Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-2050

Spring Security Application not authenticating against crowd while using the Crowd Spring Security Connector.

    XMLWordPrintable

Details

    • Bug
    • Resolution: Obsolete
    • Medium
    • None
    • 2.0.7
    • Authentication / Security
    • None

    Description

      i am getting the below exception on valid credentials

      java.lang.UnsupportedOperationException: Not giving you the password
      at com.atlassian.crowd.integration.springsecurity.user.CrowdUserDetails.getPassword(CrowdUserDetails.java:52)
      at org.springframework.security.providers.dao.DaoAuthenticationProvider.additionalAuthenticationChecks(DaoAuthenticationProvider.java:67)
      at org.springframework.security.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:137)
      at org.springframework.security.providers.ProviderManager.doAuthentication(ProviderManager.java:188)
      at org.springframework.security.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:46)
      at org.springframework.security.ui.basicauth.BasicProcessingFilter.doFilterHttp(BasicProcessingFilter.java:139)
      at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
      at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390)
      at org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:277)
      at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
      at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390)
      at org.springframework.security.ui.logout.LogoutFilter.doFilterHttp(LogoutFilter.java:89)
      at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
      at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390)
      at org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235)
      at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
      at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390)
      at org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:175)
      at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:183)
      at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:138)
      at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
      at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
      at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
      at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
      at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
      at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
      at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
      at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
      at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
      at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)

      My configuration in applicationContext-security.xml is as below

      <?xml version="1.0" encoding="UTF-8"?>
      <beans:beans xmlns="http://www.springframework.org/schema/security"
      xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:schemaLocation="http://www.springframework.org/schema/beans
      http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
      http://www.springframework.org/schema/security
      http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">

      <http auto-config="true">
      <intercept-url pattern='/login.htm*' filters='none' />
      <intercept-url pattern='/superPackage.htm*' access='ROLE_USER' />
      <form-login login-page='/login.htm' authentication-failure-url="/login.htm?error=1"/>
      </http>

      <authentication-provider user-service-ref="crowdUserDetailsService"></authentication-provider>
      <beans:bean id="crowdUserDetailsService"
      class="com.atlassian.crowd.integration.springsecurity.user.CrowdUserDetailsServiceImpl">
      <beans:property name="authenticationManager" ref="crowdAuthenticationManager" />
      <beans:property name="groupMembershipManager" ref="crowdGroupMembershipManager" />
      <beans:property name="userManager" ref="crowdUserManager" />
      <beans:property name="authorityPrefix" value="ROLE_" />
      </beans:bean>
      <beans:bean id="crowdAuthenticationProvider"
      class="com.atlassian.crowd.integration.springsecurity.RemoteCrowdAuthenticationProvider">
      <custom-authentication-provider />
      <beans:constructor-arg ref="crowdAuthenticationManager" />
      <beans:constructor-arg ref="httpAuthenticator" />
      <beans:constructor-arg ref="crowdUserDetailsService" />
      </beans:bean>

      </beans:beans>

      Please help

      Attachments

        Activity

          People

            Unassigned Unassigned
            66c397bb4ca7 shibani
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: