Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

beans.NotReadablePropertyException in spring security

Tags:

spring-security

I am very new to spring security . I picked up this book and trying to execute the code .

While I do this I am getting 

org.springframework.beans.NotReadablePropertyException: Invalid property
'principal.username' of bean class 
[org.springframework.security.authentication.AnonymousAuthenticationToken]: 
Bean property 'principal.username' is not readable or has an invalid getter 
method: 
Does the return type of the getter match the parameter type of the setter?

My spring-security xml config :

<http auto-config="true" use-expressions="true">
    <intercept-url pattern="/login.do" access="permitAll"/>
    <intercept-url pattern="/*" access="hasRole('ROLE_USER')"/>
    <form-login login-page="/login.do"/>
</http>


<authentication-manager alias="authenticationManager">

    <authentication-provider>
        <user-service id="userService">
            <user authorities="ROLE_USER" name="guest" password="guest"/>
        </user-service>
    </authentication-provider>
    <!-- Ch 3 Change Password Service -->
    <!-- 
    <authentication-provider user-service-ref="userService"/>
     -->
</authentication-manager>

Am I missing something ?

Let me know if you need any additional information.

like image 359
Vinoth Kumar C M Avatar asked Mar 16 '11 06:03

Vinoth Kumar C M

2 Answers

What the error message seems to be indicating is that something is trying to access a non-existent property on an AnonymousAuthenticationToken ; i.e. the authentication token that spring security uses when the session is not logged in.

I suspect that the problem is actually occurring either in your servlet code, or in a JSP that is trying to access the name of the current user via a spring security tag.

The complete stacktrace for the error might give us more clues. At least it should tell us where the exception is coming from.

(For what it is worth, an AnonymousAuthenticationToken does have a principal property, but that property is not normally an object that has a username property. Indeed, it is often just a String.)

like image 192
Stephen C Avatar answered Oct 20 '22 15:10

Stephen C

I am reading/following the "Spring Security 3" book. Just add the following lines to the header.jsp The problem is that principal.username does not exists if you are not logged in.

<div class="username">
    Welcome, 
    <sec:authorize access="isAuthenticated()">  
        <strong><sec:authentication property="principal.username"/></strong>
    </sec:authorize>
</div>
like image 39
betoborda Avatar answered Oct 20 '22 15:10

betoborda
Sign in to Comment

Related questions

Why use the j_username and SPRING_SECURITY_LAST_USERNAME variables?
JdbcMutableAclService - Transaction must be running
Spring Security Authorization - Admin is denied access
How can I do Spring Security authentication from within a JSF form
How to Enforce Change Password on User's initial login using Spring Security
how to log a user out programmatically using spring security
Disable browser authentication dialog in spring security
The type org.springframework.security.authentication.AuthenticationManager cannot be resolved. It is indirectly referenced from required .class files
Thymeleaf authorization with Spring Security doesn't work [duplicate]
Spring security redirection after login
Client does not have permissions to send as this sender (office 365, grails)
Spring Security - AuthenticatedPricipal deprecated
Sending JWT Token in the body of response Java Spring
How do I get permitAll in Spring Security to NOT throw AuthenticationCredentialsNotFoundException in @Controller object?
SpringSecurity: Fail to delete JSESSIONID
java.io.IOException: Invalid keystore format Spring Security SAML Extension
Thymeleaf 3.0 Spring Boot + Security integration does not work
Keycloak with Angular and Spring error: GET http://localhost:8180/auth/realms/Storage/protocol/openid-connect/3p-cookies/step1.html 404 (Not Found)
AuthenticationManager when updating to Spring-security-3.2.0.RC2
How to get the role that a user logged in with in my controller using Spring Security

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!