09:14:06.046 [main] ERROR o.s.web.context.ContextLoader - Context initialization failed
org.springframework.security.authentication.AuthenticationServiceException: Unable to find salt method on user Object. Does the class 'org.springframework.security.core.userdetails.User' have a method or getter named 'salt' ?
at org.springframework.security.authentication.dao.ReflectionSaltSource.findSaltMethod(ReflectionSaltSource.java:86) ~[spring-security-core-3.0.7.RELEASE.jar:3.0.7.RELEASE]
at org.springframework.security.authentication.dao.ReflectionSaltSource.getSalt(ReflectionSaltSource.java:66) ~[spring-security-core-3.0.7.RELEASE.jar:3.0.7.RELEASE]
at net.prhin.recetas.security.UserBootstrap.onApplicationEvent(UserBootstrap.java:53) ~[classes/:na]
at net.prhin.recetas.security.UserBootstrap.onApplicationEvent(UserBootstrap.java:19) ~[classes/:na]
at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97) ~[spring-context-3.1.1.RELEASE.jar:3.1.1.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:324) ~[spring-context-3.1.1.RELEASE.jar:3.1.1.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:929) ~[spring-context-3.1.1.RELEASE.jar:3.1.1.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:467) ~[spring-context-3.1.1.RELEASE.jar:3.1.1.RELEASE]
at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:385) ~[spring-web-3.1.1.RELEASE.jar:3.1.1.RELEASE]
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:284) ~[spring-web-3.1.1.RELEASE.jar:3.1.1.RELEASE]
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:111) [spring-web-3.1.1.RELEASE.jar:3.1.1.RELEASE]
at org.mortbay.jetty.handler.ContextHandler.startContext(ContextHandler.java:548) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.jetty.servlet.Context.startContext(Context.java:136) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1234) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java:517) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java:460) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.jetty.plugin.Jetty6PluginWebAppContext.doStart(Jetty6PluginWebAppContext.java:124) [maven-jetty-plugin-6.1.12.jar:6.1.12]
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50) [jetty-util-6.1.12.jar:6.1.12]
at org.mortbay.jetty.handler.HandlerCollection.doStart(HandlerCollection.java:152) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.jetty.handler.ContextHandlerCollection.doStart(ContextHandlerCollection.java:156) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50) [jetty-util-6.1.12.jar:6.1.12]
at org.mortbay.jetty.handler.HandlerCollection.doStart(HandlerCollection.java:152) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50) [jetty-util-6.1.12.jar:6.1.12]
at org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java:130) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.jetty.Server.doStart(Server.java:222) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50) [jetty-util-6.1.12.jar:6.1.12]
at org.mortbay.jetty.plugin.Jetty6PluginServer.start(Jetty6PluginServer.java:132) [maven-jetty-plugin-6.1.12.jar:6.1.12]
at org.mortbay.jetty.plugin.AbstractJettyMojo.startJetty(AbstractJettyMojo.java:384) [maven-jetty-plugin-6.1.12.jar:6.1.12]
at org.mortbay.jetty.plugin.AbstractJettyMojo.execute(AbstractJettyMojo.java:320) [maven-jetty-plugin-6.1.12.jar:6.1.12]
at org.mortbay.jetty.plugin.AbstractJettyRunMojo.execute(AbstractJettyRunMojo.java:205) [maven-jetty-plugin-6.1.12.jar:6.1.12]
at org.mortbay.jetty.plugin.Jetty6RunMojo.execute(Jetty6RunMojo.java:184) [maven-jetty-plugin-6.1.12.jar:6.1.12]
at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:101) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:209) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:84) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:59) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.lifecycle.internal.LifecycleStarter.singleThreadedBuild(LifecycleStarter.java:183) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:161) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:320) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:156) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.cli.MavenCli.execute(MavenCli.java:537) [maven-embedder-3.0.4.jar:3.0.4]
at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:196) [maven-embedder-3.0.4.jar:3.0.4]
at org.apache.maven.cli.MavenCli.main(MavenCli.java:141) [maven-embedder-3.0.4.jar:3.0.4]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.7.0_03]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) ~[na:1.7.0_03]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.7.0_03]
at java.lang.reflect.Method.invoke(Method.java:601) ~[na:1.7.0_03]
at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:290) [plexus-classworlds-2.4.jar:na]
at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:230) [plexus-classworlds-2.4.jar:na]
at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:409) [plexus-classworlds-2.4.jar:na]
at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:352) [plexus-classworlds-2.4.jar:na]
org.springframework.security.authentication.AuthenticationServiceException: Unable to find salt method on user Object. Does the class 'org.springframework.security.core.userdetails.User' have a method or getter named 'salt' ?
