Wednesday, November 28, 2012

Spring Security and Google App Engine

I'm working on Spring Security implementation for a few days now. The login form is displayed if I integrate spring security in a sample project. When I enable the Google App Engine in the eclipse project settings the redirect to the login form is not working anymore, so I can not secure the EntryPoint. If I have a single service on a specific URL which is not using RPC calls the spring security works well.
On the part of the application that uses RPC the login form is not rendered correctly and an exception is thrown. So most likely the rpc service is the source of the problem.

In addition my Spring Security configuration:
<?xml version="1.0" encoding="UTF-8"?>

<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
 
    <http auto-config="true">
        <intercept-url pattern="/login.html*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
        <intercept-url pattern="/*.css" access="IS_AUTHENTICATED_ANONYMOUSLY" />
        <intercept-url pattern="/economapp/**" access="ROLE_USER" />
        <intercept-url pattern="/gwt/**" access="ROLE_USER"/>
        <intercept-url pattern="/**/*.html" access="ROLE_USER"/>
        <intercept-url pattern="/*.html" access="ROLE_USER" />
        <intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
    </http>

    <!-- <beans:bean id="customEntryPoint" class="com.nfl.economapp.security.CustomAuthenticationEntryPoint" /> -->
    <beans:bean id="customAuthenticationProvider" class="com.nfl.economapp.security.CustomAuthenticationProvider" />
     
    <authentication-manager alias="authenticationManager">
        <authentication-provider ref="customAuthenticationProvider" />
    </authentication-manager>

</beans:beans>

Does anyone have an idea how to solve this? Or should I try Apache Shiro as an alternative?

--
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To view this discussion on the web visit https://groups.google.com/d/msg/google-web-toolkit/-/3GIrNehzIjcJ.
To post to this group, send email to google-web-toolkit@googlegroups.com.
To unsubscribe from this group, send email to google-web-toolkit+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)