JSF2 + PrimeFaces + Hibernate + Spring Security 3 [Resolvido]

Estava tentando implementar o Spring Security no meu projeto, porém, após eu implementar, simplesmente, minha página não está reconhecendo os beans com anotações do Spring, quando eu tento usar anotações do JSF ele funciona.
O problema é, antes do Spring Security, eu usava anotações do Spring normalmente.

Aqui está o meu web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
	id="WebApp_ID" version="3.0">
	<display-name>SpringSecurity</display-name>
	<welcome-file-list>
		<welcome-file>index.html</welcome-file>
	</welcome-file-list>

	<!-- Inicializa o contexto do spring -->
	<listener>
		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
	</listener>
	<listener>
		<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
	</listener>
	<listener>
		<listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
	</listener>

	<servlet>
		<servlet-name>Faces Servlet</servlet-name>
		<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
		<load-on-startup>1</load-on-startup>
	</servlet>
	<servlet-mapping>
		<servlet-name>Faces Servlet</servlet-name>
		<url-pattern>*.jsf</url-pattern>
	</servlet-mapping>

	<!-- Tema do primefaces -->
	<context-param>
		<param-name>primefaces.THEME</param-name>
		<param-value>le-frog</param-value>
	</context-param>

	<!-- Spring Security -->
	<context-param>
		<param-name>contextConfigLocation</param-name>
		<param-value>
			/WEB-INF/applicationContext-security.xml
			/WEB-INF/applicationContext.xml
		</param-value>
	</context-param>
	<filter>
		<filter-name>springSecurityFilterChain</filter-name>
		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
	</filter>
	<filter-mapping>
		<filter-name>springSecurityFilterChain</filter-name>
		<url-pattern>/*</url-pattern>
		<dispatcher>FORWARD</dispatcher>
		<dispatcher>REQUEST</dispatcher>
	</filter-mapping>

</web-app>

Aqui o meu applicationContext.xml


<beans xmlns="http://www.springframework.org/schema/beans" xmlns:context="http://www.springframework.org/schema/context" xmlns:security="http://www.springframework.org/schema/security" xmlns:tx="http://www.springframework.org/schema/tx" xmlns:aop="http://www.springframework.org/schema/aop" xmlns:jdbc="http://www.springframework.org/schema/jdbc" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:task="http://www.springframework.org/schema/task"
	xsi:schemaLocation="http://www.springframework.org/schema/beans
					http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
					http://www.springframework.org/schema/context
					http://www.springframework.org/schema/context/spring-context-3.0.xsd
					http://www.springframework.org/schema/jdbc
					http://www.springframework.org/schema/jdbc/spring-jdbc-3.0.xsd
					http://www.springframework.org/schema/security
					http://www.springframework.org/schema/security/spring-security-3.1.xsd
					http://www.springframework.org/schema/tx
					http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
					http://www.springframework.org/schema/aop
					http://www.springframework.org/schema/aop/spring-aop-3.0.xsd
      				http://www.springframework.org/schema/task
		   			http://www.springframework.org/schema/task/spring-task-3.0.xsd
                    http://www.springframework.org/schema/util
                    http://www.springframework.org/schema/util/spring-util-3.0.xsd">

	<context:annotation-config />
	<context:component-scan base-package="com" />
	<task:annotation-driven />

	<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource">
		<property name="driverClassName" value="com.mysql.jdbc.Driver" />
		<property name="url" value="jdbc:mysql://localhost:3306/springsecurity" />
		<!-- <property name="driverClassName" value="org.hsqldb.jdbcDriver" /> <property name="url" value="jdbc:hsqldb:file:/Users/leonardo/dev/workboard/db/WorkboardDb;shutdown=true" /> <property name="url" value="jdbc:hsqldb:file:C:/dev/workboard/db/WorkboardDb;shutdown=true" /> -->
		<property name="username" value="root" />
		<property name="password" value="admin" />
	</bean>

	<bean id="entityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean" autowire-candidate="default">
		<property name="dataSource" ref="dataSource" />
		<property name="persistenceUnitName" value="SpringSecurityPU" />
		<property name="jpaVendorAdapter">
			<bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">
				<property name="generateDdl" value="false" />
				<property name="showSql" value="true" />
				<property name="databasePlatform" value="org.hibernate.dialect.MySQL5Dialect" />
				<!-- <property name="databasePlatform" value="org.hibernate.dialect.HSQLDialect" /> -->
			</bean>
		</property>
	</bean>

