Spring Security + Hibernate - Não pesquisa no Banco

Front-end
#1

Boa tarde galera…

tou passando por um problema bem estranho.

estou configurando o meu projeto com spring security…

só q quando eu peço para ele fazer Login, ele não consegue pesquisar no banco, não consegue registrar a EntityManager…

fica parado nesta linha no Console

14:07:04,217 DEBUG [EntityManagerFactoryUtils] Registering transaction synchronization for JPA EntityManager

não sei mais o q fazer…

depois ele não consegue pesquisar e me retorna isso no console

14:07:11,769 DEBUG [EntityManagerFactoryUtils] Closing JPA EntityManager
14:07:11,770 DEBUG [JpaTransactionManager] Initiating transaction rollback
14:07:11,770 DEBUG [JpaTransactionManager] Rolling back JPA transaction on EntityManager [org.hibernate.ejb.EntityManagerImpl@8ee5c0]
14:07:11,770 DEBUG [JpaTransactionManager] Closing JPA EntityManager [org.hibernate.ejb.EntityManagerImpl@8ee5c0] after transaction
14:07:11,770 DEBUG [EntityManagerFactoryUtils] Closing JPA EntityManager
14:07:11,771 DEBUG [DefaultListableBeanFactory] Returning cached instance of singleton bean ‘org.springframework.security.core.session.SessionRegistryImpl#0’
14:07:11,771 DEBUG [DefaultListableBeanFactory] Returning cached instance of singleton bean ‘stereotypedBeansRegistrar’
14:07:11,771 DEBUG [UsernamePasswordAuthenticationFilter] Authentication request failed: org.springframework.security.authentication.AuthenticationServiceException: Cannot open connection
14:07:11,771 DEBUG [UsernamePasswordAuthenticationFilter] Updated SecurityContextHolder to contain null Authentication
14:07:11,771 DEBUG [UsernamePasswordAuthenticationFilter] Delegating to authentication failure handlerbr.com.academico.security.LoginFailureHandler@c8c6d9
14:07:11,771 DEBUG [HttpSessionSecurityContextRepository] SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
14:07:11,771 DEBUG [SecurityContextPersistenceFilter] SecurityContextHolder now cleared, as request processing completed
14:07:11,773 DEBUG [FilterChainProxy ] /index.html at position 1 of 11 in additional filter chain; firing Filter: ‘ConcurrentSessionFilter’
14:07:11,773 DEBUG [FilterChainProxy ] /index.html at position 2 of 11 in additional filter chain; firing Filter: ‘SecurityContextPersistenceFilter’
14:07:11,773 DEBUG [HttpSessionSecurityContextRepository] HttpSession returned null object for SPRING_SECURITY_CONTEXT
14:07:11,773 DEBUG [HttpSessionSecurityContextRepository] No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@567117. A new one will be created.
14:07:11,773 DEBUG [FilterChainProxy ] /index.html at position 3 of 11 in additional filter chain; firing Filter: ‘LogoutFilter’
14:07:11,773 DEBUG [FilterChainProxy ] /index.html at position 4 of 11 in additional filter chain; firing Filter: ‘UsernamePasswordAuthenticationFilter’
14:07:11,773 DEBUG [FilterChainProxy ] /index.html at position 5 of 11 in additional filter chain; firing Filter: ‘BasicAuthenticationFilter’
14:07:11,774 DEBUG [FilterChainProxy ] /index.html at position 6 of 11 in additional filter chain; firing Filter: ‘RequestCacheAwareFilter’
14:07:11,774 DEBUG [FilterChainProxy ] /index.html at position 7 of 11 in additional filter chain; firing Filter: ‘SecurityContextHolderAwareRequestFilter’
14:07:11,774 DEBUG [FilterChainProxy ] /index.html at position 8 of 11 in additional filter chain; firing Filter: ‘AnonymousAuthenticationFilter’
14:07:11,774 DEBUG [AnonymousAuthenticationFilter] Populated SecurityContextHolder with anonymous token: ‘org.springframework.security.authentication.AnonymousAuthenticationToken@9056f12c: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@380f4: RemoteIpAddress: 127.0.0.1; SessionId: 93AB56189FEF8AD2211880907918255A; Granted Authorities: ROLE_ANONYMOUS’
14:07:11,774 DEBUG [FilterChainProxy ] /index.html at position 9 of 11 in additional filter chain; firing Filter: ‘SessionManagementFilter’
14:07:11,774 DEBUG [FilterChainProxy ] /index.html at position 10 of 11 in additional filter chain; firing Filter: ‘ExceptionTranslationFilter’
14:07:11,774 DEBUG [FilterChainProxy ] /index.html at position 11 of 11 in additional filter chain; firing Filter: ‘FilterSecurityInterceptor’
14:07:11,774 DEBUG [AntPathRequestMatcher] Checking match of request : ‘/index.html’; against ‘/*’

segue abaixo a minha config…

SpringSecurity

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
	xmlns:beans="http://www.springframework.org/schema/beans"
	xsi:schemaLocation="http://www.springframework.org/schema/beans 
		http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
		http://www.springframework.org/schema/security 
		http://www.springframework.org/schema/security/spring-security-3.1.xsd">

