Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,296,484
Community Members
 
Community Events
165
Community Groups

Crowd Integration Spring securityhoy

Hey,

I am trying to integrate Crowd with Spring Security (Spring Boot 1.4).

Everything works ok, i put the filter and it is hitting success methods. I can debug the authorities and everything looks correct. But...

After filter chains completes the authentication is lost and the token cookie is never set. In the log i inspect the xml and the tokes is returned but never set to the CrowdAuthenticator.

 

 

2018-11-15 13:44:34.919 DEBUG 16988 --- [nio-8080-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/css/materialize.min.css'; against '/login/**'
2018-11-15 13:44:34.919 DEBUG 16988 --- [nio-8080-exec-2] c.a.c.i.h.util.CrowdHttpTokenHelperImpl : No request attribute token could be found, now checking the browser submitted cookies.
2018-11-15 13:44:34.919 DEBUG 16988 --- [nio-8080-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/css/materialize.min.css'; against '/css/*'
2018-11-15 13:44:34.919 DEBUG 16988 --- [nio-8080-exec-2] c.a.c.i.h.util.CrowdHttpTokenHelperImpl : Cookie name/value: JSESSIONID / BE93C792AF1B7F93D99C7EA0962140FF
2018-11-15 13:44:34.919 DEBUG 16988 --- [nio-8080-exec-2] c.a.c.i.h.util.CrowdHttpTokenHelperImpl : Unable to find a valid Crowd token.
2018-11-15 13:44:34.919 DEBUG 16988 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /js/materialize.min.js at position 7 of 13 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
2018-11-15 13:44:34.919 DEBUG 16988 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /js/materialize.min.js at position 8 of 13 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-2] o.s.s.w.s.DefaultSavedRequest : pathInfo: both null (property equals)
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-1] o.s.s.w.a.i.FilterSecurityInterceptor : Secure object: FilterInvocation: URL: /css/materialize.min.css; Attributes: [permitAll]
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-2] o.s.s.w.s.DefaultSavedRequest : queryString: both null (property equals)
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-1] o.s.s.w.a.i.FilterSecurityInterceptor : Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@6faa3d44: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@ffff4c9c: RemoteIpAddress: 10.40.50.54; SessionId: BE93C792AF1B7F93D99C7EA0962140FF; Granted Authorities: ROLE_ANONYMOUS
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-2] o.s.s.w.s.DefaultSavedRequest : requestURI: arg1=/home; arg2=/js/materialize.min.js (property not equals)
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-2] o.s.s.w.s.HttpSessionRequestCache : saved request doesn't match
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-1] o.s.s.access.vote.AffirmativeBased : Voter: org.springframework.security.web.access.expression.WebExpressionVoter@3c7a1444, returned: 1
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-1] o.s.s.w.a.i.FilterSecurityInterceptor : Authorization successful
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-1] o.s.s.w.a.i.FilterSecurityInterceptor : RunAsManager did not change Authentication object
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : /css/materialize.min.css reached end of additional filter chain; proceeding with original chain
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/css/materialize.min.css'; against '/j_security_check'
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-1] c.a.c.i.h.util.CrowdHttpTokenHelperImpl : Checking for a SSO token that will need to be verified by Crowd.
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /js/materialize.min.js at position 9 of 13 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-1] c.a.c.i.h.util.CrowdHttpTokenHelperImpl : No request attribute token could be found, now checking the browser submitted cookies.
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /js/materialize.min.js at position 10 of 13 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-1] c.a.c.i.h.util.CrowdHttpTokenHelperImpl : Cookie name/value: JSESSIONID / BE93C792AF1B7F93D99C7EA0962140FF
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-2] o.s.s.w.a.AnonymousAuthenticationFilter : Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@6faa3d44: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@ffff4c9c: RemoteIpAddress: 10.40.50.54; SessionId: BE93C792AF1B7F93D99C7EA0962140FF; Granted Authorities: ROLE_ANONYMOUS'
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /js/materialize.min.js at position 11 of 13 in additional filter chain; firing Filter: 'SessionManagementFilter'
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /js/materialize.min.js at position 12 of 13 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-1] c.a.c.i.h.util.CrowdHttpTokenHelperImpl : Unable to find a valid Crowd token.
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /js/materialize.min.js at position 13 of 13 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/css/materialize.min.css'; against '/j_security_check'
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/js/materialize.min.js'; against '/'
2018-11-15 13:44:34.920 DEBUG 16988 --- [nio-8080-exec-1] c.a.c.i.h.util.CrowdHttpTokenHelperImpl : Checking for a SSO token that will need to be verified by Crowd.

0 answers

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Jira Service Management

Jira Service Management Documentation Opportunities

Hello everyone, Hope everyone is safe! A few months ago we posted an article sharing all the new articles and documentation that we, the AMER Jira Service Management team created. As mentioned ...

320 views 0 10
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you