Spring Security e JDBC

Front-end
#1

Bom dia galera…

estou configurando o meu arquivo do spring security para fazer o select diretamente no banco de dados… mas eu recebo uma exceção dizendo q a conexão com JDBC foi fechada… alguém pode me ajudar?

CONSOLE:

11:45:56,571 DEBUG [ProviderManager ] Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider 11:45:56,578 DEBUG [JdbcTemplate ] Executing prepared SQL query 11:45:56,579 DEBUG [JdbcTemplate ] Executing prepared SQL statement [select username,password, active from usuario where username=?] 11:45:56,580 DEBUG [DataSourceUtils ] Fetching JDBC Connection from DataSource 11:46:05,237 DEBUG [DefaultListableBeanFactory] Returning cached instance of singleton bean 'org.springframework.security.core.session.SessionRegistryImpl#0' 11:46:05,237 DEBUG [DefaultListableBeanFactory] Returning cached instance of singleton bean 'stereotypedBeansRegistrar' 11:46:05,237 DEBUG [UsernamePasswordAuthenticationFilter] Authentication request failed: org.springframework.security.authentication.AuthenticationServiceException: Could not get JDBC Connection; nested exception is java.sql.SQLException: com.mchange.v2.c3p0.ComboPooledDataSource [ java.beans.IntrospectionException: java.lang.reflect.InvocationTargetException [numThreadsAwaitingCheckoutDefaultUser] ] has been closed() -- you can no longer use it. 11:46:05,237 DEBUG [UsernamePasswordAuthenticationFilter] Updated SecurityContextHolder to contain null Authentication 11:46:05,237 DEBUG [UsernamePasswordAuthenticationFilter] Delegating to authentication failure handlerbr.com.academico.security.LoginFailureHandler@18dafec

applicationContext-security:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
	xmlns:beans="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
	xmlns:context="http://www.springframework.org/schema/context"
	xsi:schemaLocation="http://www.springframework.org/schema/beans 
						http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
						http://www.springframework.org/schema/context 
						http://www.springframework.org/schema/context/spring-context-3.1.xsd
						http://www.springframework.org/schema/tx 
						http://www.springframework.org/schema/tx/spring-tx-3.1.xsd 
						http://www.springframework.org/schema/security 
						http://www.springframework.org/schema/security/spring-security-3.1.xsd">		

	<http auto-config="true" use-expressions="true">
		<intercept-url pattern="/*"					access="permitAll()" />
		<intercept-url pattern="/login*"			access="permitAll()" />
		<intercept-url pattern="/css/**"			access="permitAll()" />
		<intercept-url pattern="/images/**"			access="permitAll()" />
		<intercept-url pattern="/javascript/**"		access="permitAll()" />
		<intercept-url pattern="/js/*"				access="permitAll()" />
		<intercept-url pattern="/logout"			access="permitAll()" />
		<intercept-url pattern="/diretor/**"		access="hasRole('ROLE_DIRETOR')" />
		<intercept-url pattern="/aluno/**"			access="hasRole('ROLE_ALUNO')" />
		<intercept-url pattern="/professor/**"		access="hasRole('ROLE_PROFESSOR')" />

		<form-login login-page="/" 
			login-processing-url="/j_login" 
			default-target-url="/" 
			authentication-success-handler-ref="loginSuccessHandler"
			authentication-failure-handler-ref="loginFailureHandler"/>

		<logout invalidate-session="true" 
			logout-success-url="/"
			logout-url="/logout" />

		<session-management session-fixation-protection="newSession">
			<concurrency-control max-sessions="1" error-if-maximum-exceeded="false" />
		</session-management>
	</http>
	
	<authentication-manager>
		<authentication-provider>
			<password-encoder hash="md5" />
			<jdbc-user-service data-source-ref="dataSource"
 			
		   users-by-username-query="
		      select username,password, active 
		      from usuario where username=?" 
 
		   authorities-by-username-query="
		      select u.username, ur.role as authority 
		      fselect u.username, r.role as authority 
		      from usuario u, userroles ur, role r 
		      where 
		      u.id = ur.usuario
		      and r.id = ur.role
		      and u.username =?  " 
 
			/>
		</authentication-provider>
	</authentication-manager>

	<beans:bean id="loginSuccessHandler" class="br.com.academico.security.LoginSuccessHandler" />
	<beans:bean id="loginFailureHandler" class="br.com.academico.security.LoginFailureHandler" />
</beans:beans>

e o meu applicationContext-persistence:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:context="http://www.springframework.org/schema/context"
	xmlns:aop="http://www.springframework.org/schema/aop"
	xmlns:tx="http://www.springframework.org/schema/tx"
	xsi:schemaLocation="http://www.springframework.org/schema/beans 
						http://www.springframework.org/schema/beans/spring-beans-3.1.xsd 
						http://www.springframework.org/schema/context 
						http://www.springframework.org/schema/context/spring-context-3.1.xsd 
						http://www.springframework.org/schema/tx 
						http://www.springframework.org/schema/tx/spring-tx-3.1.xsd 
						http://www.springframework.org/schema/aop 
						http://www.springframework.org/schema/aop/spring-aop-3.1.xsd">

	<!-- ********************************************* -->
	<!-- Configuração do DataSource -->
	<!-- ********************************************* -->

	<!-- Replaces ${...} placeholders with values from a properties file -->
	<!-- (in this case, JDBC-related settings for th edataSource definition below) -->
	<context:property-placeholder location="classpath:jdbc.properties"/>

