8

I want to use two different Spring web contexts, each have own contextConfig, spring servlet and filter, that should be mapped to different urls. I have a

  1. Standard Grails project, mapped to '/'
  2. And an existing Spring webapp, that I want to map to /extra/

I know that I can deploy both into one Tomcat, but I'm looking for a way of making one app (one war, etc), because It can simplify our deployment and development process.

This applications don't need to share beans or anything, should be completely separate. Both have DispatcherServlet and DispatcherFilter (and both are using Spring Security, but different configuration)

How I can configure web.xml for such webapp?

I've tried to add new filter:

<filter>
    <filter-name>extraSpringSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    <init-param>
        <param-name>contextAttribute</param-name>
        <param-value>org.springframework.web.servlet.FrameworkServlet.CONTEXT.extraSpring</param-value>
    </init-param>
    <init-param>
        <param-name>targetBeanName</param-name>
        <param-value>extraSecurityFilterBean</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>extraSpringSecurityFilterChain</filter-name>
    <url-pattern>/extra/*</url-pattern>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>REQUEST</dispatcher>
</filter-mapping>

and spring dispatcher servlet:

<servlet>
    <servlet-name>extraSpring</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
    <init-param>
        <param-name>springConfigLocation</param-name>
        <param-value>classpath:extra-spring-web.xml</param-value>
    </init-param>
</servlet>

Where:

  • two context xml in classpath (inside exra library jar):
    • extra-spring-web.xml
    • extra-spring-security.xml (!!! how I should configure it?)
  • extra-spring-security.xml
    • is pretty standard Spring Security config
    • have configured bean extraSecurityFilterBean
    • have dependecy to beans from -web context (but it's not required to be)

It's semi-working now:

  • as I see from logs, extraSpring servlet successfully load beans from extra-spring-web.xml
  • but after accessing url /extra/ I got NoSuchBeanDefinitionException: No bean named 'extraSecurityFilterBean' is defined.

So, the question, how I can define context for DelegatingFilterProxy? I even tried to add this files into main context (contextConfigLocation param), it's not what i'm looking for, but it didn't work.

I've taken a look into DelegatingFilterProxy sources, but it's not clear for me how it loads the context.

Igor Artamonov
  • 35,450
  • 10
  • 82
  • 113
  • I don't think you have to edit the grails web.xml. You can obtain the thing you want playing with tomcat and apache. Deploy the two separate applications in tomcat '/app1' and '/app2'. In apache map all request to '/**' => '/app1/**' except for those with extra '/extra/**' => '/app2/**' – Fabiano Taioli Jun 25 '12 at 14:29
  • Yes, I know, thanks. But i'm sure that there should be a way to use only one web.xml / put both into one WAR – Igor Artamonov Jun 25 '12 at 15:42
  • How are you loading `extra-spring-security.xml`? You haven't named it in your web.xml snippet, is it an `` in `extra-spring-web.xml`? – Ian Roberts Jun 25 '12 at 17:34
  • @IanRoberts yes, it's the problem, I don't know how I can load `extra-spring-security.xml`. It should be used by `SpringSecurityFilterChain`, but i can't understand how I can configure context path for it – Igor Artamonov Jun 26 '12 at 18:11
  • I mean, t tried different options, but didn't find any working – Igor Artamonov Jun 26 '12 at 18:11
  • hm, seems that there was another problem, GRAILS-7203 and I was using an old version of extra jar – Igor Artamonov Jun 26 '12 at 18:41
  • Just add it to the DispatcherServlet's contextConfigLocation init-param value, along with the extra-spring-web.xml that's already there. You can put more than one location in that parameter, separated by whitespace. – Ian Roberts Jun 26 '12 at 23:09
  • @IgorArtamonov Were you able to solve your issue? I'm having a similar problem (stackoverflow.com/q/23017839/827480) where I am trying to configure Spring Security for my MVC context independently of the rest of the application and am unable to get Spring Security to ignore the root context security when dealing with the mvc context. How did you manage to get the Grails security context not to map over to the "/extra/" context? – Eric B. Apr 11 '14 at 20:21
  • @EricB. tried, but it was complicated, hard to use, etc. Rewritten app instead – Igor Artamonov Apr 12 '14 at 03:55

3 Answers3

3

As per my comment on the question, if the security filter chain is defined in extra-spring-security.xml then you need to ensure that that file is loaded by your extra DispatcherServlet in addition to extra-spring-web.xml either by <import>ing the -security file from the -web one or configuring it as:

<servlet>
    <servlet-name>extraSpring</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
    <init-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>
          classpath:extra-spring-web.xml
          classpath:extra-spring-security.xml
        </param-value>
    </init-param>
</servlet>

You will also need to ensure that the security filter in the Grails application doesn't apply to /extra URIs, exactly how you do this depends on whether you're using annotations, database RequestMap entries etc.

Ian Roberts
  • 120,891
  • 16
  • 170
  • 183
  • Ian, thanks! You're right, it's working, don't know why i dind't try this way. I'm still having problems with grails filters that also trying to process `/extra` url, but it's another question – Igor Artamonov Jul 03 '12 at 04:18
  • @IanRoberts I am running into a similar issue (http://stackoverflow.com/q/23017839/827480). Can you provide additional information/references to to prevent the security filter in Grails from applying to the `/extra` URL? That may be the link I am missing. – Eric B. Apr 11 '14 at 17:54
1

If the modules are completely separate: the easiest way is to package them as two different webapp. Tens of different spring-based apps can run in one appserver -even on a modest developer machine- without issues.

Gergely Szilagyi
  • 3,813
  • 1
  • 14
  • 12
  • I know, thanks. But i'm looking for a way how I can merge them into one. think about it as I have to deploy into some PaaS hosting, and I can deploy only as one app – Igor Artamonov Jul 03 '12 at 04:15
0

A few questions

  • What does your Spring Security configuration look like?
  • I'm confused why the error states "No bean named 'apiservSecurityFilterChain' is defined" but the web.xml you have posted only references extraSpringSecurityFilterChain (the bean names should match or some important configuration is being left out).

Possible Answer

I'm guessing the problem is that the filter-name needs to match Spring Security's bean name (cannot know for sure without seeing the Spring Security configuration you are using). The default value used by the Spring Security namespace is springSecurityFilterChain, so try the following in the web.xml instead (notice extraSpringSecurityFilterChain changed to springSecurityFilterChain):

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    <init-param>
        <param-name>contextAttribute</param-name>
        <param-value>org.springframework.web.servlet.FrameworkServlet.CONTEXT.extraSpring</param-value>
    </init-param>
    <init-param>
        <param-name>targetBeanName</param-name>
        <param-value>extraSecurityFilterBean</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/extra/*</url-pattern>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>REQUEST</dispatcher>
</filter-mapping>
Rob Winch
  • 21,440
  • 2
  • 59
  • 76
  • Thanks! Yes, it was "No bean named 'extraSecurityFilterBean'", I was mentioned it incorrectly, sorry. This is a default springSecurityFilterChanin bean, named as extraSecurityFilterBean (to make difference between standard filter chain from grails). – Igor Artamonov Jun 27 '12 at 06:40
  • 1
    And I can't use filter named as 'springSecurityFilterChain' because it's already used by another spring security filter chain (from grails) – Igor Artamonov Jun 27 '12 at 06:43