	<bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager" autowire-candidate="default">
		<property name="entityManagerFactory" ref="entityManagerFactory" />
	</bean>

	<tx:annotation-driven transaction-manager="transactionManager" proxy-target-class="true" />

	<bean class="org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor" />

</beans>

Aqui o meu applicationContext-security


<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
	xmlns:beans="http://www.springframework.org/schema/beans" xmlns:aop="http://www.springframework.org/schema/aop"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.springframework.org/schema/beans	
		http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
		http://www.springframework.org/schema/aop 
		http://www.springframework.org/schema/aop/spring-aop-3.0.xsd
		http://www.springframework.org/schema/security 
		http://www.springframework.org/schema/security/spring-security-3.1.xsd">

	<beans:bean id="concurrencyFilter"
		class="org.springframework.security.web.session.ConcurrentSessionFilter">
		<beans:property name="sessionRegistry" ref="sessionRegistry" />
		<beans:property name="expiredUrl" value="/session-expired.htm" />
	</beans:bean>

	<beans:bean id="sas"
		class="org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy">
		<beans:constructor-arg name="sessionRegistry"
			ref="sessionRegistry" />
		<beans:property name="maximumSessions" value="1" />
	</beans:bean>

	<beans:bean id="sessionRegistry"
		class="org.springframework.security.core.session.SessionRegistryImpl" />

	<http use-expressions="true">
		<custom-filter position="CONCURRENT_SESSION_FILTER" ref="concurrencyFilter" />
		<form-login login-page="/index.jsf" default-target-url="/index.jsf"
			always-use-default-target="true" />
		<intercept-url pattern="/index.jsf" access="permitAll" />
		<intercept-url pattern="/createAccount.jsf" access="permitAll" />
		<intercept-url pattern="/islogged.jsf" access="isAuthenticated()" />

		<session-management
			session-authentication-strategy-ref="sas" />
	</http>

	<beans:bean id="authProvider" class="com.security.Authenticator">
		<aop:scoped-proxy />
	</beans:bean>

	<beans:bean id="userSession" class="com.beans.UserSession"
		scope="session">
		<aop:scoped-proxy />
	</beans:bean>

	<authentication-manager>
		<authentication-provider ref="authProvider" />
	</authentication-manager>

</beans:beans>

Minha bean de autentificação


package com.security;

import java.util.ArrayList;

import javax.annotation.PostConstruct;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.stereotype.Component;

import com.beans.AbstractBean;
import com.beans.UserSession;
import com.dao.IUserDAO;
import com.entities.Role;
import com.entities.User;
import com.utils.PasswordUtils;

@Component
@Scope("request")
public class Authenticator extends AbstractBean implements AuthenticationProvider {
	private static final long serialVersionUID = -3760269533661102670L;

	@Autowired
	private IUserDAO userDao;

	@Autowired
	private UserSession session;
	
	private User user;
	
	@PostConstruct
	public void init() {
		user = new User();
		user.setRoles(new ArrayList<Role>());
	}
	
	public String login() {
		try {
			user.setPassword(PasswordUtils.getHash(user.getPassword()));
			user = userDao.getLogin(user);

			if (user != null) {
				user.setPassword("");
				session.setUser(user);
				return "islogged";
			}

			messageInformation("Usuário ou senha inválidos!");
			return "";
		} catch (Exception ex) {
			messageError("Foi encontrado o seguinte erro: " + ex.getMessage());
			ex.printStackTrace();
			return "";
		}
	}
	
	public String logout(){
		session.setUser(null);
		return "index";
	}

	@Override
	public Authentication authenticate(Authentication arg0)
			throws AuthenticationException {
		// TODO Auto-generated method stub
		return null;
	}

	@Override
	public boolean supports(Class<?> arg0) {
		// TODO Auto-generated method stub
		return false;
	}

	public User getUser() {
		return user;
	}

	public void setUser(User user) {
		this.user = user;
	}
}

Minha entidade Role


package com.entities;

import java.beans.Transient;

import javax.persistence.Entity;
import javax.persistence.Table;

import org.springframework.security.core.GrantedAuthority;

