authentication 3 « Security « Spring Q&A





1. Authentication gap- using Acegi1.0.6    forum.springsource.org

Authentication gap- using Acegi1.0.6 Hi, I am using acegi1.0.6 version for security implmentation. I am not sure the functionality that I am expecting it is already provided by framework and I ...

2. Authentication question    forum.springsource.org

Authentication question Hi, I'm a newbie to spring security so was hoping someone could give me some guidance with the following authentication issue. I'm in the process of converting some custom ...

3. UrlResource with Authentication (Authenticator)    forum.springsource.org

Hello All, I want to use UrlResource to fetch an xml file from an url over http. The url is protected with username/password. How can i configure the UrlResource to accept ...

4. Multiple authentication provider    forum.springsource.org

Hi, I want to use acegi with two authenticate providers, one is LDAP and another is JDBC DAO. For example, the admin page will be authenticated with LDAP and the user ...

5. Customized action when fail to authenticate    forum.springsource.org

Hi, I've searched for a few day but fail to find my answer. I'd like to implement a number of retry increment when password is not matching the database one. And ...

6. Strange Authentication Requirement    forum.springsource.org

Hi in my application i need to extract the user information from the http header (the application get authorised by some diff appl and only the user info is put in ...

7. programmatic authentication switches users identities    forum.springsource.org

We have seen the *scary* scenario happen a couple times when testing our application. Please let me know how this could possibly be happening. 1) User 1 is logged in. 2) ...

8. Problem with Authentication (decision if user is anonymous or not)    forum.springsource.org

FIXED: Problem with Authentication (decision if user is anonymous or not) Hi all, im quite new here, a spring-newbie and have a little Problem that makes decision if a user is ...

9. "Spoofing" an Authentication object...    forum.springsource.org

And how exactly would a remote user accessing your application through a web browser do this? Theoretically what you are describing is a security hole but realistically, it means that the ...





10. Missing Authentication object after new Thread invocation    forum.springsource.org

Missing Authentication object after new Thread invocation Hello! Spring 2.5.4 Spring Security 2.0.3 In my application's service layer I have a service that starts a new Task by calling ThreadPoolTaskExecutor's execute() ...

11. Authentication problem with iframe.    forum.springsource.org

Hello everyone, I faced some strange issue concerning Spring security authentication, iframe and IE7 For instance, I have secured Home.html, which has included iframe pointed to secured Main.html using src attribute, ...

12. Authentication with 3 parameters    forum.springsource.org

Authentication with 3 parameters I need to authenticate via ws-security while not only using username and password, but also using a 3rd parameter "databaseBeanId" (because based on the databaseBeanId, the source ...

13. Using custom Authentication class    forum.springsource.org

Using custom Authentication class I'm reading the docs for Acegi Security 1.0.7 and I think I'm close to a design for my authentication scheme. I need to hook into Acegi for ...

14. additionalAuthenticationChecks is called twice with each authentication while failed    forum.springsource.org

I'm trying to add a bad login count within the additionalAuthenticationChecks method for my extension of the DaoAuthenticationProvider. However debugging shows that additionalAuthenticationChecks is called twice with each authentication. Is this ...

15. how to use custom-authentication-provider    forum.springsource.org

in ss2.04, i write a AuthenticationProvider,how i config it !below is the sample Code: ...

16. authentication ws    forum.springsource.org





17. Special needs with authentication process    forum.springsource.org

Special needs with authentication process Hello deer spring members. I've got a special needs : My webapp's authentication works with acegi. I've developped a custom authentication provider, based on the SapLogonTicket, ...

18. Authentication manager problem    forum.springsource.org

19. Mutual Authentication    forum.springsource.org

Hi, I am using Spring WS with HttpClient and XmlBeans and would now like to plug in support for Mutual Authentication (SSL). Has anyone done this before? Any starting advice would ...

20. Multi stage authentication with RSA    forum.springsource.org

Multi stage authentication with RSA I've just started using Spring security. Configuring authentication via SQL tables went very smoothly, but now I have a problem. One of the methods by which ...

21. Authentication and Authorisation of Service Layer with Spring DM    forum.springsource.org

Authentication and Authorisation of Service Layer with Spring DM Hello, I have a SpringDM bundle named "currency" offering services that I want to secure with Spring Security. My strategy is to ...

