cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

A Universal Match Pattern ('/**') is Defined Before Other Patterns

Former Member

on ‎07-22-2013 5:58 PM

0 Kudos

I am in the process of porting an application that has run successfully on Jetty, Tomcat, and Cloud Foundry to NetWeaver and am seeing an issue that I have no seen on other application servers.

Here is the warning:

 >>> Warnings <<<
        1). com.sap.ASJ.web.000607 (Failed in component: sap.com/eds-ear, ) Initialization of servlet [uploadServlet] failed. Check init() method of servlet. Error is: [org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChainProxy': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: A universal match pattern ('/**') is defined  before other patterns in the filter chain, causing them to be ignored. Please check the ordering in your <security:http> namespace or FilterChainProxy bean configuration]

Here is my app-web-security.xml that I believe the error is is complaining about:

<?xml version="1.0" encoding="UTF-8"?>

<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="
             http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
             http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">

    <!-- Anonymous assets -->
    <http pattern="/favicon.ico" security="none" />
    <http pattern="**/images/**" security="none" />
    <http pattern="**/styles/**" security="none" />
    <http pattern="/solutionsuiteui/styles/**" security="none" />
    <http pattern="/solutionsuiteui/images/**" security="none" />
    <http pattern="/solutionsuiteui/dojo/**" security="none" />
    <http pattern="/solutionsuiteui/dijit/**" security="none" />
    <http pattern="/solutionsuiteui/dojox/**" security="none" />
    <http pattern="/solutionsuiteui/yui/**" security="none" />

    <http authentication-manager-ref="authenticationManager" entry-point-ref="authEntryPoint" use-expressions="true">
        <intercept-url pattern="/login.jsp" access="permitAll()" />
        <intercept-url pattern="/solutionsuiteui/remote_logging" access="hasAnyRole('ROLE_USER', 'ROLE_ADMIN') and permitAll()" />
        <intercept-url pattern="/solutionsuiteui/dispatch" access="hasAnyRole('ROLE_USER', 'ROLE_ADMIN') and permitAll()" />
        <intercept-url pattern="/**" access="hasAnyRole('ROLE_USER', 'ROLE_ADMIN')" />
        <custom-filter position="FIRST" ref="retainAnchorFilter" />
        <custom-filter ref="usernamePasswordAuthenticationFilter" after="FORM_LOGIN_FILTER" />
        <custom-filter ref="logoutFilter" after="LOGOUT_FILTER" />
        <custom-filter ref="tamperedUrlLogoutFilter" after="LAST" />
        <access-denied-handler ref="accessDeniedHandlerImpl" />
    </http>

</beans:beans>

Does anybody know what's wrong with my XML?

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎07-22-2013 7:35 PM
0 Kudos

I guess the problem is with the Spring Framework. Maybe you have missed some installation or configuration part? What version of Spring are you using? What about your AS JAVA version? Maybe your colleague could help you.

Show replies
Show replies
Former Member
‎07-22-2013 7:48 PM
0 Kudos

Hi Samuli,

Yes, there seems to be a number of issues using Spring inside of NetWeaver. Currently, I am using

<spring.version>3.2.1.RELEASE</spring.version>

With a SAP NetWeaver AS Java 7.40 instance.

Thanks, Kevin

Ask a Question