Spring Security + Crowd

[Cbani]

I am using spring-security-core-2.0.4 with springframework-2.5.
> I am using atlassain crowd for authentication and authorization.
> One thing I found in my com.atlassian.crowd.integration.springsecurity.use r.CrowdUserDetails class is, the below getter throws exception always if there is a request to get the password. For me in my code I am not doing anything explicitly to get the password infact I dont want that. The Crowd SpringSecurityConnector is the one who is trying to get the password for remember me purpose. For me http autoconfig is set to true. I tried a lot find out the way to disable remember me functionality; but no luck. Please gimme some inputs..
> public String getPassword()
> {
> throw new UnsupportedOperationException("Not giving you the password");
> }

> I do not want this remember me functionality; is there a way to disable the same???
> i am getting the below exception on valid credentials (as spring security is trying to get the password and crowd is not allowing and throwing back exception)
> > java.lang.UnsupportedOperationException: Not giving you the password
> > at com.atlassian.crowd.integration.springsecurity.use r.CrowdUserDetails.getPassword(CrowdUserDetails.ja va:52)
> > at org.springframework.security.providers.dao.DaoAuth enticationProvider.additionalAuthenticationChecks( DaoAuthenticationProvider.java:67)
> > at org.springframework.security.providers.dao.Abstrac tUserDetailsAuthenticationProvider.authenticate(Ab stractUserDetailsAuthenticationProvider.java:137)
> > at org.springframework.security.providers.ProviderMan ager.doAuthentication(ProviderManager.java:188)
> > at org.springframework.security.AbstractAuthenticatio nManager.authenticate(AbstractAuthenticationManage r.java:46)
> > at org.springframework.security.ui.basicauth.BasicPro cessingFilter.doFilterHttp(BasicProcessingFilter.j ava:139)
> > at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
> > at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
> > at org.springframework.security.ui.AbstractProcessing Filter.doFilterHttp(AbstractProcessingFilter.java: 277)
> > at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
> > at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
> > at org.springframework.security.ui.logout.LogoutFilte r.doFilterHttp(LogoutFilter.java:89)
> > at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
> > at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
> > at org.springframework.security.context.HttpSessionCo ntextIntegrationFilter.doFilterHttp(HttpSessionCon textIntegrationFilter.java:235)
> > at org.springframework.security.ui.SpringSecurityFilt er.doFilter(SpringSecurityFilter.java:53)
> > at org.springframework.security.util.FilterChainProxy $VirtualFilterChain.doFilter(FilterChainProxy.java :390)
> > at org.springframework.security.util.FilterChainProxy .doFilter(FilterChainProxy.java:175)
> > at org.springframework.web.filter.DelegatingFilterPro xy.invokeDelegate(DelegatingFilterProxy.java:183)
> > at org.springframework.web.filter.DelegatingFilterPro xy.doFilter(DelegatingFilterProxy.java:138)
> > at weblogic.servlet.internal.FilterChainImpl.doFilter (FilterChainImpl.java:56)
> > at weblogic.servlet.internal.WebAppServletContext$Ser vletInvocationAction.doIt(WebAppServletContext.jav a:3684)
> > at weblogic.servlet.internal.WebAppServletContext$Ser vletInvocationAction.run(WebAppServletContext.java :3650)
> > at weblogic.security.acl.internal.AuthenticatedSubjec t.doAs(AuthenticatedSubject.java:321)
> > at weblogic.security.service.SecurityManager.runAs(Se curityManager.java:121)
> > at weblogic.servlet.internal.WebAppServletContext.sec uredExecute(WebAppServletContext.java:2268)
> > at weblogic.servlet.internal.WebAppServletContext.exe cute(WebAppServletContext.java:2174)
> > at weblogic.servlet.internal.ServletRequestImpl.run(S ervletRequestImpl.java:1446)
> > at weblogic.work.ExecuteThread.execute(ExecuteThread. java:201)
> > at weblogic.work.ExecuteThread.run(ExecuteThread.java :173)


My configuration in applicationContext-security.xml is as below

Java Code:

<?xml version="1.0" encoding="UTF-8"?> <beans:beans 
xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
      [url]http://www.springframework.org/schema/beans/spring-beans-2.5.xsd[/url]
         [url=http://www.springframework.org/schema/security]Index of /schema/security[/url]
         http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
		<http auto-config="true">
			<intercept-url pattern='/login.htm*' filters='none' />		
			<intercept-url pattern='/superPackage.htm*' access='ROLE_USER' />
 			<form-login login-page='/login.htm' authentication-failure-url="/login.htm?error=1"/>
 		</http>
 	<authentication-provider user-service-ref="crowdUserDetailsService"></authentication-provider>
	<beans:bean id="crowdUserDetailsService"
 		class="com.atlassian.crowd.integration.springsecurity.user.CrowdUserDetailsServiceImpl">
		<beans:property name="authenticationManager" ref="crowdAuthenticationManager" />
		<beans:property name="groupMembershipManager" ref="crowdGroupMembershipManager" />
		<beans:property name="userManager" ref="crowdUserManager" />
 		<beans:property name="authorityPrefix" value="ROLE_" />
 	</beans:bean>
 	<beans:bean id="crowdAuthenticationProvider"
		class="com.atlassian.crowd.integration.springsecurity.RemoteCrowdAuthenticationProvider">
		<custom-authentication-provider />
 		<beans:constructor-arg ref="crowdAuthenticationManager" />
	<beans:constructor-arg ref="httpAuthenticator" />
		<beans:constructor-arg ref="crowdUserDetailsService" />
</beans:bean>
 </beans:beans>

[JosAH]

Why the funny ">" indentation? Did you copy and paste the text from somewhere else?

kind regards,

Jos

[Cbani]

ya.. Jos.. Thats because I posted the same in atlassain and spring security forums.. So, copied and pasted.. do ignore

[Cbani]

require urgent help on this guys

Below URL gives the complete details of the problem;

Spring Security 2.0.4 with spring 2.5 and Crowd 2.0.7 - Spring Community Forums

[Cbani]

is there anyone who can help on this please?