22. Custom Authentication Provider and User Details    forum.springsource.org

You'll have to explain what you mean by "use a custom UserDetails object". The UserDetails would normally be loaded somewhere inside your class "CustomAuthenticationProvider", so it's up to you how you ...

23. a little question about JNDI authentication    forum.springsource.org

java.sql.SQLException: [ibm][db2][jcc][t4][10205][11234] Null userid is not supported.DSRA0010E: SQL State = null, Error Code = -99,999 at com.ibm.db2.jcc.b.b.E(b.java:1792) at com.ibm.db2.jcc.b.b.d(b.java:1799)

24. simple question about jndi authentication    forum.springsource.org

25. antlm authentication - authentication failing    forum.springsource.org

antlm authentication - authentication failing I have a strange situation where authentication is unreliable 90% of the time for most users. Some users are the opposite. When authentication fails i get ...

26. JaxRpcProxyFactoryBean and authentication information    forum.springsource.org

Hello, I am trying to invoke a web service using Spring and JaxRpcPortProxyFacotryBean. When I try to invoke a unauthenticated web service, everything works fine. But When I try to invoke ...

27. Spring Security authentication and foundry load balancer switch issues    forum.springsource.org

Spring Security authentication and foundry load balancer switch issues All, My team is having some problems getting Spring/Spring Security working correctly when our application was put behind a load balancer on ...

28. Authentication Order    forum.springsource.org

Authentication Order Why does the DAO Authentication Provider not authenticate the user before authorization? For example in the application I am currently working on I just finished adding password expiration. To ...

29. Simultanious Multiple Authentication    forum.springsource.org

Feb 12th, 2009, 08:22 AM #1 Amishi Shah View Profile View Forum Posts Private Message Junior Member Join Date Feb 2009 Posts 14 Simultanious Multiple Authentication Hi, I am using spring ...

30. Manual Authentication    forum.springsource.org

Feb 12th, 2009, 02:40 PM #1 hoffmandirt View Profile View Forum Posts Private Message Member Join Date Sep 2006 Posts 58 Manual Authentication How can I authenicate a user manually? I ...

31. Pause after successfull authentication    forum.springsource.org

Pause after successfull authentication I have a application with acegi configured through spring. It uses Spring, Tapestry, Hivemodule. I do manul authentication in tapestry java file by ProcessingFilterClassObject.attemptAuthentication( username, password ). ...

32. authenticate against Spring Security directly    forum.springsource.org

Hello everyone, Is there a way to authenticate users against Spring Security directly instead of going through the provided servlet? Something that I could autowire into some login service and call ...

33. Authentication and Frameset question    forum.springsource.org

Authentication and Frameset question If a user fails authentication after using the app for a period of time, for example because their session timed out, is there any way to to ...

34. Authentication    forum.springsource.org

I need to authenticate the webservice client request using xwss. My authentication mechanism is to go check the database to see if the credentials are valid. Can you tell me which ...

35. Why can't cast UserDeails data from Authentication when anonymous    forum.springsource.org

Why can't cast UserDeails data from Authentication when anonymous Hi, I can't figure out now, I have a account bean to implements UserDetails interface, and I tried to cast the User ...

36. singpass authentication    forum.springsource.org

37. Spring authentication-provider    forum.springsource.org

Spring authentication-provider Hello, I'm new in Spring Security. I don't now how to solve a problem. The thing is that after login successfully I want to put some data in the ...

38. Modify authentication    forum.springsource.org

I want to use a method that I am defined for the authentication. For goal of integrate the method of authentication by potential keyboard as the authentication for the bank websites ...

39. Build a custom Authentication Provider    forum.springsource.org

Hello guys! I'd like to know how to build my own AuthenticationProvider. I've looked on the reference guide but I didn't find anything that could help me. I want intercept the ...

40. Authentication.getDetails() required    forum.springsource.org

Can you show the rest of your security config? I ran into that problem when trying to do some manual authentication after users complete a required training module.

41. Spring Security and Authentication Changes    forum.springsource.org

I'm rather new to all this and i was hoping somebody might be able to point me in the right direction. I'm currently working on a project that uses Spring Security ...

