tag:blogger.com,1999:blog-5097100801581543528.post8638648062985975000..comments2024-03-29T17:30:42.039+08:00Comments on krams::: Spring Security 3 - MVC Integration: Using A Custom Authentication ManagerMark Serranohttp://www.blogger.com/profile/07683739886053674459noreply@blogger.comBlogger33125tag:blogger.com,1999:blog-5097100801581543528.post-60549495173182917212023-12-23T23:24:31.198+08:002023-12-23T23:24:31.198+08:00yeezy outlet
golden goose outlet
bape
goyard
birki...<a href="http://www.yeezyboost.us" rel="nofollow"><strong>yeezy outlet</strong></a><br /><a href="http://www.goldengooseoutletstore.com" rel="nofollow"><strong>golden goose outlet</strong></a><br /><a href="http://www.abathingapeofficial.com" rel="nofollow"><strong>bape</strong></a><br /><a href="http://www.goyard-outlet.com" rel="nofollow"><strong>goyard</strong></a><br /><a href="http://www.birkinbag.us.com" rel="nofollow"><strong>birkin bag</strong></a><br /><a href="http://www.yeezysneakers.us.org" rel="nofollow"><strong>yeezy shoes</strong></a><br /><a href="http://www.goldengooseonlinestore.com" rel="nofollow"><strong>golden goose</strong></a><br /><a href="http://www.adidasyeezyuk.com" rel="nofollow"><strong>yeezy</strong></a><br /><a href="http://www.michaeljordanshoes.us.com" rel="nofollow"><strong>jordan shoes</strong></a><br /><a href="http://www.offwhitehoodies.us" rel="nofollow"><strong>off white</strong></a><br />Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-52768644555745378032018-09-12T17:39:56.576+08:002018-09-12T17:39:56.576+08:00Good Post! Thank you so much for sharing this pret...Good Post! Thank you so much for sharing this pretty post, it was so good to read and useful to improve my knowledge as updated one, keep blogging.<br /><br /><a href="https://www.emexotechnologies.com/courses/java-development-training/core-java-training/" rel="nofollow"> core java training in Electronic City</a><br /><br /><a href="https://www.emexotechnologies.com/courses/java-development-training/hibernate-training/" rel="nofollow"> Hibernate Training in electronic city</a><br /><br /><a href="https://www.emexotechnologies.com/courses/java-development-training/spring-training/" rel="nofollow"> spring training in electronic city</a><br /><br /><a href="https://www.emexotechnologies.com/courses/java-development-training/java-j2ee-training/" rel="nofollow"> java j2ee training in electronic city</a><br /><br />Renuhttps://www.blogger.com/profile/10645244396839047167noreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-69158592719471182802017-11-08T20:02:38.512+08:002017-11-08T20:02:38.512+08:00I
t
l
o
o
k
s
f
i
n
e
t
o
m
e
.
.
.
