I have an application with spring security and I want to sign in with facebook and twitter, I have added spring social and I have configured my social.xml and my security.xml with the new configuratio, but my problem is when I come back from twitter, spring security does not keep me logged.
This is my social.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://ift.tt/GArMu6"
xmlns:xsi="http://ift.tt/ra1lAU"
xmlns:facebook="http://ift.tt/1ntWVld"
xmlns:twitter="http://ift.tt/1O8mgzX"
xmlns:social="http://ift.tt/1H4dcdg"
xmlns:linkedin="http://ift.tt/1O8mgQe"
xmlns:c="http://ift.tt/MffYna"
xmlns:context="http://ift.tt/GArMu7"
xsi:schemaLocation="http://ift.tt/1ntWVld http://ift.tt/UfCoJ6
http://ift.tt/1O8mgQe http://ift.tt/1H4deSB
http://ift.tt/GArMu6 http://ift.tt/1jdM0fG
http://ift.tt/1O8mgzX http://ift.tt/1O8mk2o
http://ift.tt/1H4dcdg http://ift.tt/1O8mk2q
http://ift.tt/GArMu7 http://ift.tt/1dfrlFf">
<!-- <context:property-placeholder location="classpath:/org/springframework/social/showcase/config/application.properties" /> -->
<!-- <context:property-placeholder location="classpath:application.properties"/> -->
<facebook:config app-id="818694878183775" app-secret="43f794d9bd451fc4c5c300359841fc44" app-namespace="socialshowcase" />
<twitter:config app-id="YR571S2JiVBOFyJS5MEg" app-secret="Kb8hS0luftwCJX3qVoyiLUMfZDtK1EozFoUkjNLUMx4"/>
<social:jdbc-connection-repository/>
<bean id="userIdSource" class="org.springframework.social.security.AuthenticationNameUserIdSource" />
<bean id="connectController" class="org.springframework.social.connect.web.ConnectController" autowire="constructor">
<property name="connectInterceptors">
<list>
<bean class="com.itripping.web.controller.Facebook.PostToWallAfterConnectInterceptor" />
<bean class="com.itripping.web.controller.twitter.TweetAfterConnectInterceptor" />
</list>
</property>
</bean>
<bean id="psc" class="org.springframework.social.connect.web.ProviderSignInController" autowire="constructor" />
<bean id="signInAdapter" class="com.itripping.social.signin.SimpleSignInAdapter" autowire="constructor" />
<bean id="disconnectController" class="org.springframework.social.facebook.web.DisconnectController"
c:_0-ref="usersConnectionRepository" c:_1="0b754d95f9c9899b0d6c4454b6f2dde7" />
This is my security.xml:
<beans xmlns="http://ift.tt/GArMu6"
xmlns:xsi="http://ift.tt/ra1lAU"
xmlns:security="http://ift.tt/1c8inpe"
xmlns:http="http://ift.tt/1c8inpe"
xsi:schemaLocation="http://ift.tt/GArMu6
http://ift.tt/QEDs1e
http://ift.tt/1c8inpe
http://ift.tt/SiGWZH">
<security:global-method-security pre-post-annotations="enabled" />
<!-- HTTP basic authentication in Spring Security -->
<!-- <security:http use-expressions="true" auto-config="false" pattern="/*" security="none"/>-->
<security:http use-expressions="true" auto-config="false" pattern="/error.html" security="none"/>
<security:http use-expressions="true" auto-config="false" pattern="/getPlacesList.html" security="none"/>
<security:http use-expressions="true" auto-config="false" pattern="/register.html" security="none"/>
<security:http use-expressions="true" auto-config="false" pattern="/user/register.html" security="none"/>
<security:http use-expressions="true" auto-config="false" pattern="/pages/login.jsp" security="none"/>
<security:http use-expressions="true" auto-config="false" pattern="/pages/register.jsp" security="none"/>
<security:http use-expressions="true" auto-config="false" pattern="/tiles/headerLogin.jsp" security="none"/>
<security:http use-expressions="true" auto-config="false" pattern="/tiles/footer.jsp" security="none"/>
<security:http use-expressions="true" auto-config="false" pattern="/forgotPassword.html" security="none"/>
<security:http use-expressions="true" auto-config="false" pattern="/pages/forgetPassword.jsp" security="none"/>
<security:http use-expressions="true" auto-config="false" pattern="/rest/activateAccount.html" security="none"/>
<security:http use-expressions="true" auto-config="false" pattern="/favicon.ico" security="none"/>
<security:http use-expressions="true" auto-config="false" pattern="/resources/js/bootstrap.min.js" security="none"/>