42. how do i add aditional atributes in authentication process?    forum.springsource.org

Code: package br.al.lindberg.tanatus.negocio.security; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.Authentication; import org.springframework.security.AuthenticationException; import org.springframework.security.providers.AuthenticationProvider; import br.al.lindberg.tanatus.TanatusResourceConstants; import br.al.lindberg.tanatus.negocio.facade.ICadastroFacade; /** * * @author Lindberg * */ public class SecurityAuthenticationProvider implements AuthenticationProvider{ @Autowired private ICadastroFacade cadastroFacade; ...

43. User Authentication after user registration    forum.springsource.org

User Authentication after user registration Hello, I am new to Spring. I am developing an application using maven, spring(2.5.6), hibernate and struts 2 and spring security (2.0.3). In my application I ...

44. Authentication for 2 apps with 2 different user data stores    forum.springsource.org

Authentication for 2 apps with 2 different user data stores Hi, There is a requirement on my project currently, which requires me to use something like single sign-on, but not quite ...

45. Authentication service not being called    forum.springsource.org

Authentication service not being called Hi, My apologies in advance for an amateur question. I have a spring mvc 2.5.4 app in which I am implementing spring security 2.0.4 using the ...

46. multiple security:custom-authentication-provider    forum.springsource.org

multiple security:custom-authentication-provider In applicationContext.xml, it is valid to defined multiple security:custom-authentication-provider ? for example will both be ...

47. Multiple authentication mechanism for single application    forum.springsource.org

Multiple authentication mechanism for single application Hi everybody, I just started with spring security for a new project that can be accessed in three different ways : 1 B2C access 2 ...

48. extra processing on authentication    forum.springsource.org

extra processing on authentication Hello, I'm refactoring an application and installing spring security on it(Spring 2.5, Spring Security 2.0.4). The old code need an object set in session at login time ...

49. Customize authentication failure message    forum.springsource.org

I'm aware that hideUserNotFoundExceptions property of daoAuthenticationProvider is responsible for showing authentication error messages. However I couldn't change it in the configuration. I tried to add the following bean but it ...

50. Required Authentication Manager    forum.springsource.org

I was wondering why an AuthenticationManager is required for every AbstractSecurityInterceptor. I would like to never reauthenticate, so my interceptor really only needs an AccessDecisionManager. If the Authentication object returned false ...

51. help authentication-provider spring security    forum.springsource.org

help authentication-provider spring security Hi people, how are you? i hope youre well. Im adding Spring Security to my Web application (im using Spring 2.0.5), and ive configured every aspects of ...

52. After authentication callback    forum.springsource.org

I was trying to see if there was a post authentication callback I could hook into to do things such as adding to the user's session. A search found this article ...

53. Using DAO Authentication    forum.springsource.org

Using DAO Authentication So I have been playing around with the DAO authentication and am a little confused about what needs to happen for this to fully work. I have a ...

54. Sending Additional Information to custom Authentication Provider    forum.springsource.org

Is it possible to send any additional information besides the username and password to the custom authentication Manager while implementing Spring security? I have a login form containing three fields viz. ...

55. Authentication Manager    forum.springsource.org

Authentication Manager I want to add custom authentication provider to the authentication manager. I know this cna be done as follows: Now the problem. I ...

56. Container Adapter Authentication Problem    forum.springsource.org

Aug 28th, 2009, 08:19 AM #1 pavan_mane View Profile View Forum Posts Private Message Junior Member Join Date Jul 2009 Location Bangalore Posts 3 Container Adapter Authentication Problem Hi, I am ...

57. Token based authentication    forum.springsource.org

Token based authentication Hi All I am new to Spring Security. And, I found Spring Security to secure your resources or, methods. There are many examples available for simple Authentication. But, ...

58. Totally lost w/ anonymous authentication    forum.springsource.org

Totally lost w/ anonymous authentication Hi, I am trying to enable anonymous authentication using Spring Security, but I keep getting this error when I add Code: to the HTTP configuration ...

59. Require Re-Authentication using Spring Security    forum.springsource.org

60. Multi-layer Authentication    forum.springsource.org

Multi-layer Authentication Hi, I'm brand new to Spring Security and I tried looking for an answer by searching but no luck. I wanted to know if it was possible to have ...