	<http auto-config="true" use-expressions="true" create-session="always" 
		entry-point-ref="webServiceEntryPoint">
		<intercept-url pattern="/*"				access="permitAll()" />
		<intercept-url pattern="/login*"		access="permitAll()" />
		<intercept-url pattern="/css/**"		access="permitAll()" />
		<intercept-url pattern="/images/**"		access="permitAll()" />
		<intercept-url pattern="/javascript/**"	access="permitAll()" />
		<intercept-url pattern="/js/*"			access="permitAll()" />
		<intercept-url pattern="/logout"		access="permitAll()" />
		<intercept-url pattern="/diretor/*"			access="hasAnyRole('Diretor')" />
		<intercept-url pattern="/aluno/*"			access="hasAnyRole('Aluno')" />
		<intercept-url pattern="/professor/*"			access="hasAnyRole('Professor')" />

		<form-login login-page="/" 
			login-processing-url="/j_login" 
			default-target-url="/" 
			authentication-success-handler-ref="loginSuccessHandler"
			authentication-failure-handler-ref="loginFailureHandler"/>

		<logout invalidate-session="true" 
			logout-success-url="/"
			logout-url="/logout" />

		<session-management session-fixation-protection="newSession">
			<concurrency-control max-sessions="1" error-if-maximum-exceeded="false" />
		</session-management>
	</http>

	<authentication-manager>
		<authentication-provider user-service-ref="usuarioService">
<!-- 			<password-encoder hash="md5" /> -->
		</authentication-provider>
	</authentication-manager>

	<beans:bean id="loginSuccessHandler" class="br.com.academico.security.LoginSuccessHandler" />
	<beans:bean id="loginFailureHandler" class="br.com.academico.security.LoginFailureHandler" />
	<beans:bean id="webServiceEntryPoint" class="br.com.academico.security.WebServiceAuthenticationEntryPoint"/>
</beans:beans>

UsuarioService.java

package br.com.academico.controllers;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import org.springframework.transaction.annotation.Transactional;

import br.com.academico.modelo.Usuario;
import br.com.academico.persistencia.UsuarioPersistence;

@Component
@Transactional
public class UsuarioService implements UserDetailsService{

	private UsuarioPersistence service;
	
	@Autowired
	public UsuarioService(UsuarioPersistence service){
		this.service = service;
	}
	
	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
    Usuario user = service.loadUserByUsername(username);
	    
	    if(user == null) {
	      throw new UsernameNotFoundException("Usuario nao existe ou senha incorreta.");
	    }
	    
	    user.setUserRoles(service.loadRoles(user));
	    return user;
        }

UsuarioDao.java


package br.com.academico.service;

import java.util.List;

import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;

import org.hibernate.Session;
import org.hibernate.criterion.Restrictions;
import org.springframework.stereotype.Component;
import org.springframework.transaction.annotation.Transactional;

import br.com.academico.modelo.Aluno;
import br.com.academico.modelo.Professor;
import br.com.academico.modelo.UserRoles;
import br.com.academico.modelo.Usuario;
import br.com.academico.persistencia.UsuarioPersistence;

@Transactional
@Component
public class UsuarioDao implements UsuarioPersistence{

	@PersistenceContext
	private EntityManager entityManager;
	
	private Session sessao(){
		return ((Session)entityManager.getDelegate());
	}
	
	public Usuario loadUserByUsername(String username){
		Usuario usuario = (Usuario)sessao().createCriteria(Usuario.class)
														  .add(Restrictions.eq("username", username))
														  .uniqueResult();
		return usuario;
	}

	@SuppressWarnings("unchecked")
	public List<UserRoles> loadRoles(Usuario user) {
		List<UserRoles> lista = sessao().createCriteria(UserRoles.class).add(Restrictions.eq("usuario.username", user.getUsername())).list(); 
		return lista; 
	}
	
}

Detalhe: se eu pesquisar fora da requisição de login ele pesquisa tudo normal.

#2

Galera… alguma ajudinha ai?

