• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Jeanne Boyarsky
  • Ron McLeod
Sheriffs:
  • Paul Clapham
  • Liutauras Vilda
  • Devaka Cooray
Saloon Keepers:
  • Tim Holloway
  • Roland Mueller
Bartenders:

Spring successHandler not being called.

 
Ranch Hand
Posts: 123
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello

i am working on Spring security and i have an issue where after successfulAuthentication the request is not being passed to the sucesshandler url
i have my own CustomAuthenticationProcessingFilter which extends UsernamePasswordAuthenticationFilter and added two overridden methods as seen below
Below is my spring security configuration




When the user submits the login form the request comes to these overridden methods and we create all necessary cookies but the request is not delegated to the url mentioned in successHandler
in the browser window the request comes back to
http://myhost:8080/j_security_check with a blank screen

just to add my login form submit action url is
<s:form action="/j_spring_security_check" method="post" id="form1" name="form1">


Any advice.

 
Bartender
Posts: 1682
7
Android Mac OS X IntelliJ IDE Spring Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Can you please bump logging up to debug for org.springframework.security.web.authentication and post back with what gets logged.
 
Darvesh Niz
Ranch Hand
Posts: 123
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
i tried printing out log4j debug messaging and looks like spring is not spitting out any message
my log4j.properties file looks like but i am not seeing any messages in the output

log4j.rootCategory=DEBUG, stdout
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d{ABSOLUTE} %5p %t %c{2}:%L - %m%n
log4j.category.org.springframework=DEBUG

Thats one problem
The other problem i have is for example the first time when i go to secure page for example
http://domian:8080/era/secure/MyAccount.load.action
the request gets intercepted and i see login page, i enter my username and password and the request comes to attemptAuthentication and i see we create the correct user object with granted authority as ROLE_USER
return new org.springframework.security.core.userdetails.User(user.getEmail(),
user.getNewPassword(), notPending, true, true, notDisabled, grantedAuthcollection)
and i also see the jSESSION cookie created.

so i assume the next time when i hit the same url again
http://domian:8080/era/secure/MyAccount.load.action

it should let me go that url but its again redirecting it to login page.

i am really doubting could there be some issue with jetty working with spring security.

any advice?
 
Darvesh Niz
Ranch Hand
Posts: 123
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
ok
i figured out that i accidently deleted this line in my
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException,ServletException {

super.successfulAuthentication(request, response, authentication);

after putting it its fine now.
 
Bill Gorder
Bartender
Posts: 1682
7
Android Mac OS X IntelliJ IDE Spring Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Yeah, that line is important Glad you got it figured out. Thanks for posting back.
 
Darvesh Niz
Ranch Hand
Posts: 123
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello

i am faced with some new issue where i am not able to see the cookie created in the same request.
when i hit this url the first time
domain.com/era/secure/MyAccount.load.action

As is said before it routes me to login page i enter my login info and in the successfulAuthentication method we create some cookie.

After login, spring now directs the request comes to MyAccount.load.action i am trying to get that cookie but its not available, since its the same request. Hence Myaccount.load.action class does not find the cookie and we have written some code to redirect back to login screen. once the request gets complete i see the cookie now.

How is it possible to make the Myaccount.load.action class to see the cookie in the same request flow after user is logged in.

any advice.
Thanks
 
Darvesh Niz
Ranch Hand
Posts: 123
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Just to add in order to fix this i implemented my own DefaultRedirectStrategy, but still no luck
The below is my code where i redirect the request, so i assume when the contorl goes to myaccount action class the cookie should be present but still not the case, any advice.

 
Remember to always leap before you look. But always take the time to smell the tiny ads:
Smokeless wood heat with a rocket mass heater
https://woodheat.net
reply
    Bookmark Topic Watch Topic
  • New Topic