61. Authentication    forum.springsource.org

Authentication I am new to Spring Security (and Spring) and am confused. Thanks. Is the code below in lieu of spec'ing a AuthenticationProcessingFilter and AuthenticationProcessingFilterEntryPoint? Code:

62. User is not prompted to authenticate after restarting the server    forum.springsource.org

User is not prompted to authenticate after restarting the server Spring security has been used for our application. Spring security has been configured in bean declaration way (namespace configuration is not ...

63. Can i put 3 different authentication schemes in same spring security configuration ?    forum.springsource.org

Can i put 3 different authentication schemes in same spring security configuration ? Hi, My requirement is to provide: Userid password based authentication. Open id based authentication Url based authentication (its ...

64. Custom Authentication    forum.springsource.org

Custom Authentication I have a completely restricted site that only allows visitors if they can authenticate by passing in the following parameters: acct # timestamp signature Once these are verified, which ...

65. Inject DAO into custom authentication    forum.springsource.org

Inject DAO into custom authentication Iam using spring cutom authentication . i would like to inject dao Object into custom authentication bean . how its possible ? Code: package spring.login; import ...

66. Two layers of authentication    forum.springsource.org

Two layers of authentication Is it possible (and how) to first authenticate users via LDAP and if that fails lookup the user in a database (and authenticate him)? My scenario is, ...

67. User authentication with symmetric key    forum.springsource.org

Dec 18th, 2009, 05:09 PM #1 lordjoker View Profile View Forum Posts Private Message Junior Member Join Date Dec 2009 Posts 3 User authentication with symmetric key Dear users, I have ...

68. Authentication object disappears    forum.springsource.org

Authentication object disappears Hi again guys, I'm still suffering from the problem with passed authentication but no authorization. I noticed that after authentication has been successfully performed the debug log says ...

69. Spring Authentication    forum.springsource.org

Dec 24th, 2009, 12:47 AM #1 suriin View Profile View Forum Posts Private Message Junior Member Join Date Dec 2009 Posts 16 Spring Authentication Hi , ApplicationContext.xml ---------------------- ...

70. using multiple authentication providers    forum.springsource.org

Jan 2nd, 2010, 04:16 PM #1 raja_s_patil View Profile View Forum Posts Private Message Member Join Date Jan 2009 Posts 56 using multiple authentication providers hello, I am learning Spring and ...

71. Spring 3 and     forum.springsource.org

Spring 3 and I'm trying to get working with latest Spring 3 and Spring Security 3 releases without success. This is how my -security.xml looks: [code]

72. custom authentication    forum.springsource.org

custom authentication Hi I am new to spring security and i have a question about it. I want develop a SOA application (Spring ws client) and i will use a login ...

73. How to do self authentication in server?    forum.springsource.org

How to do self authentication in server? During bootup, my server needs to detect if certain pre-defined data is missing in its data store and if so automatically load such data ...

74. Spring security - Pre Authentication    forum.springsource.org

Spring security - Pre Authentication I have an application which uses Spring security - Preauthentication classes for authentication. So my application authenticated against siteminder and my app doesnt need to worry ...

75. Returning additional information in an authentication object    forum.springsource.org

Returning additional information in an authentication object Hi currently i am writing an AuthenticationProvider that authenticates users based on a remote webservice. Upon successful login the webservice returns a session identifier ...

76. Central Authentication Service and Spring Security 3.x    forum.springsource.org

I use the CAS SSO 3.3.1. I try to migrate from Spring Security 2.5.6 to 3.0.2 version but I am a bit confused with some drastic changes. It seems that 'authenticationFailureUrl' ...

77. How to add to spring security my own authentication-provider    forum.springsource.org

How to add to spring security my own authentication-provider Hi all It's the first time I am trying to add spring security RELEASE-3.0 to my web application, I was reading the ...

78. Adding new users on first time authentication    forum.springsource.org

Adding new users on first time authentication Hello, I am building an application which will be primarily accessed by Mobile Phones over GPRS (and a limited version of it on the ...

79. Authenticate users manually    forum.springsource.org

Authenticate users manually I am trying to authenticate the user after I got credentials using oAuth (with Twitter if that makes a difference). As far as I could understand it, I ...