at org.springframework.security.authentication.dao.ReflectionSaltSource.findSaltMethod(ReflectionSaltSource.java:86) ~[spring-security-core-3.0.7.RELEASE.jar:3.0.7.RELEASE]
at org.springframework.security.authentication.dao.ReflectionSaltSource.getSalt(ReflectionSaltSource.java:66) ~[spring-security-core-3.0.7.RELEASE.jar:3.0.7.RELEASE]
at net.prhin.recetas.security.UserBootstrap.onApplicationEvent(UserBootstrap.java:53) ~[classes/:na]
at net.prhin.recetas.security.UserBootstrap.onApplicationEvent(UserBootstrap.java:19) ~[classes/:na]
at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97) ~[spring-context-3.1.1.RELEASE.jar:3.1.1.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:324) ~[spring-context-3.1.1.RELEASE.jar:3.1.1.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:929) ~[spring-context-3.1.1.RELEASE.jar:3.1.1.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:467) ~[spring-context-3.1.1.RELEASE.jar:3.1.1.RELEASE]
at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:385) ~[spring-web-3.1.1.RELEASE.jar:3.1.1.RELEASE]
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:284) ~[spring-web-3.1.1.RELEASE.jar:3.1.1.RELEASE]
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:111) [spring-web-3.1.1.RELEASE.jar:3.1.1.RELEASE]
at org.mortbay.jetty.handler.ContextHandler.startContext(ContextHandler.java:548) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.jetty.servlet.Context.startContext(Context.java:136) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1234) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java:517) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java:460) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.jetty.plugin.Jetty6PluginWebAppContext.doStart(Jetty6PluginWebAppContext.java:124) [maven-jetty-plugin-6.1.12.jar:6.1.12]
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50) [jetty-util-6.1.12.jar:6.1.12]
at org.mortbay.jetty.handler.HandlerCollection.doStart(HandlerCollection.java:152) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.jetty.handler.ContextHandlerCollection.doStart(ContextHandlerCollection.java:156) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50) [jetty-util-6.1.12.jar:6.1.12]
at org.mortbay.jetty.handler.HandlerCollection.doStart(HandlerCollection.java:152) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50) [jetty-util-6.1.12.jar:6.1.12]
at org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java:130) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.jetty.Server.doStart(Server.java:222) [jetty-6.1.12.jar:6.1.12]
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50) [jetty-util-6.1.12.jar:6.1.12]
at org.mortbay.jetty.plugin.Jetty6PluginServer.start(Jetty6PluginServer.java:132) [maven-jetty-plugin-6.1.12.jar:6.1.12]
at org.mortbay.jetty.plugin.AbstractJettyMojo.startJetty(AbstractJettyMojo.java:384) [maven-jetty-plugin-6.1.12.jar:6.1.12]
at org.mortbay.jetty.plugin.AbstractJettyMojo.execute(AbstractJettyMojo.java:320) [maven-jetty-plugin-6.1.12.jar:6.1.12]
at org.mortbay.jetty.plugin.AbstractJettyRunMojo.execute(AbstractJettyRunMojo.java:205) [maven-jetty-plugin-6.1.12.jar:6.1.12]
at org.mortbay.jetty.plugin.Jetty6RunMojo.execute(Jetty6RunMojo.java:184) [maven-jetty-plugin-6.1.12.jar:6.1.12]
at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:101) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:209) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:84) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:59) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.lifecycle.internal.LifecycleStarter.singleThreadedBuild(LifecycleStarter.java:183) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:161) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:320) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:156) [maven-core-3.0.4.jar:3.0.4]
at org.apache.maven.cli.MavenCli.execute(MavenCli.java:537) [maven-embedder-3.0.4.jar:3.0.4]
at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:196) [maven-embedder-3.0.4.jar:3.0.4]
at org.apache.maven.cli.MavenCli.main(MavenCli.java:141) [maven-embedder-3.0.4.jar:3.0.4]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.7.0_03]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) ~[na:1.7.0_03]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.7.0_03]
at java.lang.reflect.Method.invoke(Method.java:601) ~[na:1.7.0_03]