    <bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource" destroy-method="close">
		<property name="driverClass" value="${jdbc.driverClassName}" />
		<property name="jdbcUrl" value="${jdbc.url}" />
    	<property name="user" value="${jdbc.username}" />
		<property name="password" value="${jdbc.password}" />
		<property name="initialPoolSize" value="3" />
		<property name="minPoolSize" value="6" />
		<property name="maxPoolSize" value="20" />
		<property name="acquireIncrement" value="3" />
		<property name="maxIdleTime" value="100"></property>
	</bean>
    
	<bean id="entityManagerFactory"
		class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
		<property name="dataSource" ref="dataSource"/>
		<property name="jpaVendorAdapter">
			<bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">
				<property name="showSql" value="true" />
				<property name="databasePlatform" value="${hibernate.databasePlatform}" />
			</bean>
		</property>
		<property name="jpaProperties">
			<props>
				<prop key="hibernate.format_sql">true</prop>				
				<prop key="hibernate.connection.useUnicode">true</prop>
				<prop key="hibernate.connection.characterEncoding">UTF-8</prop>
				<prop key="hibernate.connection.charSet">UTF-8</prop>
<!-- 				<prop key="hibernate.default_schema">academico</prop> -->
				<prop key="hibernate.hbm2ddl.auto">update</prop> <!-- create | create-drop | validate | update -->
				<prop key="hibernate.ejb.naming_strategy">org.hibernate.cfg.ImprovedNamingStrategy</prop>
			</props>
		</property>
	</bean>

	<bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager">
		<property name="entityManagerFactory" ref="entityManagerFactory"/>
	</bean>

	<!-- Exception translation bean post processor -->
	<bean class="org.springframework.dao.annotation.PersistenceExceptionTranslationPostProcessor"/>

</beans>
#2

Felipe,

Na query do users-by-username-query arrume seu select colocando um álias enable na coluna active ficando:

"select username,password, active as ENABLE from usuario where username=?"

e sua query do authorities-by-username-query está errada, verifique onde você passa as colunas SELECT … pois tem colunas repeditas além de ter um fselect no meio.

#3

cara…

consegui resolver o problema…

mas de uma maneira bem tosca…

tive q criar outro dataSource…

veja como ficou:

<beans:bean id="myDataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
		<beans:property name="driverClassName" value="${jdbc.driverClassName}"></beans:property>
		<beans:property name="url" value="${jdbc.url}"></beans:property>
    	<beans:property name="username" value="${jdbc.username}"></beans:property>
		<beans:property name="password" value="${jdbc.password}"></beans:property>
	</beans:bean>

applicationContext-security:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
	xmlns:beans="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
	xmlns:context="http://www.springframework.org/schema/context"
	xsi:schemaLocation="http://www.springframework.org/schema/beans 
						http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
						http://www.springframework.org/schema/context 
						http://www.springframework.org/schema/context/spring-context-3.1.xsd
						http://www.springframework.org/schema/tx 
						http://www.springframework.org/schema/tx/spring-tx-3.1.xsd 
						http://www.springframework.org/schema/security 
						http://www.springframework.org/schema/security/spring-security-3.1.xsd">		

	<http auto-config="true" use-expressions="true">
		<intercept-url pattern="/*"					access="permitAll()" />
		<intercept-url pattern="/login*"			access="permitAll()" />
		<intercept-url pattern="/css/**"			access="permitAll()" />
		<intercept-url pattern="/images/**"			access="permitAll()" />
		<intercept-url pattern="/javascript/**"		access="permitAll()" />
		<intercept-url pattern="/js/*"				access="permitAll()" />
		<intercept-url pattern="/logout"			access="permitAll()" />
		<intercept-url pattern="/diretor/**"		access="hasRole('ROLE_DIRETOR')" />
		<intercept-url pattern="/aluno/**"			access="hasRole('ROLE_ALUNO')" />
		<intercept-url pattern="/professor/**"		access="hasRole('ROLE_PROFESSOR')" />

		<form-login login-page="/" 
			login-processing-url="/j_login" 
			default-target-url="/" 
			authentication-success-handler-ref="loginSuccessHandler"
			authentication-failure-handler-ref="loginFailureHandler"/>

		<logout invalidate-session="true" 
			logout-success-url="/"
			logout-url="/logout" />

		<session-management session-fixation-protection="newSession">
			<concurrency-control max-sessions="1" error-if-maximum-exceeded="false" />
		</session-management>
	</http>
	
	<context:property-placeholder location="classpath:jdbc.properties"/>
	
	<beans:bean id="myDataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
		<beans:property name="driverClassName" value="${jdbc.driverClassName}"></beans:property>
		<beans:property name="url" value="${jdbc.url}"></beans:property>
    	<beans:property name="username" value="${jdbc.username}"></beans:property>
		<beans:property name="password" value="${jdbc.password}"></beans:property>
	</beans:bean>
	
	<authentication-manager>
		<authentication-provider>
			<password-encoder hash="md5" />
			<jdbc-user-service data-source-ref="myDataSource"
 			
		   users-by-username-query="select username,password, active from usuario where username=?" 
 
		   authorities-by-username-query="
		      select u.username, r.role as authority 
		      from usuario u, userroles ur, role r 
		      where 
		      u.id = ur.usuario
		      and r.id = ur.role
		      and u.username =?  " 
 
			/>
		</authentication-provider>
	</authentication-manager>

	<beans:bean id="loginSuccessHandler" class="br.com.academico.security.LoginSuccessHandler" />
	<beans:bean id="loginFailureHandler" class="br.com.academico.security.LoginFailureHandler" />
</beans:beans>

tem outro jeito de resolver isso?

#4