mercredi 27 mai 2015

Java Web App With Spring Security 3.2.3 No Deploy

I'm using the application server Wildfly 8.1.0. I'm trying to implement Spring Security Version 3.2.3, however while doing Deploy get the following error on the server console :

Implantando C:\Program Files (x86)\wildfly-8.2.0\standalone\deployments\tei-ambiente-1.0-SNAPSHOT.war
{"JBAS014671: Failed services" => {"jboss.deployment.unit.\"tei-ambiente-1.0-SNAPSHOT.war\".WeldStartService" => "org.jboss.msc.service.StartException in service jboss.deployment.unit.\"tei-ambiente-1.0-SNAPSHOT.war\".WeldStartService: Failed to start service
    Caused by: org.jboss.weld.exceptions.DeploymentException: WELD-001408: Unsatisfied dependencies for type AuthenticationManagerBuilder with qualifiers @Default
  at injection point [BackedAnnotatedParameter] Parameter 1 of [BackedAnnotatedMethod] @Inject public br.com.tei_ambiente.security.SecurityConfig.configureGlobal(AuthenticationManagerBuilder)
  at br.com.tei_ambiente.security.SecurityConfig.configureGlobal(SecurityConfig.java:0)
"}}

Below my SecuriryConfig.Java Archive

package br.com.tei_ambiente.security;

import javax.inject.Inject;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import br.com.tei_ambiente.security.authentication.AutenticacaoLogin;

@Configuration
@EnableWebSecurity
@ComponentScan(basePackages
        = {"br.com.tei_ambiente.security.authentication",
            "br.com.tei_ambiente.control.service",
            "br.com.tei_ambiente.persistence"})
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Inject
    private AutenticacaoLogin autenticacaoLogin;

    @Inject
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.authenticationProvider(autenticacaoLogin);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();
        http.exceptionHandling().accessDeniedPage("/login.xhtml")
                .and()
                .authorizeRequests()
                //.antMatchers("/administracao/**").hasRole("ADMIN")                        
                .anyRequest().authenticated()
                .and()
                .logout().logoutSuccessUrl("/login.xhtml?logout")
                .permitAll()
                .and()
                .formLogin().loginPage("/login.xhtml")
                .failureUrl("/login.xhtml")
                .permitAll();

    }

}

Below my AutenticationLogin.Java Archive

package br.com.tei_ambiente.security.authentication;

import br.com.tei_ambiente.control.facade.UsuarioFacade;
import br.com.tei_ambiente.entity.UsuarioEntity;
import br.com.tei_ambiente.util.BundleUtil;
import br.com.tei_ambiente.util.CriptografiaUtil;
import br.com.tei_ambiente.util.JsfUtil;
import javax.ejb.LocalBean;
import javax.ejb.Stateful;
import javax.inject.Inject;
import javax.inject.Named;
import lombok.Getter;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.stereotype.Service;

@Service
public class AutenticacaoLogin implements AuthenticationProvider {    

    @Inject
    @Getter
    private transient UsuarioFacade usuarioFacade;

    @Override    
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        String username = authentication.getName();
        String password = (String) authentication.getCredentials();

        UsuarioEntity usuario = null; //= this.usuarioFacade.recuperarUsuarioPorUsernameCaseInsensitive(username);

        String passwordMD5 = CriptografiaUtil.criptografar(password);
        if (usuario == null || !usuario.getPassword().equals(passwordMD5)) {
            JsfUtil.informarMensagemDeErro(BundleUtil.recuperarChave("mensagem.login.invalido"));
           //throw new BadCredentialsException("Dados não encontrados.");
        }

        return new UsernamePasswordAuthenticationToken(username, password, AuthorityUtils.NO_AUTHORITIES);        
    }

    //@Override
    public boolean supports(Class<?> arg0) {
        return true;
    }

}

In SecurityConfig file, I tried to change @Inject by @Autowired, but it still fails.

Thank you for your help.

Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)