Pessoal configurei o spring security na minha aplicação JSF 2, ao digitar o login e senha corretos da erro de Acesso Negado.
Olhei o log da aplicação, da esse erro:
DEBUG ExceptionTranslationFilter - Access is denied (user is not anonymous); delegating to AccessDeniedHandler
org.springframework.security.access.AccessDeniedException: Access is denied
Alguém sabe o que pode ser ?
Segue minhas configurações:
applicationContext.xml
[code]<?xml version="1.0" encoding="UTF-8"?>
<b:beans xmlns=“http://www.springframework.org/schema/security”
xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance” xmlns:b=“http://www.springframework.org/schema/beans”
xsi:schemaLocation=“http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd”>
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/index.xhtml" access="hasRole('ROLE_USER')" />
<form-login login-page="/login.xhtml"
authentication-failure-url="/login.xhtml?erro=true" />
</http>
<authentication-manager>
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="SELECT login, password, enable FROM users WHERE login=?"
authorities-by-username-query="SELECT login, authority FROM users WHERE login=?" />
</authentication-provider>
</authentication-manager>
<b:bean id="dataSource"
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<b:property name="url" value="jdbc:postgresql:postgres" />
<b:property name="driverClassName" value="org.postgresql.Driver" />
<b:property name="username" value="postgres" />
<b:property name="password" value="1662442" />
</b:bean>
</b:beans>[/code]
Web.xml
[code]<?xml version="1.0"?>
<display-name>CoWeb</display-name>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.faces</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.xhtml</welcome-file>
</welcome-file-list>
<context-param>
<param-name>org.richfaces.skin</param-name>
<!-- <param-value>emeraldTown</param-value> -->
<param-value>classic</param-value>
<!-- <param-value>blueSky</param-value> -->
<!-- <param-value>ruby</param-value> -->
<!-- <param-value>wine</param-value> -->
<!-- <param-value>deepMarine</param-value> -->
<!-- <param-value>japanCherry</param-value> -->
<!-- <param-value>plain</param-value> -->
</context-param>
<filter>
<filter-name>HibernateFilter</filter-name>
<filter-class>br.com.CoWeb.hibernate.HibernateSessionRequestFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>HibernateFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Início das configurações para o Spring Security 3 -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Fim das configuração para utilizar o Spring Security 3 -->
[/code]
faces-config.xml
<?xml version="1.0" encoding="UTF-8"?>
<faces-config version="2.0" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-facesconfig_2_0.xsd">
<navigation-rule>
<navigation-case>
<from-outcome>home</from-outcome>
<to-view-id>/home/index.xhtml</to-view-id>
</navigation-case>
</navigation-rule>
<navigation-rule>
<navigation-case>
<from-outcome>paciente</from-outcome>
<to-view-id>/paciente/people.xhtml</to-view-id>
</navigation-case>
</navigation-rule>
<navigation-rule>
<navigation-case>
<from-outcome>produtos</from-outcome>
<to-view-id>/produtos/product.xhtml</to-view-id>
</navigation-case>
</navigation-rule>
<navigation-rule>
<from-view-id>/login.xhtml</from-view-id>
<navigation-case>
<to-view-id>/index.xhtml</to-view-id>
</navigation-case>
</navigation-rule>
</faces-config>
Login.xhtml
[code]<?xml version="1.0" encoding="UTF-8"?>
CoWeb <h:outputText value="Usuário ou senha incorretos!" rendered="#{param.erro}" style="color: darkred"/>
<form action="j_spring_security_check" method="post">
<h:panelGrid columns="2" cellpadding="5">
<h:outputLabel for="j_username" value="Username: *" />
<h:inputText id="j_username" required="true"/>
<h:outputLabel for="j_password" value="Password: * " />
<h:inputSecret id="j_password" required="true"/>
<h:commandButton value="Login"/>
</h:panelGrid>
</form>
</p:dialog>
</h:body>
[/code]