at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:290) [plexus-classworlds-2.4.jar:na]
at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:230) [plexus-classworlds-2.4.jar:na]
at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:409) [plexus-classworlds-2.4.jar:na]
at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:352) [plexus-classworlds-2.4.jar:na]
<security:authentication-provider user-service-ref="userDetailsService">
<security:password-encoder ref="passwordEncoder">
<security:salt-source ref="saltSource" />
</security:password-encoder>
</security:authentication-provider>
</security:authentication-manager> <bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.Md5PasswordEncoder" />
<bean id="saltSource" class="org.springframework.security.authentication.dao.ReflectionSaltSource">
<property name="userPropertyToUse" value="username" />
</bean>
class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/> <bean id="securityContextPersistenceFilterDenySessionCreation"
class="org.springframework.security.web.context.SecurityContextPersistenceFilter">
<property name='securityContextRepository'>
<bean class='org.springframework.security.web.context.HttpSessionSecurityContextRepository'>
<property name='allowSessionCreation' value='false'/>
</bean>
</property>
</bean>
<sec:authentication-manager alias="authManager">
<sec:authentication-provider user-service-ref="userDetailsService">
<sec:password-encoder ref="passwordEncoder">
<sec:salt-source ref="saltSource"/>
</sec:password-encoder>
</sec:authentication-provider>
</sec:authentication-manager> <bean id="passwordEncoder"
class="org.springframework.security.authentication.encoding.ShaPasswordEncoder"/> <bean id="saltSource"
class="org.springframework.security.authentication.dao.ReflectionSaltSource">
<property name="userPropertyToUse" value="salt"/>
</bean> <bean id="userDetailsService" class="net.prhin.recetas.security.UserDetailsServiceAdapter">
<property name="userDao" ref="userDao"/>
<property name="auditingLoginDao" ref="auditingLoginDao"/>
</bean>
改成
<property name="userPropertyToUse" value="username" />
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd"> <!--<http access-denied-page="/login.htm?err=access_denied"
access-decision-manager-ref="accessDecisionManager"
use-expressions="true">
<!– Don't set any role restrictions on login.jsp –>
<intercept-url pattern="/login.htm" access="isAnonymous()"/>
<intercept-url pattern="/**/*.htm" access="isAuthenticated()"/> <!– Don't passthru filters –>
<intercept-url pattern="/styles/**" filters="none"/>
<intercept-url pattern="/js/**" filters="none"/>
<intercept-url pattern="/images/**" filters="none"/> <!– Limit max sessions to 1 per user. –>
<anonymous/>
<!– Set the login page and what to do if login fails –>
<form-login login-page="/login.htm"
default-target-url="/dashboard.htm"
authentication-failure-url="/login.htm?err=authentication"/>
<logout/>
</http>--> <bean id="filterChainProxy" class="org.springframework.security.web.FilterChainProxy">
<sec:filter-chain-map path-type="ant">
<sec:filter-chain pattern="/styles/**" filters="none"/>
<sec:filter-chain pattern="/js/**" filters="none"/>
<sec:filter-chain pattern="/images/**" filters="none"/>
<sec:filter-chain pattern="/favicon.ico" filters="none"/>
<sec:filter-chain pattern="/services/cpoe/erx" filters="
securityContextPersistenceFilterDenySessionCreation,
basicAuthenticationFilter,
basicExceptionTranslationFilter,
filterSecurityInterceptor"/>
<sec:filter-chain pattern="/**" filters="
securityContextPersistenceFilterAllowSessionCreation,
logoutFilter,
usernamePasswordAuthenticationFilter,
anonymousAuthFilter,
exceptionTranslationFilter,
filterSecurityInterceptor"/>
</sec:filter-chain-map>
</bean> <bean id="basicAuthenticationFilter"
class="org.springframework.security.web.authentication.www.BasicAuthenticationFilter">
<property name="authenticationManager" ref="authManager"/>
<property name="authenticationEntryPoint" ref="basicAuthenticationEntryPoint"/>
</bean> <bean id="basicAuthenticationEntryPoint" class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint">
<property name="realmName" value="PRHIN CPOE"/>
</bean> <bean id="usernamePasswordAuthenticationFilter"
class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
<property name="authenticationManager" ref="authManager"/>
