I have an application that use Spring-Security framework with Jboss Server. Everything works fine. I can get account locked, bad credentials messages based on the authentication.
Now, I'm trying to move to configure the same thing with Tomcat. But, I don't get account locked, bad credentials messages. I just get "Unauthorized" for every wrong authentication. Can some body point me to What I am missing ? Here is the securitycontext.xml
file content:
<bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
<property name="authenticationEntryPoint" ref="basicAuthenticationEntryPoint"/>
</bean>
<bean id="filterInvocationInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="accessDecisionManager">
</property>
</bean>
<bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
<property name="providers">
<list>
<ref local="jaasAuthenticationProvider"/>
<ref local="casAuthenticationProvider"/>
开发者_JAVA百科 </list>
</property>
</bean>
精彩评论