@Entity
@Table(name="roles")
public class Role extends AbstractEntity implements GrantedAuthority{
	private static final long serialVersionUID = -4554663931743562798L;

	private String description;
	private String role;
	
	public String getDescription() {
		return description;
	}
	public void setDescription(String description) {
		this.description = description;
	}
	
	public String getRole() {
		return role;
	}
	public void setRole(String role) {
		this.role = role;
	}
	
	@Override
	@Transient
	public String getAuthority() {
		return role;
	}
	
	@Transient
	public void setAuthority(String authority) {
		this.role = authority;
	}
}

minha entidade User

package com.entities;

import java.util.List;

import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.JoinColumn;
import javax.persistence.JoinTable;
import javax.persistence.ManyToMany;
import javax.persistence.Table;

@Entity
@Table(name="users")
public class User extends AbstractEntity {
	private static final long serialVersionUID = 4366647536005304065L;

	private String login;
	private String password;
	
	private List<Role> roles;
	
	public String getLogin() {
		return login;
	}
	
	public void setLogin(String login) {
		this.login = login;
	}
	public String getPassword() {
		return password;
	}
	public void setPassword(String password) {
		this.password = password;
	}
	
	@ManyToMany(fetch = FetchType.EAGER)
	@JoinTable(name = "user_roles", joinColumns = { @JoinColumn(name = "user_id") }, inverseJoinColumns = { @JoinColumn(name = "role_id") })
	public List<Role> getRoles() {
		return roles;
	}
	
	public void setRoles(List<Role> roles) {
		this.roles = roles;
	}

}

E aqui o erro que dá:

[i]exception

javax.servlet.ServletException: /index.xhtml @16,65 value="#{authenticator.user.login}": Target Unreachable, identifier ‘authenticator’ resolved to null
javax.faces.webapp.FacesServlet.service(FacesServlet.java:606)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:311)
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:116)
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:101)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:182)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:125)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:173)
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
root cause

javax.el.PropertyNotFoundException: /index.xhtml @16,65 value="#{authenticator.user.login}": Target Unreachable, identifier ‘authenticator’ resolved to null
com.sun.faces.facelets.el.TagValueExpression.getType(TagValueExpression.java:100)
org.primefaces.renderkit.InputRenderer.getConverter(InputRenderer.java:162)
org.primefaces.renderkit.InputRenderer.getConvertedValue(InputRenderer.java:175)
javax.faces.component.UIInput.getConvertedValue(UIInput.java:1030)
javax.faces.component.UIInput.validate(UIInput.java:960)
javax.faces.component.UIInput.executeValidate(UIInput.java:1233)
javax.faces.component.UIInput.processValidators(UIInput.java:698)
javax.faces.component.UIComponentBase.processValidators(UIComponentBase.java:1214)
javax.faces.component.UIForm.processValidators(UIForm.java:253)
javax.faces.component.UIComponentBase.processValidators(UIComponentBase.java:1214)
javax.faces.component.UIComponentBase.processValidators(UIComponentBase.java:1214)
javax.faces.component.UIViewRoot.processValidators(UIViewRoot.java:1172)
com.sun.faces.lifecycle.ProcessValidationsPhase.execute(ProcessValidationsPhase.java:76)
com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:311)
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:116)
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:101)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:182)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:125)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:173)
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
[/i]

Estou usando o Tomcat 7,
Alguém sabe o que pode ser?

Obrigadão desde já! :stuck_out_tongue:

Eu sei, vem aqui na minha mesa q te explico hihihihi :smiley:

[quote=carlosbarretto]Eu sei, vem aqui na minha mesa q te explico hihihihi :smiley: [/quote] :open_mouth:

cara a resposta disso é simples JSF nao trabalha com Spring security… se vc quer fazer tratamento de ROLE tera de fazer com JAAS ou implementa na mão…

antes de iniciar um projeto sugiro que conheça como cada um trabalha para nao ter esse tipo de problema no futuro novamente

JSF trabalha com um ciclo de vida diferente do Spring Security…

Bem, eu consegui implementar. :stuck_out_tongue:
Eu esqueci de colocar a configuração de beans no faces-config e esqueci de adicionar o UserDetails no contexto do spring.