<property name="authenticationFailureHandler">
<bean class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<property name="defaultFailureUrl" value="/login.htm?err=authentication"/> </bean>
</property>
<property name="authenticationSuccessHandler">
<bean class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<property name="defaultTargetUrl" value="/dashboard.htm?login=1"/>
<property name="alwaysUseDefaultTargetUrl" value="true"/>
</bean>
</property>
</bean> <bean id="exceptionTranslationFilter"
class="org.springframework.security.web.access.ExceptionTranslationFilter">
<property name="authenticationEntryPoint">
<bean class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
<property name="loginFormUrl" value="/login.htm"/>
</bean>
</property>
<property name="accessDeniedHandler">
<bean class="org.springframework.security.web.access.AccessDeniedHandlerImpl">
<property name="errorPage" value="/login.htm?err=access_denied"/>
</bean>
</property>
</bean> <bean id="basicExceptionTranslationFilter"
class="org.springframework.security.web.access.ExceptionTranslationFilter">
<property name="authenticationEntryPoint" ref="basicAuthenticationEntryPoint"/>
</bean> <bean id="filterSecurityInterceptor"
class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
<property name="authenticationManager" ref="authManager"/>
<property name="accessDecisionManager" ref="accessDecisionManager"/>
<property name="securityMetadataSource">
<sec:filter-security-metadata-source use-expressions="true" path-type="ant">
<sec:intercept-url pattern="/login.htm" access="isAnonymous()"/>
<sec:intercept-url pattern="/**" access="isAuthenticated()"/>
</sec:filter-security-metadata-source>
</property>
</bean> <bean id="anonymousAuthFilter"
class="org.springframework.security.web.authentication.AnonymousAuthenticationFilter">
<property name="key" value="foobar"/>
<property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS"/>
</bean> <bean id="anonymousAuthenticationProvider"
class="org.springframework.security.authentication.AnonymousAuthenticationProvider">
<property name="key" value="foobar"/>
</bean> <bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">
<constructor-arg index="0">
<bean class="org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler"/>
</constructor-arg>
<constructor-arg index="1">
<list>
<bean class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
</list>
</constructor-arg>
</bean> <bean id="securityContextPersistenceFilterAllowSessionCreation"
class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/> <bean id="securityContextPersistenceFilterDenySessionCreation"
class="org.springframework.security.web.context.SecurityContextPersistenceFilter">
<property name='securityContextRepository'>
<bean class='org.springframework.security.web.context.HttpSessionSecurityContextRepository'>
<property name='allowSessionCreation' value='false'/>
</bean>
</property>
</bean>
<sec:authentication-manager alias="authManager">
<sec:authentication-provider user-service-ref="userDetailsService">
<sec:password-encoder ref="passwordEncoder">
<sec:salt-source ref="saltSource"/>
</sec:password-encoder>
</sec:authentication-provider>
</sec:authentication-manager> <bean id="passwordEncoder"
class="org.springframework.security.authentication.encoding.ShaPasswordEncoder"/> <bean id="saltSource"
class="org.springframework.security.authentication.dao.ReflectionSaltSource">
<property name="userPropertyToUse" value="salt"/>
</bean> <bean id="userDetailsService" class="net.prhin.recetas.security.UserDetailsServiceAdapter">
<property name="root" ref="userDao"/>
<property name="auditingLoginDao" ref="auditingLoginDao"/>
</bean> <bean id="userBootstrap" class="net.prhin.recetas.security.UserBootstrap">
<property name="userDao" ref="userDao"/>
<property name="passwordEncoder" ref="passwordEncoder"/>
<property name="saltSource" ref="saltSource"/>
</bean> <!-- Define AccessDesisionManager as UnanimousBased -->
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased">
<property name="decisionVoters">
<list>
<bean class="org.springframework.security.access.vote.RoleVoter"/>
<bean class="org.springframework.security.access.vote.AuthenticatedVoter"/>
<bean class="org.springframework.security.web.access.expression.WebExpressionVoter"/>
</list>
</property>
</bean>
</beans>