Lucas cavalcanti?
drsmachado?

alguém?

#3

galera dá 1 help aqui

#4

Cara, vc conseguiu fazer isso funcionar, porque o meu spring security só funciona em servidor local quando é acessado de outro pc não funciona

#5

Cara consegui usar… porém não usei a implementação da classe UserDetails…

ficou assim

<beans:bean id="myDataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
		<beans:property name="driverClassName" value="${jdbc.driverClassName}"></beans:property>
		<beans:property name="url" value="${jdbc.url}"></beans:property>
    	<beans:property name="username" value="${jdbc.username}"></beans:property>
		<beans:property name="password" value="${jdbc.password}"></beans:property>
	</beans:bean>
	
	<authentication-manager>
		<authentication-provider>
 			<password-encoder hash="md5" /> 
			<jdbc-user-service data-source-ref="myDataSource"
 			
		   users-by-username-query="select username,password, active from usuario where username=?" 
 
		   authorities-by-username-query="
		      select u.username, r.role as authority 
		      from usuario u, userroles ur, role r 
		      where 
		      u.id = ur.usuario
		      and r.id = ur.role
		      and u.username =?  " 
 
			/>
		</authentication-provider>
	</authentication-manager>

tive que criar outro datasource só pra pesquisa do springsecurity

#6

O meu até consulta no banco de dados, rodando em minha maquina ele funciona perfeitamente mas quando coloco o sistema em um data center o spring diz que não encontrou as autoridades

#7

O IP ta correto ? Ou está local ? Eu implementei spring aqui por aprendizado, mas não testei em rede. Vou fazer isso chegando em casa.

#8

As autoridades estão no banco?

#9

Sim o ip está correto e as autoridades tb estão no banco.
O problema é que abrindo o sistema no mesmo computador que está o servidor ele funciona corretamente mas se eu acessar de outro computador o spring security já não funciona, não encontra as autoridades

#10

[quote=alexafe]Sim o ip está correto e as autoridades tb estão no banco.
O problema é que abrindo o sistema no mesmo computador que está o servidor ele funciona corretamente mas se eu acessar de outro computador o spring security já não funciona, não encontra as autoridades[/quote]