?I<br />t<br /><br />l<br />o<br />o<br />k<br />s<br /><br />f<br />i<br />n<br />e<br /><br />t<br />o<br /><br />m<br />e<br />.<br />.<br />.<br /><br /><br />?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-87475272411803426452013-12-03T12:29:37.559+08:002013-12-03T12:29:37.559+08:00Hi,
Please help, In secured channel https after a...Hi,<br /><br />Please help, In secured channel https after authenticating user successfully redirect to default URL using customSuccessHandler giving role_anonymous in filter chain and flows goes to access denied.<br /><br />Thanks in advanced.Anonymoushttps://www.blogger.com/profile/17563482801133820870noreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-25538758939244608142013-10-14T20:16:04.711+08:002013-10-14T20:16:04.711+08:00I think about how you got so exceptional. This is ...I think about how you got so exceptional. This is truly an interesting site, loads of stuff that I can get into. One thing I only need to say is that your Blog is so impeccable!<a href="http://www.custom-dissertation-help.com/essay-writing.html" rel="nofollow">best essays</a>Anonymoushttps://www.blogger.com/profile/00221642171317518751noreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-14200111756213712622013-05-06T16:13:04.664+08:002013-05-06T16:13:04.664+08:00in Chrome, download "stylebot" and remov...in Chrome, download "stylebot" and remove, style the elements, width etc as you want it.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-32247936052942016922013-04-04T02:36:22.563+08:002013-04-04T02:36:22.563+08:00hi,
thank you for the tutorial! I want to use th...hi, <br /><br />thank you for the tutorial! I want to use the spring security remember me function, so I add <br /><br />< security:http auto-config="false" use-expressions="true" access-denied-page="/krams/auth/denied"<br /> entry-point-ref="authenticationEntryPoint" ><br />// ....<br />< security:remember-me key="appKey" token-validity-seconds="864000" user-service-ref="customUserDetailManager"/><br /><br />< / ...><br /><br />and implement the detailuserservice, but it does not work. any ideas?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-50258988378842547822013-03-09T06:03:55.729+08:002013-03-09T06:03:55.729+08:00What happens to session-management? can we leave i...What happens to session-management? can we leave intact<br /><br /><br /> <br /> Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-60229155573875221322013-02-27T01:06:28.778+08:002013-02-27T01:06:28.778+08:00Sir,
I need to implement captcha functionality to ...Sir,<br />I need to implement captcha functionality to my spring security project, so please do some help for the same.. Surendra Jhahttps://www.blogger.com/profile/18197383890239568750noreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-84110494544767206162013-02-27T01:04:02.451+08:002013-02-27T01:04:02.451+08:00Thank you So much Sir,,, I have Learned so much fr...Thank you So much Sir,,, I have Learned so much from here and got solutions for many problems.....Thanks again...Surendra Jhahttps://www.blogger.com/profile/18197383890239568750noreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-28786567022608274622012-05-16T13:08:56.205+08:002012-05-16T13:08:56.205+08:00thank you so much ,please i need spring security w...thank you so much ,please i need spring security with hibernate .ensemiennoreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-91236803912754768762012-05-09T16:58:08.780+08:002012-05-09T16:58:08.780+08:00hi,krams
thanks for reply,
i had implemented that,...hi,krams<br />thanks for reply,<br />i had implemented that,i will explain what i did<br />in application security file i commented<br />user-service-ref under authentication-manager which call the jdbc-user-service which has that query,and write the same in a class that take the encoded password+ role +loginid and set to a bean class and my CustomUserDetailsService which implements AuthenticationProvider.<br />there in authenticate method i just compare the encoded password in db with PasswordEnder(authentication.getCredentials())<br />if this returns true then set the username+ password(endoed)+ role to return new UsernamePasswordAuthenticationToken(<br />but i'm not sure that is correct or not please correct me if i'm wrong.<br />and i don't know what is the use of supports method i just return true.<br /><br />is this authentication process is correct.