SpringSecurity OAuth callback-url doesn't work while PrettyFaces is active

Splash Forums PrettyFaces Users SpringSecurity OAuth callback-url doesn't work while PrettyFaces is active

This topic contains 1 reply, has 2 voices, and was last updated by  Lincoln Baxter III 4 years, 7 months ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #18858

    nicmon
    Participant

    I want to use Spring-Security to use oauth interface of twitter and login to my application. I’m using SpringSecurity 3.1 and spring-security-oauth-client to achieve this.

    here is the version which is working properly:

    WEB.XML

    <filter>
    <filter-name>Pretty Filter</filter-name>
    <filter-class>com.ocpsoft.pretty.PrettyFilter</filter-class>
    </filter>
    <filter-mapping>
    <filter-name>Pretty Filter</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>ERROR</dispatcher>
    </filter-mapping>
    <filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>
    <filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>REQUEST</dispatcher>
    </filter-mapping>

    <!-- ######################### TWITTER ######################### -->
    <beans:bean id="twitterProvider" class="com.myapp.app.webportal.publicweb.beans.LoginBean.TwitterAuthenticateProvider">
    <beans:property name="key" value="XXXXXXXXXXXXXX" />
    <beans:property name="secret" value="XXXXXXXXXXXXXXXXXXXXXXXXXXXX" />
    <beans:property name="callbackUrl" value="http://hbdev.myapp.com:8080/publicweb/j_spring_twitter_security_check" />
    <beans:property name="proxyHost" value="myproxy.int.com" />
    <beans:property name="proxyPort" value="1234" />
    </beans:bean>

    <beans:bean id="twitterFilter" class="com.github.leleuj.ss.oauth.client.web.OAuthAuthenticationFilter">
    <beans:constructor-arg index="0" value="/j_spring_twitter_security_check" />
    <beans:property name="provider" ref="twitterProvider" />
    <beans:property name="authenticationManager" ref="authenticationManager" />
    </beans:bean>

    <beans:bean id="twitterAuthProvider" class="com.github.leleuj.ss.oauth.client.authentication.OAuthAuthenticationProvider">
    <beans:property name="provider" ref="twitterProvider" />
    </beans:bean>

    and in pretty-config.xml

    <url-mapping id="twitterLogin" >
    <pattern value="/j_spring_twitter_security_check"/>
    <view-id value="/j_spring_twitter_security_check"/>
    </url-mapping>

    But it doesn’t work once I change the callbackUrl and specify an existing page, so:

    <!-- ######################### TWITTER ######################### -->
    <beans:bean id="twitterProvider" class="com.myapp.app.webportal.publicweb.beans.LoginBean.TwitterAuthenticateProvider">
    <beans:property name="key" value="XXXXXXXXXXXXXX" />
    <beans:property name="secret" value="XXXXXXXXXXXXXXXXXXXXXXXXXXXX" />
    <beans:property name="callbackUrl" value="http://hbdev.myapp.com:8080/publicweb/publicweb/pages/myapp/twitterLogin.xhtml" />
    <beans:property name="proxyHost" value="myproxy.int.com" />
    <beans:property name="proxyPort" value="1234" />
    </beans:bean>

    <beans:bean id="twitterFilter" class="com.github.leleuj.ss.oauth.client.web.OAuthAuthenticationFilter">
    <beans:constructor-arg index="0" value="/publicweb/pages/myapp/twitterLogin.xhtml" />
    <beans:property name="provider" ref="twitterProvider" />
    <beans:property name="authenticationManager" ref="authenticationManager" />
    </beans:bean>

    <beans:bean id="twitterAuthProvider" class="com.github.leleuj.ss.oauth.client.authentication.OAuthAuthenticationProvider">
    <beans:property name="provider" ref="twitterProvider" />
    </beans:bean>

    Or if I have:

    <url-mapping id="twitterLogin" >
    <pattern value="/j_spring_twitter_security_check"/>
    <view-id value="/pages/myapp/twitterLogin.xhtml"/>
    </url-mapping>

    What I can’t understand is, if I turn off prettyfaces by renaming the pretty-config.xml, my customized callbackUrl works. any help is highly appreciated.

    #23139

    It looks like you may have a mis-match between context roots in your configuration?

    /publicweb/pages/myapp/twitterLogin.xhtml and /pages/myapp/twitterLogin.xhtml in pretty-config.xml.

    As far as I know, both Spring and PrettyFaces are not context-sensitive, so the /publicweb prefix in your Spring configuration will actually not match up with what PrettyFaces is forwarding to.

    Thoughts?

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

Comments are closed.