Discussion :

[Mouns007]

Bonjour,

j'essaie de configurer spring security pour une authentification via ldap. Tout fonctionne bien jusqu'à que j'ajoute un encoder indispensable à l'authentification.
voici ma configuration

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
 
<beans xmlns:sec="http://www.springframework.org/schema/security"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
	xmlns="http://www.springframework.org/schema/beans"
	xsi:schemaLocation="http://www.springframework.org/schema/beans
          http://www.springframework.org/schema/beans/spring-beans.xsd 
         http://www.springframework.org/schema/security 
         http://www.springframework.org/schema/security/spring-security-3.2.xsd">
 
 
	<sec:http use-expressions="true" auto-config="true">
		<sec:intercept-url pattern="/WEB-INF/home.xhtml" access="permitAll" />
 
		<!-- <sec:logout logout-url="/j_spring_security_logout" -->
		<!-- invalidate-session="true" /> -->
		<sec:logout invalidate-session="true" logout-success-url="/index.xhtml"
			delete-cookies="JSESSIONID" logout-url="/j_spring_security_logout" />
		<sec:form-login login-processing-url="/j_spring_security_check"
			login-page="/WEB-INF/index.xhtml" 
			default-target-url="/WEB-INF/home.xhtml" 
			authentication-failure-url="/index.xhtml?error=1" />
 
		<sec:session-management invalid-session-url="/j_spring_security_logout" />
	</sec:http>
 
 
	<bean id="propertyConfigurer"
		class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
		<property name="ignoreResourceNotFound" value="true" />
		<property name="ignoreUnresolvablePlaceholders" value="false" />
		<property name="systemPropertiesModeName" value="SYSTEM_PROPERTIES_MODE_OVERRIDE" />
		<property name="locations">
			<list>
				<value>
					classpath:/jboss.properties
				</value>
			</list>
		</property>
	</bean>
 
	<sec:authentication-manager alias="authenticationManager">
        <sec:authentication-provider ref="ldapAuthProvider" >
        	<sec:password-encoder hash="{sha}" />
        </sec:authentication-provider>
    </sec:authentication-manager>
 
	<bean id="ldapUserSearch"
		class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
		<constructor-arg index="0" value="${ldap.user-search-base}" />
		<constructor-arg index="1" value="${ldap.user-search-filter}" />
		<constructor-arg index="2" ref="contextSource" />
		<property name="searchSubtree" value="true" />
	</bean>
 
	<bean id="contextSource"
		class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
		<constructor-arg value="${ldap.url}" />
		<property name="userDn" value="${ldap.manager-dn}" />
		<property name="password" value="${ldap.manager-password}" />
	</bean>
 
	<bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
        <constructor-arg>
            <bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
                <constructor-arg ref="contextSource"/>
                <property name="userDnPatterns">
                    <list>
                        <value>"${ldap.user-search-base}"</value>
                    </list>
                </property>
            </bean>
        </constructor-arg>
        <constructor-arg>
			<bean id="ldapAuthoritiesPopulator"
				class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
				<constructor-arg index="0" ref="contextSource" />
				<constructor-arg index="1" value="${ldap.group-search-base}" />
				<property name="groupSearchFilter" value="${ldap.group-search-filter}" />
				<property name="groupRoleAttribute" value="${ldap.group-role-attribute}" />
				<property name="rolePrefix" value="${ldap.role-prefix}" />
				<property name="searchSubtree" value="true" />
				<property name="convertToUpperCase" value="true" />
			</bean>
        </constructor-arg>
    </bean>
 
</beans>

Au démarrage de l'application j'ai l'errue suivante:

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
 
Context initialization failed: org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Failed to import bean definitions from URL location [classpath:spring/applicationContext-security.xml]
Offending resource: class path resource [spring/applicationContext.xml]; nested exception is org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: authentication-provider element cannot have child elements when used with 'ref' attribute
Offending resource: class path resource [spring/applicationContext-security.xml]
	at org.springframework.beans.factory.parsing.FailFastProblemReporter.error(FailFastProblemReporter.java:70)
	at org.springframework.beans.factory.parsing.ReaderContext.error(ReaderContext.java:85)
	at org.springframework.beans.factory.parsing.ReaderContext.error(ReaderContext.java:76)
	at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.importBeanDefinitionResource(DefaultBeanDefinitionDocumentReader.java:248)
	at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.parseDefaultElement(DefaultBeanDefinitionDocumentReader.java:199)
	at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.parseBeanDefinitions(DefaultBeanDefinitionDocumentReader.java:184)
	at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.doRegisterBeanDefinitions(DefaultBeanDefinitionDocumentReader.java:141)
	at org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader.registerBeanDefinitions(DefaultBeanDefinitionDocumentReader.java:110)
	at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.registerBeanDefinitions(XmlBeanDefinitionReader.java:508)
	at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:391)
	at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:335)
	at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:303)
	at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:180)
	at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:216)
	at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:187)
	at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125)
	at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:94)
	at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:129)
	at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:542)
	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:454)
	at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:403)
	at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:306)
	at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:106)
	at org.apache.catalina.core.StandardContext.contextListenerStart(StandardContext.java:3392)
	at org.apache.catalina.core.StandardContext.start(StandardContext.java:3850)
	at org.jboss.as.web.deployment.WebDeploymentService.start(WebDeploymentService.java:90)
	at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811)
	at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
	at java.lang.Thread.run(Thread.java:744)
Caused by: org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: authentication-provider element cannot have child elements when used with 'ref' attribute

Pour ma conf j'ai juste repris celle d'une application qui tourne déjà que j'ai adapté, et cette partie de la configuration est la meme, c'est ce que je ne comprend pas.
Est ce que quelqu'un pourrait m'eclairer. Merci

[andry.aime]

Bonjour,

Configuration problem: authentication-provider element cannot have child elements when used with 'ref' attribute

L'erreur est ici donc,

Code xml :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
<sec:authentication-provider ref="ldapAuthProvider" >
        	<sec:password-encoder hash="{sha}" />
        </sec:authentication-provider>

à remplacer par

Code xml :

Sélectionner tout - Visualiser dans une fenêtre à part

<sec:authentication-provider ref="ldapAuthProvider" />

Crée un bean

Code xml :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
<bean id="encoder" class="org.springframework.security.authentication.encoding.ShaPasswordEncoder">
     <constructor-arg value="256"/>
 </bean>

Regarde le doc ici pour SHA.

et dans le bean bean id="ldapAuthProvider", ajoute à la fin

Code xml :

Sélectionner tout - Visualiser dans une fenêtre à part

<property name="passwordEncoder" ref="encoder" />

A+.