<security:http use-expressions="true" auto-config="false" pattern="/resources/css/bootstrap.min.css" security="none"/>
<security:http use-expressions="true" auto-config="false" pattern="/resources/css/styles.css" security="none"/>
<security:http use-expressions="true" auto-config="false" pattern="/resources/img/venecia.jpg" security="none"/>
<!-- <security:http use-expressions="true" auto-config="false" pattern="/rest/places/search.json" security="none"/>-->
<security:http use-expressions="true" auto-config="false">
<security:session-management session-fixation-protection="none"/>
<security:access-denied-handler error-page="/pages/accessDenied.jsp"/>
<security:intercept-url pattern="/admin/**" access="hasRole('ROLE_ADMIN')" />
<security:intercept-url pattern="/premium/**" access="hasRole('ROLE_PREMIUM')" />
<security:intercept-url pattern="/member/**" access="hasRole('ROLE_USER')" />
<security:form-login login-processing-url="/login/authenticate"
login-page="/login.html"
default-target-url="/login.html"
authentication-failure-url="/login.html?error=true"
/>
<security:logout logout-success-url="/login.html" logout-url="/j_spring_security_logout" delete-cookies="JESSIONID"/>
<!-- <security:remember-me "myAppKey" token-validity-seconds="864000" /> -->
<security:http-basic />
<!-- Adds social authentication filter to the Spring Security filter chain. -->
<security:custom-filter ref="socialAuthenticationFilter" before="PRE_AUTH_FILTER" />
</security:http>
<!--<security:form-login login-page='/login.html'
authentication-failure-url="/login.html?error=true"
authentication-success-handler-ref="myAuthenticationSuccessHandler"/>
<security:logout/>
<security:http-basic />
</security:http>-->
<bean id="myAuthenticationSuccessHandler"
class="com.itripping.web.security.MySimpleUrlAuthenticationSuccessHandler" />
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider>
<security:password-encoder hash="md5"/>
<security:jdbc-user-service
data-source-ref="dataSource"
users-by-username-query="
select email as 'username',password as 'password', active as 'enabled'
from LOGINDATA where email=?"
authorities-by-username-query="
select ld.email as 'username', ut.name as 'authority' from LOGINDATA ld, USER u, USERTYPE ut
where ld.logindatauserid = u.id and u.usertypeid = ut.id and ld.email =?"
/>
</security:authentication-provider>
<security:authentication-provider ref="socialAuthenticationProvider"/>
</security:authentication-manager>
<!--
Configures the social authentication filter which integrates Spring Social
with Spring Security.
-->
<bean id="socialAuthenticationFilter" class="org.springframework.social.security.SocialAuthenticationFilter">
<constructor-arg index="0" ref="authenticationManager"/>
<constructor-arg index="1" ref="userIdSource"/>
<constructor-arg index="2" ref="usersConnectionRepository"/>
<constructor-arg index="3" ref="connectionFactoryLocator"/>
<!-- Sets the url of the registration form. -->
<property name="signupUrl" value="/user/register"/>
</bean>
<!--
Configures the social authentication provider which processes authentication requests
made by using supported social authentication services (FB, Twitter and so on).
-->
<bean id="socialAuthenticationProvider" class="org.springframework.social.security.SocialAuthenticationProvider">
<constructor-arg index="0" ref="usersConnectionRepository"/>
<constructor-arg index="1" ref="socialUserDetailsService"/>
</bean>
<!--
This bean is used to load the user specific data when social sign in
is used.
-->
<bean id="socialUserDetailsService" class="com.itripping.web.controller.util.SimpleSocialUserDetailService">
<constructor-arg index="0" ref="userDetailsService"/>
</bean>
<bean id="userDetailsService" class="com.itripping.web.controller.util.RepositoryUserDetailsService" autowire="constructor"/>
<bean id="userIdSource" class="org.springframework.social.security.AuthenticationNameUserIdSource"/>
<bean id="textEncryptor" class="org.springframework.security.crypto.encrypt.Encryptors"
factory-method="noOpText" />
After logged with twitter, come back to user/register and here save the user, and after that, the appliction does not anything.
Aucun commentaire:
Enregistrer un commentaire