<br /><br />please clarify me.sshttps://www.blogger.com/profile/13313453275808565094noreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-87906505627776009432012-05-08T10:47:38.511+08:002012-05-08T10:47:38.511+08:00Let me rephrase that, in the database, you've ...Let me rephrase that, in the database, you've stored the hashed form of the user's password. The hashed form is a combination of sha512 and custom encoding.<br /><br />When the CustomUserDetailsService receives the plain password from the user, it needs to be converted to sha512 and custom encoding as well before you can compare it from the hashed value from the database. <br /><br />Is this what you did?Mark Serranohttps://www.blogger.com/profile/07683739886053674459noreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-62313420505882591492012-05-08T10:45:28.365+08:002012-05-08T10:45:28.365+08:00As noted in the introduction of this guide:
Note:...As noted in the introduction of this guide:<br /><br />Note: I suggest reading the following tutorial as well which uses the latest Spring Security 3.1<br />Spring Security 3.1 - Implement UserDetailsService with Spring Data JPAMark Serranohttps://www.blogger.com/profile/07683739886053674459noreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-83543331592229612442012-05-08T10:45:01.204+08:002012-05-08T10:45:01.204+08:00Are you using the latest Spring Security jars? If ...Are you using the latest Spring Security jars? If yes, some classes were already removed and deprecated. If my memory serves me right, this is one of them. I think it's the parameters/arguments that has changed.Mark Serranohttps://www.blogger.com/profile/07683739886053674459noreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-76175854875629205632012-05-04T22:17:17.874+08:002012-05-04T22:17:17.874+08:00hi krams
how can we authenticate a user in spring...hi krams <br />how can we authenticate a user in spring mvc.<br />in a special application there is a sha512 password encoding +custom password encoding and that password is inserted to database.<br />On user login the password has to convert to that old password encoding and validate with those in database.<br /> in applicationcontex-security.xml <br />authentication-manager alias="authenticationManager"<br /> !--authentication-provider user-service-ref="userDetailsService"<br /> <br /> authentication-provider--<br /> authentication-provider ref='myAuthenticationProvider'<br /> authentication-manager<br /> beans:bean id="myAuthenticationProvider" class="aaa.CustomUserDetailsService"<br />!-- beans:property name="dataSource" ref="dataSource" --<br />beans:bean<br /><br />!-- jdbc-user-service authorities-by-username-query="select u.LOGINID as username,r.ROLE as authority from xxx u join yyy ur on u.USERSRNO=ur.USERSRNO join rrr r on r.ROLECD=ur.ROLECD where u.LOGINID=?" data-source-ref="dataSource" id="userDetailsService" users-by-username-query="select u.LOGINID as username,u.LOGINPASSWORD as password,u.USERSTATUS as enabled from xxx u where u.LOGINID=?"--<br /> <br /><br />the CustomUserDetailsService class implements AuthenticationProvider its getting the password we typing in password field ,i converted this password with passwordencoding ,now i need to authenticate with database and logged in.so what things i need to do extra in the customclass to validate with custompassword.<br /><br />please help me<br />thanks in advancesshttps://www.blogger.com/profile/13313453275808565094noreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-77056379719465940592012-04-15T01:20:21.459+08:002012-04-15T01:20:21.459+08:00grantedauthority cannot be resolved to a type.
do...grantedauthority cannot be resolved to a type.<br /><br />do i need to create it?<br /><br />thanks for the tutorial and a possible answerjakubPhttps://www.blogger.com/profile/02012805752148366409noreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-27795605607733541462012-03-27T06:49:06.628+08:002012-03-27T06:49:06.628+08:00Hi Krams,
Thanks for the tutorial, I am trying to...Hi Krams,<br /><br />Thanks for the tutorial, I am trying to get this to work with Hibernate. I can't Authenticate the user. I think it could be my DAO class. Code is below. Could you take a look and see if you can see a problem.