Re: Authentication Spring Security Captcha after 3 failed attempts

Thu, 26 Mar 2009 09:36:38 -0700 

Found a solution. The login is now protected as google account is -
with captcha after 5 failed retries.

The thing that bothers me is this stack trace in the console which is
triggered by pressing the login submit button:

2009-03-26 16:44:51.494::WARN:  /login.lform
java.lang.NullPointerException
        at $Response_1204373dfe0.setStatus($Response_1204373dfe0.java)
        at $Response_1204373df45.setStatus($Response_1204373df45.java)
        at 
org.apache.tapestry5.internal.services.DefaultRequestExceptionHandler.handleRequestException(DefaultRequestExceptionHandler.java:66)
        at 
$RequestExceptionHandler_1204373df67.handleRequestException($RequestExceptionHandler_1204373df67.java)
        at 
org.apache.tapestry5.internal.services.RequestErrorFilter.service(RequestErrorFilter.java:42)
        at $RequestHandler_1204373df69.service($RequestHandler_1204373df69.java)
        at 
org.apache.tapestry5.services.TapestryModule$3.service(TapestryModule.java:621)
        at $RequestHandler_1204373df69.service($RequestHandler_1204373df69.java)
        at 
org.apache.tapestry5.services.TapestryModule$2.service(TapestryModule.java:611)
        at $RequestHandler_1204373df69.service($RequestHandler_1204373df69.java)
        at 
org.apache.tapestry5.internal.services.StaticFilesFilter.service(StaticFilesFilter.java:85)
        at $RequestHandler_1204373df69.service($RequestHandler_1204373df69.java)
        at 
org.apache.tapestry5.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:93)
        at 
org.apache.tapestry5.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:84)
        at 
org.apache.tapestry5.ioc.internal.util.ConcurrentBarrier.withRead(ConcurrentBarrier.java:83)
        at 
org.apache.tapestry5.internal.services.CheckForUpdatesFilter.service(CheckForUpdatesFilter.java:106)
        at $RequestHandler_1204373df69.service($RequestHandler_1204373df69.java)
        at $RequestHandler_1204373df5f.service($RequestHandler_1204373df5f.java)
        at 
org.apache.tapestry5.services.TapestryModule$16.service(TapestryModule.java:1007)
        at 
org.apache.tapestry5.internal.services.IgnoredPathsFilter.service(IgnoredPathsFilter.java:62)
        at 
$HttpServletRequestFilter_1204373df5e.service($HttpServletRequestFilter_1204373df5e.java)
        at 
$HttpServletRequestHandler_1204373df60.service($HttpServletRequestHandler_1204373df60.java)
        at 
nu.localhost.tapestry5.springsecurity.services.internal.HttpServletRequestFilterWrapper$1.doFilter(HttpServletRequestFilterWrapper.java:56)
        at 
org.springframework.security.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)
        at 
org.springframework.security.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
        at 
nu.localhost.tapestry5.springsecurity.services.internal.HttpServletRequestFilterWrapper.service(HttpServletRequestFilterWrapper.java:52)
        at 
$HttpServletRequestFilter_1204373df5c.service($HttpServletRequestFilter_1204373df5c.java)
        at 
$HttpServletRequestHandler_1204373df60.service($HttpServletRequestHandler_1204373df60.java)
        at 
nu.localhost.tapestry5.springsecurity.services.internal.HttpServletRequestFilterWrapper$1.doFilter(HttpServletRequestFilterWrapper.java:56)
        at 
nu.localhost.tapestry5.springsecurity.services.internal.SpringSecurityExceptionTranslationFilter.doFilterHttp(SpringSecurityExceptionTranslationFilter.java:100)
        at 
org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
        at 
nu.localhost.tapestry5.springsecurity.services.internal.HttpServletRequestFilterWrapper.service(HttpServletRequestFilterWrapper.java:52)
        at 
$HttpServletRequestHandler_1204373df60.service($HttpServletRequestHandler_1204373df60.java)
        at 
nu.localhost.tapestry5.springsecurity.services.internal.HttpServletRequestFilterWrapper$1.doFilter(HttpServletRequestFilterWrapper.java:56)
        at 
org.springframework.security.providers.anonymous.AnonymousProcessingFilter.doFilterHttp(AnonymousProcessingFilter.java:105)
        at 
org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
        at 
nu.localhost.tapestry5.springsecurity.services.internal.HttpServletRequestFilterWrapper.service(HttpServletRequestFilterWrapper.java:52)
        at 
$HttpServletRequestFilter_1204373df5b.service($HttpServletRequestFilter_1204373df5b.java)
        at 
$HttpServletRequestHandler_1204373df60.service($HttpServletRequestHandler_1204373df60.java)
        at 
nu.localhost.tapestry5.springsecurity.services.internal.HttpServletRequestFilterWrapper$1.doFilter(HttpServletRequestFilterWrapper.java:56)
        at 
org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter.doFilterHttp(SecurityContextHolderAwareRequestFilter.java:91)
        at 
org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
        at 
nu.localhost.tapestry5.springsecurity.services.internal.HttpServletRequestFilterWrapper.service(HttpServletRequestFilterWrapper.java:52)
        at 
$HttpServletRequestFilter_1204373df5a.service($HttpServletRequestFilter_1204373df5a.java)
        at 
$HttpServletRequestHandler_1204373df60.service($HttpServletRequestHandler_1204373df60.java)
        at 
nu.localhost.tapestry5.springsecurity.services.internal.HttpServletRequestFilterWrapper$1.doFilter(HttpServletRequestFilterWrapper.java:56)
        at 
org.springframework.security.ui.rememberme.RememberMeProcessingFilter.doFilterHttp(RememberMeProcessingFilter.java:109)
        at 
org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
        at 
nu.localhost.tapestry5.springsecurity.services.internal.HttpServletRequestFilterWrapper.service(HttpServletRequestFilterWrapper.java:52)
        at 
$HttpServletRequestFilter_1204373df59.service($HttpServletRequestFilter_1204373df59.java)
        at 
$HttpServletRequestHandler_1204373df60.service($HttpServletRequestHandler_1204373df60.java)
        at 
nu.localhost.tapestry5.springsecurity.services.internal.HttpServletRequestFilterWrapper$1.doFilter(HttpServletRequestFilterWrapper.java:56)
        at 
org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:277)
        at 
org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
        at 
nu.localhost.tapestry5.springsecurity.services.internal.HttpServletRequestFilterWrapper.service(HttpServletRequestFilterWrapper.java:52)
        at 
$HttpServletRequestFilter_1204373df58.service($HttpServletRequestFilter_1204373df58.java)
        at 
$HttpServletRequestHandler_1204373df60.service($HttpServletRequestHandler_1204373df60.java)
        at 
nu.localhost.tapestry5.springsecurity.services.internal.HttpServletRequestFilterWrapper$1.doFilter(HttpServletRequestFilterWrapper.java:56)
        at 
org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235)
        at 
org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
        at 
nu.localhost.tapestry5.springsecurity.services.internal.HttpServletRequestFilterWrapper.service(HttpServletRequestFilterWrapper.java:52)
        at 
$HttpServletRequestFilter_1204373df57.service($HttpServletRequestFilter_1204373df57.java)
        at 
$HttpServletRequestHandler_1204373df60.service($HttpServletRequestHandler_1204373df60.java)
        at 
$HttpServletRequestHandler_1204373df56.service($HttpServletRequestHandler_1204373df56.java)
        at org.apache.tapestry5.TapestryFilter.doFilter(TapestryFilter.java:179)
        at 
org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1115)
        at 
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:361)
        at 
org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
        at 
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
        at 
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
        at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:417)
        at 
org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:230)
        at 
org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
        at 
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
        at org.mortbay.jetty.Server.handle(Server.java:324)
        at 
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:534)
        at 
org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:879)
        at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:741)
        at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:213)
        at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:403)
        at 
org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
        at 
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:522)


