my web.xml config is
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
here is my security config
<intercept-url pattern="/*" access="ROLE_USER" />
<intercept-url pattern="/*.ico" filters="none" />
</http>
<beans:bean id="customAuthenticationProvider" class="net.spring3.provider.MyAuthProvider" />
<authentication-manager>
<authentication-provider ref="customAuthenticationProvider" />
</authentication-manager>
Here is my customAuthProvider class
public class MyAuthProvider implements AuthenticationProvider {
@Override
public boolean supports(Class<? extends Object> arg0) {
// TODO Auto-generated method stub
return false;
}
@SuppressWarnings("serial")
private static Map<String, String> SIMPLE_USERS = new HashMap<String, String>(2) {{
put("joe", "joe");
put("bob", "bob");
}};
@SuppressWarnings("serial" )
private static List<GrantedAuthority> AUTHORITIES = new ArrayList<GrantedAuthority>(1) {{
add(new GrantedAuthorityImpl("ROLE_USER"));
}};
@Override
public Authentication authenticate(Authentication auth) throws AuthenticationException
{
// All your user authentication needs
System.out.println("==Authenticate Me==");
if (SIMPLE_USERS.containsKey(auth.getPrincipal())
&& SIMPLE_USERS.get(auth.getPrincipal()).equals(auth.getCredentials()))
{
return new UsernamePasswordAuthenticationToken(auth.getName(), auth.getCredentials(), AUTHORITIES);
}
throw new BadCredentialsException("Username/Password does not match for " + auth.getPrincipal());
}
}
The page shows the login form and when I enter bob and bob as login , it throws up the following error.
Your login attempt was not successful, try again.
Reason: No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken
I checked the logs at debug level ALL and here is what I get.
FINE: Request is to process authentication
Nov 17, 2011 5:37:36 AM org.springframework.context.support.AbstractApplicationContext publishEvent
FINEST: Publishing event in Root WebApplicationContext: org.springframework.security.authentication.event.AuthenticationFailureProviderNotFoundEvent[source=org.springframework.security.authentication.UsernamePasswordAuthenticationToken@ffff8dfd: Principal: sd; Credentials: [PROTECTED]; Authenticated: false; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe3f86: RemoteIpAddress: 127.0.0.1; SessionId: x4lg4vtktpw9; Not granted any authorities]
Nov 17, 2011 5:37:36 AM org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter unsuccessfulAuthentication
FINE: Authentication request failed: org.springframework.security.authentication.ProviderNotFoundException: No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken
Any help on this..what am I doing wrong here ?
As you already wrote in your comment the problem is that you always return
falsein thesupports()method of your autentication provider. But instead of always returningtrueyou should check theauthenticationyou get like this: