This question already has answers here:
Why request is going to Struts Dispatcher?
(2 answers)
Closed 6 years ago.
I am using jersey with Struts2. But by RestFul Service calls are not working. Below are my configurations files
struts.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.1//EN"
"http://struts.apache.org/dtds/struts-2.1.dtd">
<struts>
<package name="default" namespace="/" extends="struts-default">
<result-types>
<result-type name="tiles" class="org.apache.struts2.views.tiles.TilesResult" />
</result-types>
<interceptors>
<interceptor-stack name="default">
<interceptor-ref name="defaultStack">
<param name="exception.logEnabled">true</param>
<param name="exception.logLevel">ERROR</param>
<param name="params.excludeParams">/service/*</param>
</interceptor-ref>
</interceptor-stack>
</interceptors>
<default-interceptor-ref name="default" />
<action name="defaultAction"
class="com.gemini.web.controller.BinMasterController"
method="binMaster">
<result name="binMaster" type="tiles">binMaster</result>
</action>
</package>
</struts>
Web.xml
<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd" >
<web-app>
<!-- Client config -->
<context-param>
<param-name>
org.apache.tiles.impl.BasicTilesContainer.DEFINITIONS_CONFIG
</param-name>
<param-value>
/WEB-INF/tiles.xml
</param-value>
</context-param>
<filter>
<filter-name>struts2</filter-name>
<filter-class>
org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>
org.apache.struts2.tiles.StrutsTilesListener
</listener-class>
</listener>
<!-- Jersey Support Configuration for RestFul WebServices -->
<servlet>
<servlet-name>jersey-serlvet</servlet-name>
<servlet-class>
com.sun.jersey.spi.container.servlet.ServletContainer
</servlet-class>
<init-param>
<param-name>com.sun.jersey.config.property.packages</param-name>
<param-value>com.gemini.rest.controller</param-value>
</init-param>
<init-param>
<param-name>com.sun.jersey.api.json.POJOMappingFeature</param-name>
<param-value>true</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>jersey-serlvet</servlet-name>
<url-pattern>/service/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>
With this configuration Struts2 filter intercepts all requests.
To exclude your /service/* requests use struts.action.excludePattern constant:
<constant name="struts.action.excludePattern" value="/service/.*" />
I have a similar architecture (using Struts2 and Jersey).
In my web.xml I have:
<filter>
<filter-name>struts2</filter-name>
<filter-class>
org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/admin/*</url-pattern>
</filter-mapping>
My Jersey is configured through an extended ResourceConfig:
#ApplicationPath("rest")
public class Config extends ResourceConfig {
public Config() {
super();
register(new Binder());
packages(true, this.getClass().getPackage().getName());
}
}
So the two are on separate url paths:
Struts is on /admin and Jersey is on /rest.
Related
I have a form with some fields that are validated while processing the form data. It's a kind of a plausibility / consistency check. The check itself is costly, so it should not be performed twice. But it must be performed during successful form submission, so it's part of the commandButton's action method in the backing bean.
I think if I use a <f:validator>, it will be performed once for the validation phase and then once again when submission takes place. As I said, that's not desirable.
As far as I understand the docs, it should be sufficient to add a message to one of the form's components in order to stay on the form.
So I've tried
FacesContext.getCurrentInstance().addMessage("comandButtonID", "some message");
but it does not stay on the form.
Do I need to do something additional to mark the form as invalid ?
If it matters, the backing bean is request-scoped.
So, here comes the minimal complete example.
OS: Linux
Browser: Chromium
Server: Tomcat 8.0.36
JDK: Oracle-JDK 1.8.0_92
JSF implementation: myfaces 2.1.18 + tomahawk 20-1.1.14
There is one thing I found out during creating this example:
When I set javax.faces.PROJECT_STAGE to "Development" and facelets.DEVELOPMENT to "true", and the message is displayed.
With the settings grom the web.xml below, it's not.
web.xml (omitted descriptions)
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<context-param>
<param-name>javax.faces.DEFAULT_SUFFIX</param-name>
<param-value>.xhtml</param-value>
</context-param>
<context-param>
<param-name>facelets.REFRESH_PERIOD</param-name>
<param-value>2</param-value>
</context-param>
<context-param>
<param-name>facelets.SKIP_COMMENTS</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Production</param-value>
</context-param>
<context-param>
<param-name>facelets.DEVELOPMENT</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>server</param-value>
</context-param>
<context-param>
<param-name>
org.apache.myfaces.NUMBER_OF_VIEWS_IN_SESSION
</param-name>
<param-value>20</param-value>
</context-param>
<!-- START MyFaces filter -->
<filter>
<filter-name>MyFacesExtensionsFilter</filter-name>
<filter-class>
org.apache.myfaces.webapp.filter.ExtensionsFilter
</filter-class>
<init-param>
<param-name>uploadMaxFileSize</param-name>
<param-value>100m</param-value>
</init-param>
<init-param>
<param-name>uploadThresholdSize</param-name>
<param-value>100k</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>MyFacesExtensionsFilter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>
<filter-mapping>
<filter-name>MyFacesExtensionsFilter</filter-name>
<url-pattern>/faces/myFacesExtensionResource/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>MyFacesExtensionsFilter</filter-name>
<url-pattern>*.xhtml</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>MyFacesExtensionsFilter</filter-name>
<url-pattern>/faces/*</url-pattern>
</filter-mapping>
<!-- END MyFaces filter -->
<!-- START MyFaces config -->
<context-param>
<param-name>org.apache.myfaces.SERIALIZE_STATE_IN_SESSION</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>org.apache.myfaces.PRETTY_HTML</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>org.apache.myfaces.ALLOW_JAVASCRIPT</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>org.apache.myfaces.DETECT_JAVASCRIPT</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>
org.apache.myfaces.READONLY_AS_DISABLED_FOR_SELECTS
</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>org.apache.myfaces.AUTO_SCROLL</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>
org.apache.myfaces.CHECK_EXTENSIONS_FILTER
</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>org.apache.myfaces.ADD_RESOURCE_CLASS</param-name>
<param-value>
org.apache.myfaces.renderkit.html.util.DefaultAddResource
</param-value>
</context-param>
<context-param>
<param-name>
org.apache.myfaces.RESOURCE_VIRTUAL_PATH
</param-name>
<param-value>/faces/myFacesExtensionResource</param-value>
</context-param>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<!-- END MyFaces config -->
<welcome-file-list>
<welcome-file>testform.xhtml</welcome-file>
</welcome-file-list>
</web-app>
faces-config.xml
<?xml version='1.0' encoding='UTF-8'?>
<faces-config xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-facesconfig_2_0.xsd"
version="2.0">
<managed-bean>
<managed-bean-name>FormTest</managed-bean-name>
<managed-bean-class>FormTest</managed-bean-class>
<managed-bean-scope>request</managed-bean-scope>
</managed-bean>
<navigation-rule>
<navigation-case>
<from-action>#{FormTest.formAction}</from-action>
<from-outcome>OK</from-outcome>
<to-view-id>/testform_OK.xhtml</to-view-id>
</navigation-case>
<!-- I've also tried to remove the second navigation-case -->
<navigation-case>
<from-action>#{FormTest.formAction}</from-action>
<from-outcome>FAIL</from-outcome>
<to-view-id>/testform.xhtml</to-view-id>
</navigation-case>
</navigation-rule>
</faces-config>
FormTest.java
public class FormTest {
String input;
public String getInput() {
return input;
}
public void setInput(String input) {
this.input = input;
}
public String formAction() {
final boolean valid = "ok".equalsIgnoreCase(input);
if (!valid) {
final FacesMessage message = new FacesMessage("not OK");
message.setSeverity(FacesMessage.SEVERITY_ERROR);
FacesContext.getCurrentInstance().addMessage("submit", message);
}
return valid ? "OK" : "FAIL";
}
}
testform.xhtml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:t="http://myfaces.apache.org/tomahawk">
<h:head>
<title>Test Form</title>
</h:head>
<h:body>
<h:form id="form">
<h:outputText value="Enter "ok" (case insensitive) to get to the next page."/>
<br/>
<h:outputText value="Any other value should give an error message and stay on this page."/>
<br/>
<h:inputText id="input" value="#{FormTest.input}"/>
<br/>
<h:message id="submitMessage" for="submit"/>
<t:commandButton id="submit" value="Submit" action="#{FormTest.formAction}"/>
</h:form>
</h:body>
</html>
testform_OK.xhtml
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html">
<h:head>
<title>Form was submitted</title>
</h:head>
<h:body>
Form was submitted with value "OK".
</h:body>
</html>
I tried spring security with GWT, its redirecting to login perfectly.
I stopped the server and started again and tried to access the URL.
Application doesn't show the login page. It directly going to home page.
Is this how the security works, how to make it work. User name, password and roles are configured in spring configuration files.
web.xml
<!-- web.xml -->
<web-app>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/gwtsecuritydemo-security.xml
/WEB-INF/gwtsecuritydemo-base.xml
</param-value>
</context-param>
<!-- Spring Security Filter Chain -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<!-- Servlets -->
<servlet>
<servlet-name>greetServlet</servlet-name>
<servlet-class>au.com.securitydemo.gwt.maven.sample.server.GreetingServiceImpl</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>greetServlet</servlet-name>
<url-pattern>/gwtsecuritydemo/greet</url-pattern>
</servlet-mapping>
<!-- Default page to serve -->
<welcome-file-list>
<welcome-file>gwtsecuritydemo.html</welcome-file>
</welcome-file-list>
</web-app>
and
spring configuration.
<!-- Spring Config -->
<http auto-config="true">
<intercept-url pattern="/*" access="ROLE_USER" />
</http>
<authentication-manager alias="authenticationManager">
<authentication-provider>
<user-service>
<user authorities="ROLE_USER" name="guest" password="guest" />
</user-service>
</authentication-provider>
</authentication-manager>
Thanks,
Bennet.
You server preserved sessions during restart or you configured "remember-me cookie".
To be sure, remove relevant cookies (usually JSESSIONID and REMEMBER_ME) from your browser and reload the page.
I've looked through all similar Qs on stackoverflow but it didn't help, sorry. The main difference I have from all of them is that I got EMPTY action name in error message. Googling didn't help :(
Hope someone just could give a hint where to look for the source of the problem. thx
message:
Stacktraces
There is no Action mapped for namespace [/] and action name [] associated with context path [/struts]. - [unknown location]
com.opensymphony.xwork2.DefaultActionProxy.prepare(DefaultActionProxy.java:185)
org.apache.struts2.impl.StrutsActionProxy.prepare(StrutsActionProxy.java:63)
org.apache.struts2.impl.StrutsActionProxyFactory.createActionProxy(StrutsActionProxyFactory.java:39)
com.opensymphony.xwork2.DefaultActionProxyFactory.createActionProxy(DefaultActionProxyFactory.java:58
..................
struts.xml:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd">
<struts>
<constant name="struts.devMode" value="true" />
<package name="default" namespace="/*" extends="struts-default">
<action name="login"
class="training.struts.action.LoginAction">
<result>login.jsp</result>
</action>
</package>
</struts>
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">
<display-name>Struts Lab</display-name>
<filter>
<filter-name>struts2</filter-name>
<filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Spring Config -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/springServlet/appServlet/mvc-servlet.xml,
/WEB-INF/db/db-cfg.xml,
/WEB-INF/springServlet/application-security.xml
</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>mvc</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/springServlet/appServlet/mvc-servlet.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>mvc</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- *** -->
<welcome-file-list>
<welcome-file>login.jsp</welcome-file>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>
well..image is impossible so the project structure is:
src/main/java
----+training.struts.action.LoginAction.java
src/main/webapp
----+WEB-INF
--------+classes
-----------+struts.xml
--------+db
-----------+db-cfg.xml
--------+springServlet
-----------+appServlet
---------------+mvc-servlet.xml
-----------+application-security.xml
--------+index.jsp
--------+login.jsp
--------+web.xml
UPDATE:
So sad to be stupid =(
I've moved my login.jsp from WEB-INF to webapp root and that solved the problem.
UPDATE2:
I've made some investigation:
if I remove "welcome-file-list" block from web.xml, container will look for "index.jsp" in webapp root to show as first view on application running. If I delete "index.jsp" then I'll got the identical exception message:
There is no Action mapped for namespace [/] and action name [] associated with context path [/struts]
So in my opinion if you have empty action name in error message with correct xml settings for struts, the first step should be start-up JSP availability checking.
Cheers, guys.
Add the below blank action to you struts.xml file in "/" package namespace and it will show the index.html when you will only try to access your url (like appid.app.com) and it will not show the error. Normally it will add a blank action and app engine will redirect the blank action to your welcome file.
<action name="" class="com.candi.actions.Dashboard" method="noAction">
<result name="success">index.jsp</result>
</action>
Add / in your namespace instead of /* :
<package name="default" namespace="/" extends="struts-default">
Or if issue not resolved than you can use Config Browser Plugin.
The Config Browser Plugin is a simple tool to help view an application's configuration at runtime. It is very useful when debugging problems that could be related to configuration issues.
OK, so I have placed login.jsp in a wrong place in my web-app folders structure.
That was the mistake
Add the following package in struts.xml
<package name="default" namespace="/" extends="struts-default">
<action name="login"
class="training.struts.action.LoginAction">
<result>login.jsp</result>
</action>
</package>
I changed the namespace in package tag to '/' and the problem resolved!!!
For me, I changed the opening tag of the web.xml file from
<web-app>
to
<web-app id="WebApp_ID" version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
I have commited the maven project to svn its working on my machine but when other's import that maven project they get exception :
Module declares a servlet class ....... , but the web.xml has no
corresponding mapping; please add the following lines to your web.xml
and this class belongs to the library my project using. I dont understand what is the problem. Please help me.
module.gwt.xml:
<?xml version="1.0" encoding="UTF-8"?>
<module rename-to='engile'>
<!-- Inherit the core Web Toolkit stuff. -->
<inherits name='com.google.gwt.user.User'/>
<!-- Inherit the default GWT style sheet. You can change -->
<!-- the theme of your GWT application by uncommenting -->
<!-- any one of the following lines. -->
<inherits name='com.google.gwt.user.theme.clean.Clean'/>
<!-- <inherits name='com.google.gwt.user.theme.standard.Standard'/> -->
<!-- <inherits name='com.google.gwt.user.theme.chrome.Chrome'/> -->
<!-- <inherits name='com.google.gwt.user.theme.dark.Dark'/> -->
<!-- Other module inherits -->
<inherits name="com.google.gwt.inject.Inject" />
<inherits name="com.appops.ui.basic.Fields" />
<inherits name='com.mvp4g.Mvp4gModule' />
<inherits name="gwtupload.GWTUpload"/>
<inherits name='com.google.api.gwt.oauth2.OAuth2'/>
<inherits name="com.google.gwt.xml.XML"/>
<inherits name="org.atmosphere.gwt.Client"/>
<!-- Logger at client side -->
<inherits name = "com.google.gwt.logging.Logging"/>
<set-property name="gwt.logging.enabled" value="TRUE"/>
<set-property name="gwt.logging.logLevel" value="INFO"/>
<set-property name="gwt.logging.popupHandler" value="DISABLED" />
<set-property name="gwt.logging.simpleRemoteHandler" value="ENABLED" />
<!-- Specify the app entry point class. -->
<entry-point class='com.engile.client.Engile'/>
<!-- Specify the paths for translatable code -->
<source path='client'/>
<source path='shared'/>
<!-- <set-property name="user.agent" value="safari"/>
<set-property name="user.agent" value="gecko1_8"/> -->
</module>
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
<filter>
<filter-name>guiceFilter</filter-name>
<filter-class>com.google.inject.servlet.GuiceFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>guiceFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>com.engile.server.guice.BootstrapListener</listener-class>
</listener>
<servlet>
<description>AtmosphereServlet</description>
<servlet-name>AtmosphereServlet</servlet-name>
<servlet-class>org.atmosphere.cpr.AtmosphereServlet</servlet-class>
<init-param>
<param-name>org.atmosphere.disableOnStateEvent</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>org.atmosphere.cpr.AtmosphereHandler</param-name>
<param-value>com.engile.server.services.AtmosphereHandler</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>AtmosphereServlet</servlet-name>
<url-pattern>/engile/gwtComet</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>remoteLoggingService</servlet-name>
<servlet-class>com.google.gwt.logging.server.RemoteLoggingServiceImpl</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>remoteLoggingService</servlet-name>
<url-pattern>/engile/remote_logging</url-pattern>
</servlet-mapping>
<!-- <servlet>
<servlet-name>testImpl</servlet-name>
<servlet-class>com.appops.server.TestImpl</servlet-class> </servlet>
<servlet-mapping> <servlet-name>testImpl</servlet-name>
<url-pattern>/engile/test</url-pattern>
</servlet-mapping> -->
<welcome-file-list>
<welcome-file>Engile.html</welcome-file>
</welcome-file-list>
</web-app>
You need to check all your interfaces which extends RemoteService and have declared a RemoteServiceRelativePath annotation, ensure that all such relative paths get mapped in web.xml
Example - in https://developers.google.com/web-toolkit/doc/latest/tutorial/RPC
#RemoteServiceRelativePath("stockPrices")
public interface StockPriceService extends RemoteService {
}
gets mapped to
<!-- Servlets -->
<servlet>
<servlet-name>stockPriceServiceImpl</servlet-name>
<servlet-class>com.google.gwt.sample.stockwatcher.server.StockPriceServiceImpl</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>stockPriceServiceImpl</servlet-name>
<url-pattern>/stockwatcher/stockPrices</url-pattern>
</servlet-mapping>
here is the description of problem. I am develepping a web application with GWT. I have successfullly integrate spring security with gwt for the authentication feature with the following code. Now I want to use the spring "method security" in my web application. So I did what it says in http://static.springsource.org/spring-security/site/docs/3.1.x/reference/ns-config.html,
just adding <global-method-security secured-annotations="enabled"/> in the above mentionned application context file.
<http>
<http-basic/>
<intercept-url pattern="/**" access=""/>
<form-login />
<logout />
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="jimis" password="jimispassword" authorities="ROLE_USER,ROLE_ADMIN" />
<user name="bob" password="bobspassword" authorities="ROLE_ADMIN" />
</user-service>
</authentication-provider>
</authentication-manager>
**<global-method-security secured-annotations="enabled"/>**
then adding the annotation #Secured("ROLE_ADMIN") above the function that I what to controle the access
Then I add the declaration of application context in the web.xml as following:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5"
xmlns="http://java.sun.com/xml/ns/javaee">
<!-- Default page to serve -->
<welcome-file-list>
<welcome-file>App.html</welcome-file>
</welcome-file-list>
<session-config>
<session-timeout>10</session-timeout> <!-- in minutes -->
</session-config>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext-security.xml
</param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>appService</servlet-name>
<servlet-class>com.google.gwt.app.example.server.AppServiceImpl</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>appService</servlet-name>
<url-pattern>/app/appService.rpc</url-pattern>
</servlet-mapping>
</web-app>
Note that I've just declared the gwt-servlet not the spring dispatcher servlet.
However it seems that this configuration doesn't work. In fact, whatever role can have the authority to access the function.
Very Strange.
Hope your answers!
Use a single global-method-security element containing both attributes.
Also read the relevant section of the Spring Security FAQ on issues with using method security and web controllers, if that's what you are doing (you will also find the same issue discussed here).
The log message you report is not an error and is unimportant unless you are using hasPermission() within your expressions.