Spring security problem when using Pretty Faces

Splash Forums PrettyFaces Users Spring security problem when using Pretty Faces

This topic contains 2 replies, has 2 voices, and was last updated by  Christian Kaltepoth 5 years, 2 months ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #18648

    cecchisandrone
    Participant

    Hi all,

    I’m struggling with a strange problem that logs me out suddenly when using Spring Security 3.1 + Pretty Faces 3.3.3 for JSF 1.2. Without Pretty Faces everything works smoothly (login, logout & authorization); with PF enabled, the problem occurs in pages that have mapped in pretty-config.xml, I lost the authentication and I’ve been redirected to the login page, without any reason.

    Another problem is that if I have a pretty URL (e.g. http://localhost:8080/app/showDetails?id=1) and I’m not authenticated, the login form is shown but when I authenticate correctly I’m not redirected to the original request and also the relative action is not executed.

    Attached you can find web.xml, security-context.xml and pretty-config.xml.

    As a side note, I’m doing an upgrade from Spring Security 2.0.4 to 3.1. Before the upgrade everything works.

    #22846

    cecchisandrone
    Participant

    I solved the problem related to the redirect, it was a Spring Security config thing. I’m only fighting with the sudden logout :D

    #22847

    For some reason the other posts on this topic disappeared. I’m summing up the solution here so that others running into the problem can fix it.

    The problem was that the Spring Security Filter was placed before the PrettyFilter with dispatcher settings for REQUEST and FORWARD. Therefore the Spring Security filter was executed twice, once for the incoming pretty URL and another time after PrettyFaces forwarded the request. The solution for the problem is to remove the dispatcher settings from the Spring Security filter so that it only applies to incoming request and not to forwarded ones.

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

Comments are closed.