Spring Security no funciona en Glassfish v3

I have a java web application that use spring security for log in users, restriction access etc. , and it is working without problems on Glassfish 2.1, Tomcat, jetty, but on glassfish v3 doesn't work, when I try to login, and press button login, I'm getting login box from glassfish server(the box "The server xxxx requires user name and password").

Has somebody got such issue? Please let me know how I can solve this.

Thanks, Iurie

preguntado el 28 de septiembre de 11 a las 06:09

any logs or exception trace ? -

I see just a warning: WARNING|glassfish3.0.1|javax.enterprise.system.container.web.com.sun.web.security|_ThreadID=30;_ThreadName=Thread-1;|Web login failed: Login failed: javax.security.auth.login.LoginException: Failed file login for sysadmin.|#] -

when I'm trying to login also with the server login box -

4 Respuestas

I don't know what is causing this (and potentially it could be one of a number of things), but I suggest that you turn the logging level up to the max and see if that gives you some clues as to what is going on. (When the logging level is DEBUG or higher, SpringSecurity generates lots of logging.)

... the request is not sent to spring security, the glassfish stopped it with his basic authentication, the question is why.

I don't know what the cause of this is, but it sounds like some aspect of Glassfish authentication / authorization needs to be turned off if you want to use SpringSecurity. (Maybe you did this in your Glassfish 2.1 installation ...)

The way that SpringSecurity works, you will definitely see logging messages if a request goes to a servlet that has the SS filter chain in place. It is possible that there is a SS misconfiguration that means that you've not got the SS filter chain in place, but I suspect that the real problem is that Glassfish is doing its bit antes de the requests get sent to the filter chain.

Respondido el 29 de Septiembre de 11 a las 04:09

thanks for help. About logging, I will try to enable them, but I think, my login request do not reach the spring security filter, it is stopped by glasshfish. - Iurie

@user627346 - well the logging should confirm or disprove that. Also check to see if there is anything strange in the logs during Spring / SpringSecurity startup. - Stephen C

I enabled spring security logging and no erros/warnings on sturtup, and after pressing the login button, the request is not sent to spring security, the glassfish stopped it with his basic authentication, the question is why - Iurie

Try to comment the following fragment:


in ".../glassfish/domains/domain1/config/default-web.xml" archivo

Respondido el 29 de Septiembre de 11 a las 12:09

Did you create a JDBC Connection pool and Resource in Glassfish server?

Por ejemplo:

User: root     
Password: java     
databaseName: theDatabase     
serverName: localhost     
portNumber: 3306    
driverClass: com.mysql.jdbc.Driver   
URL: jdbc:mysql://localhost:3306/dbname  

Respondido el 28 de Septiembre de 11 a las 11:09

thanks for help. No, I have not defined any connections pool, all the resources are managed into web application. I downloaded a glassfish server, and without any modifications into settings, I deployed my application to it. - Iurie

The issue seems to be confusion over the /j_spring_security_check url, if you change it everything works again.

<security:form-login login-processing-url="/whatever_security_check" />

Consulte nuestra página este.

Respondido 02 ago 13, 08:08

No es la respuesta que estás buscando? Examinar otras preguntas etiquetadas or haz tu propia pregunta.