Aqui ficou minha classe Authenticator


package com.security;

import java.util.ArrayList;

import javax.annotation.PostConstruct;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import com.beans.AbstractBean;
import com.beans.UserSession;
import com.dao.IUserDAO;
import com.entities.Role;
import com.entities.User;
import com.utils.PasswordUtils;

@Component
@Scope("request")
public class Authenticator extends AbstractBean implements AuthenticationProvider {
	private static final long serialVersionUID = -3760269533661102670L;

	@Autowired
	private IUserDAO userDao;

	@Autowired
	private UserSession session;
	
	private User user;
	
	@PostConstruct
	public void init() {
		user = new User();
		user.setRoles(new ArrayList<Role>());
	}
	
	public String login() {
		try {
			user.setPassword(PasswordUtils.getHash(user.getPassword()));
			user = userDao.getLogin(user);

			if (user != null) {
				user.setPassword("");
				
				UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(user.getLogin(), null, user.getRoles());
				authToken.setDetails(user);

				SecurityContextHolder.createEmptyContext();
				SecurityContextHolder.getContext().setAuthentication(authToken);
				
				session.setUser(user);
				return "isLogged";
			}

			messageInformation("Usuário ou senha inválidos!");
			return "";
		} catch (Exception ex) {
			messageError("Foi encontrado o seguinte erro: " + ex.getMessage());
			ex.printStackTrace();
			return "";
		}
	}
	
	public String logout(){
		session.setUser(null);
		SecurityContextHolder.getContext().setAuthentication(null);
		return "index";
	}

	@Override
	public Authentication authenticate(Authentication arg0)
			throws AuthenticationException {
		// TODO Auto-generated method stub
		return null;
	}

	@Override
	public boolean supports(Class<?> arg0) {
		// TODO Auto-generated method stub
		return false;
	}

	public User getUser() {
		return user;
	}

	public void setUser(User user) {
		this.user = user;
	}
}

Aqui o meu faces config

<?xml version="1.0" encoding="UTF-8"?>

<faces-config xmlns="http://java.sun.com/xml/ns/javaee"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-facesconfig_2_0.xsd"
	version="2.0">
	
	<application>
		<el-resolver>org.springframework.web.jsf.el.SpringBeanFacesELResolver</el-resolver>
	</application>

	<navigation-rule>
		<navigation-case>
			<from-outcome>isLogged</from-outcome>
			<to-view-id>islogged.jsf</to-view-id>
			<redirect />
		</navigation-case>
	</navigation-rule>

	<navigation-rule>
		<navigation-case>
			<from-outcome>createAccount</from-outcome>
			<to-view-id>createAccount.jsf</to-view-id>
			<redirect />
		</navigation-case>
	</navigation-rule>

	<navigation-rule>
		<navigation-case>
			<from-outcome>index</from-outcome>
			<to-view-id>index.jsf</to-view-id>
			<redirect />
		</navigation-case>
	</navigation-rule>

</faces-config>

e o meu applicationContext-security.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
	xmlns:beans="http://www.springframework.org/schema/beans" 	xmlns:aop="http://www.springframework.org/schema/aop"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.springframework.org/schema/beans	
		http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
		http://www.springframework.org/schema/aop 
		http://www.springframework.org/schema/aop/spring-aop-3.0.xsd
		http://www.springframework.org/schema/security 
		http://www.springframework.org/schema/security/spring-security-3.1.xsd">

	<beans:bean id="concurrencyFilter"
		class="org.springframework.security.web.session.ConcurrentSessionFilter">
		<beans:property name="sessionRegistry" ref="sessionRegistry" />
		<beans:property name="expiredUrl" value="/session-expired.htm" />
	</beans:bean>

	<beans:bean id="sas"
		class="org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy">
		<beans:constructor-arg name="sessionRegistry"
			ref="sessionRegistry" />
		<beans:property name="maximumSessions" value="1" />
	</beans:bean>

	<beans:bean id="sessionRegistry"
		class="org.springframework.security.core.session.SessionRegistryImpl" />


	<http auto-config="true" use-expressions="true">
		<intercept-url pattern="/islogged.jsf" access="isAuthenticated()" />
		<form-login login-page="/index.jsf"
			authentication-failure-url="/index.jsf?erro=true" />
	</http>
	
	<beans:bean id="authProvider" class="com.security.Authenticator">
		<aop:scoped-proxy />
	</beans:bean>

	<beans:bean id="userSession" class="com.beans.UserSession"
		scope="session">
		<aop:scoped-proxy />
	</beans:bean>

	<authentication-manager>
		<authentication-provider ref="authProvider" />
	</authentication-manager>

</beans:beans>

De qualquer modo, obrigado!