<br /><br />Thanks <br /><br />Kris<br /><br />package com.gymsolutions.dao;<br /><br />import com.gymsolutions.form.DbUser;<br />import java.util.List;<br />import org.hibernate.SessionFactory;<br />import org.springframework.beans.factory.annotation.Autowired;<br />import org.apache.log4j.Logger;<br />import org.springframework.stereotype.Repository;<br />import java.lang.String;<br /><br />@Repository<br /><br />@SuppressWarnings("unchecked")<br /><br />public class AuthDAO {<br /> <br /> protected static Logger logger = Logger.getLogger("service");<br /><br /> @Autowired<br /> private SessionFactory sessionFactory;<br /> <br /> public List listUser() {<br /> return sessionFactory.getCurrentSession().createQuery("from DbUser").list();<br /> }<br /><br /> <br /> public DbUser searchDatabase(String username) {<br /> List users = sessionFactory.getCurrentSession().createQuery("from DbUser").list();<br /> for(DbUser dbUser:users) { <br /> if ( dbUser.getUsername().equals(username) == true ) {<br /> logger.debug("User found - UserDAOImpl");<br /> return dbUser;<br /> }<br /> } <br /> logger.debug("User does not exist - DAO"); <br /> throw new RuntimeException("User does not exist! - DAO");<br /><br /> } <br /><br /><br /><br />}Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-25671269379112373282012-01-13T12:04:30.811+08:002012-01-13T12:04:30.811+08:00I have uploaded a new tutorial using Spring Securi...I have uploaded a new tutorial using Spring Security 3.1 (see http://krams915.blogspot.com/2012/01/spring-security-31-implement_5023.html)Mark Serranohttps://www.blogger.com/profile/07683739886053674459noreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-61560042536846842142012-01-11T17:54:25.341+08:002012-01-11T17:54:25.341+08:00@ss, you can't comment out springSecurityFilte...@ss, you can't comment out springSecurityFilterChain, you need that for this application. Since you're actually using OpenSSO for authentication, it would require a different setup. I suggest you take a look at the related configuration CAS: http://static.springsource.org/spring-security/site/docs/3.1.x/reference/cas.html<br /><br />You might have to implement your own classes to integrate Spring Security and OpenSSO.<br /><br />Also take a look at the following comparison: http://www.liferay.com/community/forums/-/message_boards/message/4343249Mark Serranohttps://www.blogger.com/profile/07683739886053674459noreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-84782842136993145302012-01-10T22:27:35.648+08:002012-01-10T22:27:35.648+08:00the part of my xml is not showing
springSecurityFi...the part of my xml is not showing<br />springSecurityFilterChain<br />org.springframework.web.filter.DelegatingFilterProxy<br />the above part i commented and using<br />Agent<br />com.sun.identity.agents.filter.AmAgentFilter <br />in filter & filter classsshttps://www.blogger.com/profile/13313453275808565094noreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-37456173722852957672012-01-10T22:25:06.618+08:002012-01-10T22:25:06.618+08:00hi all please help,
i an mvc application i impleme...hi all please help,<br />i an mvc application i implemented opensso with ldap for authentication,it working .<br />now the problem is role based access is not working,means<br />when i put the<br /><br /><br /><br /><br /><br />Agent<br /> com.sun.identity.agents.filter.AmAgentFilter <br /><br /><br />Agent<br />/*<br />REQUEST<br />INCLUDE<br />FORWARD<br />ERROR<br /><br /><br /><br />i cant login when i use the springSecurityFilterChain ,so i comment that part ,now login is working ,but problem if the user know the url(*.htm) he can acess others pages.<br />how to change the spring security with out any other alteration in open sso.<br />another problem i'm facing is if username and password is not correct it redirecting to opensso authentication fail page,how to avoid this also.<br />we are using opensso with ldap configured manually,<br /><br /><br />please help me<br />thanks in advancesshttps://www.blogger.com/profile/13313453275808565094noreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-29169571197988812992011-12-21T20:37:03.312+08:002011-12-21T20:37:03.312+08:00Thank you for your great work ,
What about user ...Thank you for your great work , <br /><br />What about user details in the session registry ?<br /><br />They are not populated when I tested your sample <br /><br />your help is highly appreciatedعماد البلوشيhttps://www.blogger.com/profile/09170330229076911697noreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-68419528114923981742011-08-27T01:55:25.596+08:002011-08-27T01:55:25.596+08:00Thanks a lot!Thanks a lot!Anonymoushttps://www.blogger.com/profile/11163563862155019386noreply@blogger.comtag:blogger.com,1999:blog-5097100801581543528.post-91608675045259258172011-07-29T16:53:02.613+08:002011-07-29T16:53:02.613+08:00Why you use
if (auth.getName().equals(auth.getCre...Why you use <br />if (auth.getName().equals(auth.getCredentials()) == true) {<br />...<br />}<br />but not <br /><br />if (auth.getName().equals(auth.getCredentials())) {<br />...<br />}Anonymousnoreply@blogger.com