reset password
Author Message
nahmed5
Posts: 57
Posted 00:18 Mar 03, 2015 |

I'm getting an error when getting the 'user' from SecurityUtils- java.lang.ClassCastException: org.springframework.security.core.userdetails.User cannot be cast to gefp.model.User. My User model is implementing the UserDetails interface. I compared with both the SecurityUtils and User classes with those in csns2 and couldn't find out what could be causing the cast error.

nahmed5
Posts: 57
Posted 01:53 Mar 03, 2015 |

Here's a screenshot of the error. Please help! I'm stuck!

Attachments:
cysun
Posts: 2935
Posted 13:27 Mar 03, 2015 |

You also need to implement your own UserDetailsService and use it to replace <jdbc-user-service>. Check out the lecture notes for more details. And BTW, you may want to download the lecture notes PPT file again as I made some changes to make the Spring authentication part more clear.

nahmed5
Posts: 57
Posted 14:41 Mar 03, 2015 |

I have implemented my own userServiceDetail however I downloaded and printed your old lecture note and followed it so far. I'll try to solve following the new one now. Thanks for the tip.

lmann2
Posts: 156
Posted 18:48 Mar 03, 2015 |

I've re-read your new notes and reviewed your lecture, but some details are a little unclear to me still.

UserDetailsServiceImpl implements UserDetailsService interface

For what I gather this class just checks if the username exists in our database (is that all we are required to impl?).

And here:

<authentication-provider user-service-ref=“userService” /> in applicationContext.xml 

What is the purpose of the UserService class in CSNS? 

If we follow these three steps is this all we need to do to access the user object like we would if we had added the user object to the session scope?

Last edited by lmann2 at 18:54 Mar 03, 2015.
cysun
Posts: 2935
Posted 19:52 Mar 03, 2015 |
lmann2 wrote:

I've re-read your new notes and reviewed your lecture, but some details are a little unclear to me still.

UserDetailsServiceImpl implements UserDetailsService interface

For what I gather this class just checks if the username exists in our database (is that all we are required to impl?).

And here:

<authentication-provider user-service-ref=“userService” /> in applicationContext.xml 

What is the purpose of the UserService class in CSNS? 

If we follow these three steps is this all we need to do to access the user object like we would if we had added the user object to the session scope?

UserDetailsServiceImpl implements the loadUserByUsername() method which returns a User object, i.e. the "principal".

And yes, just do the three things.

lmann2
Posts: 156
Posted 20:36 Mar 03, 2015 |

When I implement :

<security:authentication-manager>
      <security:authentication-provider user-service-ref="userService">
        </security:authentication-provider>
    </security:authentication-manager>

It causes a 404 error when I try to load the server to the specified welcome page (that's not yet included in intercept-url).  If I remove this code and replace it with jdbc call it works fine.

I also incorporated a custom login page and removed the controllers for login/logout.  I added login-page, default-target-url and authentication-failure-url to form login and logout-success-url to the logout xml (let's assume I set up all these correctly), but when I run the application I get a 404 for login.html (normally I would assume this is the controller, but spring security should be doing that for me, correct?) and any of the application pages that I try to enter.

 

nahmed5
Posts: 57
Posted 16:05 Mar 04, 2015 |

I have done all these yet my program isn't running. When I run my program, it shows my index page and then when I login, I just return to my login page i.e. I am not logging in. What should I do? It doesn't show me any specific error. I'm stuck! I can't even proceed to the next problems of the assignments.