Anyone? I can provide additional info...

-Borut

2009/3/26 Borut Bolčina <borut.bolc...@gmail.com>:
> Hello,
>
> I would like to display a CAPTCHA challenge to a user after 3 failed
> login attempts. If using tapestry5-spring-security 2.0.1 the form
> looks like:
>
>
> <form xmlns:t="http://tapestry.apache.org/schema/tapestry_5_0_0.xsd";
> action="${loginCheckUrl}" method="POST">
>    <t:if test="failed">Username and/or password was wrong!<br /></t:if>
>    <label class="username" for="j_username">Username:</label>
>    <input class="username" name="j_username" type="text" size="30"/>
>    <label class="password" for="j_password">Password</label>
>    <input class="password" name="j_password" type="password"
> size="10" maxlength="30"/>
>    <input id="submit" class="submit" type="submit" value="log in"/>
> </form>
>
> Since this is not a T5 form element I can not just add <t:if> as in:
>
> <form xmlns:t="http://tapestry.apache.org/schema/tapestry_5_0_0.xsd";
> action="${loginCheckUrl}" method="POST">
>    <t:if test="failed">Username and/or password was wrong!<br /></t:if>
>    <label class="username" for="j_username">Username:</label>
>    <input class="username" name="j_username" type="text" size="30"/>
>    <label class="password" for="j_password">Password</label>
>    <input class="password" name="j_password" type="password"
> size="10" maxlength="30"/>
>    <input id="submit" class="submit" type="submit" value="log in"/>
>    <t:if test="showCaptcha">
>        <img src="${captchaImage}" id="kaptchaImage" />
>        <label>Please...</label>
>        <input t:type="TextField" t:id="captchaText" value="captchaText"
> t:validate="required"/>
>    </t:if>
> </form>
>
> How do I "convert" the regular <form> element to <t:form>, so that I
> can put captcha related validation into onValidate method and still
> process the spring security (action="${loginCheckUrl}")?
>
> Thanks,
> Borut
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org

Reply via email to