encountered this type of huge exception. If you read the last stack trace you will find the cause. In your case, the problem seems to be:

Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sessionManagementFilter' defined in ServletContext resource [/WEB-INF/applicationContext.xml]: Error setting property values; nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'invalidSessionUrl' of bean class [org.springframework.security.web.session.SessionManagementFilter]: Bean property 'invalidSessionUrl' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?

In other words, review your applicationContext.xml file. It seems you are trying to set property invalidSessionUrl of a bean named sessionManagementFilter, which is not allowed.
futhark77

Joined: 18/Sep/2009 00:00:00
Messages: 56
Offline


The SessionManagementFilter class changed in Spring Security v3.1 compared to v3.0. Here is a possible solution. The end result does not quite help me but I got past the errors you have posted.

http://stackoverflow.com/questions/10143539/jsf-2-spring-security-3-x-and-richfaces-4-redirect-to-login-page-on-session-tim
futhark77

Joined: 18/Sep/2009 00:00:00
Messages: 56
Offline


Attached is the updated tutorial for spring security 3.1. I also cleaned up a few unnecessary things. Note I forced the session expiration to 1 minute to test it easily.

Changes are summarized below.

HTH

Code:
 --- springsecurity-3-icefaces-3-tutorial/springsecurity/src/main/webapp/WEB-INF/applicationContext-security.xml 2012-05-02 10:32:52.000000000 -0400
 +++ updated-springsecurity-3-icefaces-3-tutorial/springsecurity/src/main/webapp/WEB-INF/applicationContext-security.xml 2012-09-19 16:41:25.000000000 -0400
 @@ -3,34 +3,29 @@
               xmlns:beans="http://www.springframework.org/schema/beans"
               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
               xsi:schemaLocation="http://www.springframework.org/schema/beans
 -           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
 -           http://www.springframework.org/schema/security
 -           http://www.springframework.org/schema/security/spring-security-3.0.xsd">
 -
 +             http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
 +             http://www.springframework.org/schema/security
 +             http://www.springframework.org/schema/security/spring-security-3.1.xsd">
 +        
      <!--  key configuration here is an entry point to be used by security intercepts -->
 -    <http realm="Sample Realm" entry-point-ref="authenticationEntryPoint" auto-config="false">
 +    <http auto-config="false">
  
          <custom-filter ref="sessionManagementFilter" before="SESSION_MANAGEMENT_FILTER" />
          <!-- any role that is used to protect a directory, can be multiples -->
          <intercept-url pattern='/secure/**' access='ROLE_READER' />
  
          <!-- enable form login to use UsernamePasswordAuthenticationFilter [/j_spring_security_check] -->
 -        <form-login login-page="/general/logins/htmlLogin.faces"  
 +        <form-login login-page="/general/logins/login.faces"  
                      authentication-failure-url="/general/logins/loginFailed.jsf"/>
  
          <!-- logout page uses the default LogoutFilter, no changes are needed as IT accepts a GET call... -->
          <!-- here is an example logout link:
                  <a href="#{request.contextPath}/j_spring_security_logout">Logout</a> -->
          <logout logout-url="/j_spring_security_logout"
 -                logout-success-url="/general/main.jsf"
 +                logout-success-url="/general/main.jsf?logout"
                  invalidate-session="true"/>
      </http>
  
 -    <beans:bean id="authenticationEntryPoint"
 -        class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
 -        <beans:property name="loginFormUrl" value="/general/logins/login.jsf" />
 -    </beans:bean>
 -
      <!-- test with this before you hook up your LDAP or other Authentication Manager -->
      <authentication-manager alias="authenticationManager">
          <authentication-provider>
 @@ -43,12 +38,13 @@
  
      <beans:bean id="sessionManagementFilter" class="org.springframework.security.web.session.SessionManagementFilter">
          <beans:constructor-arg name="securityContextRepository" ref="httpSessionSecurityContextRepository" />
 -        <beans:property name="invalidSessionUrl" value="/general/logins/sessionExpired.jsf" />
 -        <!-- this permits redirection to session timeout page from javascript/ajax or http -->
 -        <beans:property name="redirectStrategy" ref="jsfRedirectStrategy" />
 +                               <beans:property name="invalidSessionStrategy" ref="jsfInvalidSessionStrategy" />
      </beans:bean>
 +
 +    <beans:bean id="jsfInvalidSessionStrategy" class="com.icesoft.spring.security.JsfInvalidSessionStrategy">
 +        <beans:constructor-arg name="invalidSessionUrl" value="/general/logins/sessionExpired.jsf" />
 +               </beans:bean>
  
 -    <beans:bean id="jsfRedirectStrategy" class="com.icesoft.spring.security.JsfRedirectStrategy"/>
      <beans:bean id="httpSessionSecurityContextRepository" class="org.springframework.security.web.context.HttpSessionSecurityContextRepository"/>
  
  </beans:beans>
 diff -u -ur springsecurity-3-icefaces-3-tutorial/springsecurity/src/main/webapp/WEB-INF/web.xml updated-springsecurity-3-icefaces-3-tutorial/springsecurity/src/main/webapp/WEB-INF/web.xml
 --- springsecurity-3-icefaces-3-tutorial/springsecurity/src/main/webapp/WEB-INF/web.xml 2011-03-03 12:35:44.000000000 -0500
 +++ updated-springsecurity-3-icefaces-3-tutorial/springsecurity/src/main/webapp/WEB-INF/web.xml 2012-09-19 16:45:57.000000000 -0400
 @@ -60,12 +60,9 @@
      <listener>
          <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
      </listener>
 -    <listener>
 -        <listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
 -    </listener>
  
      <session-config>
 -        <session-timeout>60</session-timeout>
 +        <session-timeout>1</session-timeout>
      </session-config>
 
 Filename updated-springsecurity-3-icefaces-3-tutorial.zip [Disk] Download
 Description Spring Security 3 and ICEfaces 3 Tutorial Updated for Spring Security 3.1 http://wiki.icesoft.org/display/ICE/Spring+Security
 Filesize 37 Kbytes
 Downloaded:  408 time(s)

mark.collette


Joined: 07/Feb/2005 00:00:00
Messages: 1692
Offline


There is this updated tutorial for Spring Security 3.1 here:

http://www.icesoft.org/wiki/display/ICE/Spring+Security+3.1.2+with+ICEFaces+3.1
[Email]
 
Forum Index -> General Help
Go to:   
Powered by JForum 2.1.7ice © JForum Team