cara… pode mandar os logs q o spring security gera ao tentar logar…

#11 
20:28:42.988 [ajp-bio-58009-exec-17] DEBUG org.hibernate.impl.SessionImpl - opened session at timestamp: 13620941229
20:28:42.988 [ajp-bio-58009-exec-17] DEBUG o.h.transaction.JDBCTransaction - begin
20:28:42.988 [ajp-bio-58009-exec-17] DEBUG org.hibernate.jdbc.ConnectionManager - opening JDBC connection
20:28:42.988 [ajp-bio-58009-exec-17] DEBUG o.h.transaction.JDBCTransaction - current autocommit status: true
20:28:42.988 [ajp-bio-58009-exec-17] DEBUG o.h.transaction.JDBCTransaction - disabling autocommit
20:28:42.989 [ajp-bio-58009-exec-17] DEBUG o.s.security.web.FilterChainProxy - /publico/login.jsf?login_error=1 at position 1 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
20:28:42.989 [ajp-bio-58009-exec-17] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
20:28:42.989 [ajp-bio-58009-exec-17] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@1a9b557. A new one will be created.
20:28:42.989 [ajp-bio-58009-exec-17] DEBUG o.s.security.web.FilterChainProxy - /publico/login.jsf?login_error=1 at position 2 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
20:28:42.989 [ajp-bio-58009-exec-17] DEBUG o.s.security.web.FilterChainProxy - /publico/login.jsf?login_error=1 at position 3 of 11 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
20:28:42.989 [ajp-bio-58009-exec-17] DEBUG o.s.security.web.FilterChainProxy - /publico/login.jsf?login_error=1 at position 4 of 11 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
20:28:42.989 [ajp-bio-58009-exec-17] DEBUG o.s.security.web.FilterChainProxy - /publico/login.jsf?login_error=1 at position 5 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
20:28:42.989 [ajp-bio-58009-exec-17] DEBUG o.s.security.web.FilterChainProxy - /publico/login.jsf?login_error=1 at position 6 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
20:28:42.989 [ajp-bio-58009-exec-17] DEBUG o.s.security.web.FilterChainProxy - /publico/login.jsf?login_error=1 at position 7 of 11 in additional filter chain; firing Filter: 'RememberMeAuthenticationFilter'
20:28:42.990 [ajp-bio-58009-exec-17] DEBUG o.s.security.web.FilterChainProxy - /publico/login.jsf?login_error=1 at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
20:28:42.990 [ajp-bio-58009-exec-17] DEBUG o.s.s.w.a.AnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@90550640: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@7798: RemoteIpAddress: 189.114.163.248; SessionId: B5B3B2DCFBE2BBAF1D14E16C60C9350A; Granted Authorities: ROLE_ANONYMOUS'
20:28:42.990 [ajp-bio-58009-exec-17] DEBUG o.s.security.web.FilterChainProxy - /publico/login.jsf?login_error=1 at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
20:28:42.990 [ajp-bio-58009-exec-17] DEBUG o.s.security.web.FilterChainProxy - /publico/login.jsf?login_error=1 at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
20:28:42.990 [ajp-bio-58009-exec-17] DEBUG o.s.security.web.FilterChainProxy - /publico/login.jsf?login_error=1 at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
20:28:42.990 [ajp-bio-58009-exec-17] DEBUG o.s.s.web.util.AntPathRequestMatcher - Checking match of request : '/publico/login.jsf'; against '/admin/**'
20:28:42.990 [ajp-bio-58009-exec-17] DEBUG o.s.s.web.util.AntPathRequestMatcher - Checking match of request : '/publico/login.jsf'; against '/pagereport/relatoriousuario.jsf'
20:28:42.990 [ajp-bio-58009-exec-17] DEBUG o.s.s.web.util.AntPathRequestMatcher - Checking match of request : '/publico/login.jsf'; against '/consultas/**'
20:28:42.990 [ajp-bio-58009-exec-17] DEBUG o.s.s.web.util.AntPathRequestMatcher - Checking match of request : '/publico/login.jsf'; against '/error/**'
20:28:42.991 [ajp-bio-58009-exec-17] DEBUG o.s.s.web.util.AntPathRequestMatcher - Checking match of request : '/publico/login.jsf'; against '/menuinicial/**'
20:28:42.991 [ajp-bio-58009-exec-17] DEBUG o.s.s.web.util.AntPathRequestMatcher - Checking match of request : '/publico/login.jsf'; against '/pagereport/**'
20:28:42.991 [ajp-bio-58009-exec-17] DEBUG o.s.s.web.util.AntPathRequestMatcher - Checking match of request : '/publico/login.jsf'; against '/relatorios/**'
20:28:42.991 [ajp-bio-58009-exec-17] DEBUG o.s.s.web.util.AntPathRequestMatcher - Checking match of request : '/publico/login.jsf'; against '/resources/**'
20:28:42.991 [ajp-bio-58009-exec-17] DEBUG o.s.s.web.util.AntPathRequestMatcher - Checking match of request : '/publico/login.jsf'; against '/restrito/**'
20:28:42.991 [ajp-bio-58009-exec-17] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Public object - authentication not attempted
20:28:42.991 [ajp-bio-58009-exec-17] DEBUG o.s.security.web.FilterChainProxy - /publico/login.jsf?login_error=1 reached end of additional filter chain; proceeding with original chain
20:28:43.014 [ajp-bio-58009-exec-17] DEBUG o.s.s.w.a.ExceptionTranslationFilter - Chain processed normally
20:28:43.014 [ajp-bio-58009-exec-17] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
20:28:43.014 [ajp-bio-58009-exec-17] DEBUG o.s.s.w.c.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
20:28:43.014 [ajp-bio-58009-exec-17] DEBUG o.h.transaction.JDBCTransaction - commit
20:28:43.014 [ajp-bio-58009-exec-17] DEBUG o.h.transaction.JDBCTransaction - re-enabling autocommit
20:28:43.014 [ajp-bio-58009-exec-17] DEBUG o.h.transaction.JDBCTransaction - committed JDBC Connection
20:28:43.015 [ajp-bio-58009-exec-17] DEBUG org.hibernate.jdbc.ConnectionManager - aggressively releasing JDBC connection
20:28:43.015 [ajp-bio-58009-exec-17] DEBUG org.hibernate.jdbc.ConnectionManager - releasing JDBC connection [ (open PreparedStatements: 0, globally: 0) (open ResultSets: 0, globally: 0)]
20:28:43.015 [ajp-bio-58009-exec-17] DEBUG org.hibernate.impl.SessionImpl - opened session at timestamp: 13620941230
20:28:43.015 [ajp-bio-58009-exec-17] INFO  b.c.p.filter.FilterOpenSessionInView - Opera??o realizada com sucesso.
20:28:43.015 [ajp-bio-58009-exec-17] DEBUG org.hibernate.impl.SessionImpl - opened session at timestamp: 13620941230
#12

Resolvido galera

#13