I am very new to spring security . I picked up this book and trying to execute the code .
While I do this I am getting
org.springframework.beans.NotReadablePropertyException: Invalid property
'principal.username' of bean class
[org.springframework.security.authentication.AnonymousAuthenticationToken]:
Bean property 'principal.username' is not readable or has an invalid getter
method:
Does the return type of the getter match the parameter type of the setter?
My spring-security xml config :
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/login.do" access="permitAll"/>
<intercept-url pattern="/*" access="hasRole('ROLE_USER')"/>
<form-login login-page="/login.do"/>
</http>
<authentication-manager alias="authenticationManager">
<authentication-provider>
<user-service id="userService">
<user authorities="ROLE_USER" name="guest" password="guest"/>
</user-service>
</authentication-provider>
<!-- Ch 3 Change Password Service -->
<!--
<authentication-provider user-service-ref="userService"/>
-->
</authentication-manager>
Am I missing something ?
Let me know if you need any additional information.
What the error message seems to be indicating is that something is trying to access a non-existent property on an
AnonymousAuthenticationToken; i.e. the authentication token that spring security uses when the session is not logged in.I suspect that the problem is actually occurring either in your servlet code, or in a JSP that is trying to access the name of the current user via a spring security tag.
The complete stacktrace for the error might give us more clues. At least it should tell us where the exception is coming from.
(For what it is worth, an
AnonymousAuthenticationTokendoes have aprincipalproperty, but that property is not normally an object that has ausernameproperty. Indeed, it is often just a String.)