Re: Pretty Faces and Spring Security 3

Splash Forums PrettyFaces Users Pretty Faces and Spring Security 3 Re: Pretty Faces and Spring Security 3

#20482

In this case, it sounds like you are having an issue where Spring Security intercepts the login-URL when forwarded from PrettyFaces (prettyfaces forwards from /thank-you -> /pages/protected/thank-you.jsf

I believe you do want Spring Security filter to be first in the chain, and in your security rules you should probably use the top-level URLs like "/thank-you/" instead of filtering on "/pages/protected/*". Otherwise, you will continue to have this issue where the forwarded URL is the one that Spring Security saves and uses in the redirect.

You might still wish to block access to .jsf files directly, in which case you should add a rule to the Spring Security filter to this effect. You will also need to remove the “FORWARD” dispatcher from the Spring Security filter in order for this to work, but again, that might not be what you want.

I hope this helps,

Lincoln