Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1779
  • Last Modified:

Spring Security Log Out

ello,

When I configure Spring Security 3 to log out the user I get a huge error from the ThreadPoolExecutor

Exception in thread ""http-bio-8080"-exec-7" java.lang.StackOverflowError
at com.dc.api.model.Users.getUsername(Users.java:200)

The Users.java:200 error maps to my org.springframework.security.core.userdetails.User Details implementation method

public String getUsername() {
        return this.getUsername();
    }

log out link:

 
  <a href="${facesContext.externalContext.requestContextPath}/j_spring_security_logout.html">log out</a>

Open in new window



spring security config:
   
     <logout invalidate-session="true" 
		      logout-success-url="/" 
		      logout-url="/j_spring_security_logout.html"/>

Open in new window

                                
web.xml:
<filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>*.html</url-pattern>
        <dispatcher>FORWARD</dispatcher>
        <dispatcher>REQUEST</dispatcher>
    </filter-mapping>
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>*.xhtml</url-pattern>
        <dispatcher>FORWARD</dispatcher>
        <dispatcher>REQUEST</dispatcher>
    </filter-mapping>

Open in new window


security context file:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans
    xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:util="http://www.springframework.org/schema/util"
    xmlns:context="http://www.springframework.org/schema/context"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
    http://www.springframework.org/schema/util
    http://www.springframework.org/schema/util/spring-util-3.0.xsd
    http://www.springframework.org/schema/security
    http://www.springframework.org/schema/security/spring-security-3.1.xsd
    http://www.springframework.org/schema/context
    http://www.springframework.org/schema/context/spring-context-3.0.xsd">
    <context:annotation-config />
    <context:component-scan base-package="dc" />
    <global-method-security />
    <http security="none" pattern="/javax.faces.resource/**" />
    <http security="none" pattern="/services/rest-api/1.0/**" />
    <http security="none" pattern="/preregistered/*" />
 	<http access-denied-page="/auth/denied.html">
        <intercept-url
            pattern="/**/*.xhtml"
            access="ROLE_NONE_GETS_ACCESS" />
        <intercept-url
            pattern="/auth/**"
            access="ROLE_ANONYMOUS,ROLE_USER" />
         <intercept-url
            pattern="/auth/*"
            access="ROLE_ANONYMOUS" />
         <intercept-url
            pattern="/registered/*"
            access="ROLE_USER" />
          <intercept-url
            pattern="/*"
           access="ROLE_ANONYMOUS" />
        <form-login
            login-processing-url="/j_spring_security_check.html"
            login-page="/auth/login.html"
            default-target-url="/registered/home.html"
            authentication-failure-url="/auth/login.html" />
         <logout invalidate-session="true" 
		      logout-success-url="/" 
		      logout-url="/j_spring_security_logout.html"/>
        <anonymous username="guest" granted-authority="ROLE_ANONYMOUS"/>
        <remember-me user-service-ref="userManager" key="key value"/>
 	</http>
 	<!-- Configure the authentication provider -->
	<authentication-manager>
		<authentication-provider user-service-ref="userManager">
		        <password-encoder ref="passwordEncoder" />
		</authentication-provider>
    </authentication-manager>
</beans:beans>

Open in new window

0
cgray1223
Asked:
cgray1223
1 Solution
 
objectsCommented:
public String getUsername() {
        return this.getUsername();
    }

that method is calling itself
should be more like


public String getUsername() {
        return this.username;
    }
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now