80. Reload Authentication object    forum.springsource.org

Hi I'm using Code: 3.0.1.RELEASE 3.0.2.RELEASE In runtime user's authorities may have been changed (e.g. when he we logging, he was granted ROLE_1 and ROLE_2, but later on he gained access ...

81. authenticate problem in iframe via XHR    forum.springsource.org

After logged in as ROLE_USER, I open a EXTJS panel containing an iframe, and by clicking a button in that iframe I send a XmlHttpRequest to server but the response is ...

82. Spring authentication customization    forum.springsource.org

Spring authentication customization Hi, I'm a new user of Spring security and want to apply spring to my existing project. Here is what I have now: 1. login.js with j_username, j_password ...

83. pass extra parameter through spring security authentication    forum.springsource.org

pass extra parameter through spring security authentication Hi, guys just tried out the spring security, i finished following the guide and everything works fine. but i have a problem here, if ...

84. how to authenticate using an activation link    forum.springsource.org

So to be short: 1)the user creates an account 2)he receive via email link with its activationId 3)he pressed the link (activates the account) and we want to authenticate him also ...

85. developing own authentication provider / binding libraries    forum.springsource.org

hello, at the moment I'm trying to develop my own authentication provider. but I have some problems: I'm not able to import the appropriate interface class org.acegisecurity.providers.Authentication-Provider I am getting of ...

86. Howto add security check when retreiving Authentication token ?    forum.springsource.org

Howto add security check when retreiving Authentication token ? Hi all, I'm using Spring 3.0.2 in a web application. My application (A) is accessing from a portail (B) which provide a ...

87. Authentication with parameters    forum.springsource.org

Authentication with parameters First of all hello everybody. I'm new in the forum and i'm beggining with Spring. I have been reading the reference and some guides but i can't get ...

88. Trouble with authentication-manager    forum.springsource.org

Trouble with authentication-manager Hello, I'm using spring security 3.0.2 and spring fw 3.0 I have folowing problem It's my security-context.xml (i took it from the Reference Documentation) Code: ...

89. authentication-provider element problem    forum.springsource.org

authentication-provider element problem Hello, I have a problem using the below setup: Code:

90. multiple authentication-providers?    forum.springsource.org

multiple authentication-providers? In my application I have two types of subjects which need to authenticate to my web app: 'users' and 'server principals'. I have two different UserDetailsService implementations which look ...

91. Choosign between Authentication Providers at runtime    forum.springsource.org

Choosign between Authentication Providers at runtime Hi all, I'm using Spring Security 2.0.5.RELEASE and was wonder if it was possible to have two authentication providers set-up and then have a runtime ...

92. Multiple authentication providers    forum.springsource.org

Multiple authentication providers Context: - Spring 2.05 - CXF 2.2.7 - Tomcat 6.0.20 I use 2 custom authentication providers: .... ...

93. How to inject custom details for Authentication?    forum.springsource.org

94. Authentication being called twice    forum.springsource.org

Authentication being called twice Hello, I have implemented AuthenticationProvider to write my custom authentication logic. It is getting invoked. But the problem is, autehnticate() gets called twice. I am not able ...

95. What's the best way to do authentication in ssh?    forum.springsource.org

What's the best way to do authentication in ssh? struts2 +spring 3+hibernate. Now I wanna do login authentication over some protected resource, page or action. That being said, the page will ...

96. Manually requesting authentication    forum.springsource.org

Hi, I'm using typical Spring Security configuration. Everything works fine, but I'd like to manually request authentication by throwing AccessDeniedException in handleRequest method (in any AbstractController instance). As you know my ...

97. Authentication issue    forum.springsource.org

hi, I was able to use spring security 3.0.2 and use what I need here is to display the user first and last name instead of the userName after ...

98. Question on authentication success handler    forum.springsource.org

We have a hidden login form on the most of pages. It will show up when a user click the signin link. We also have a login page for the situation ...

99. ActiveDirectory authentication    forum.springsource.org

ActiveDirectory authentication Hello all i have a webapp which is currently usign LDAP for authenticating our users. At the moment i am using a LdapAuthenticationProvider along with ldap.authenticator.BindAuthenticator (and a user ...

100. Spring Security authentication    forum.springsource.org

Code: I have implemented UserDetailService interface and myUser class extends User class. I want to know in which ...