Spring Security Logout problem with Pretty Faces

Splash Forums PrettyFaces Users Spring Security Logout problem with Pretty Faces

This topic contains 4 replies, has 2 voices, and was last updated by  Christian Kaltepoth 10 years, 3 months ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #18064

    KaarinaS
    Participant

    In use: JSF 2.1.0, PrettyFaces 3.3.0, Spring Security 3.0.6

    We added the PrettyFaces in our project and everything works fine except the Logout. Login works, but when we try to logout from the page where the URL was change to a pretty one we have the following exception:

    26 oct. 2011 11:31:31 org.apache.catalina.core.ApplicationDispatcher invoke

    GRAVE: “Servlet.service()” pour la servlet default a lancé une exception

    java.lang.NullPointerException

    at java.util.TreeMap.getEntry(TreeMap.java:324)

    at java.util.TreeMap.get(TreeMap.java:255)

    at java.util.Collections$UnmodifiableMap.get(Collections.java:1282)

    at com.ocpsoft.pretty.faces.servlet.PrettyFacesWrappedRequest.getParameter(PrettyFacesWrappedRequest.java:53)

    When we try to logout from the page that doesn’t use Pretty Link it works. Could smbd, please, help us?

    web.xml

    <?xml version=”1.0″ encoding=”UTF-8″?>

    <web-app xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance” xmlns=”http://java.sun.com/xml/ns/javaee” xmlns:web=”http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd” xsi:schemaLocation=”http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd” id=”WebApp_ID” version=”2.5″>

    <display-name>pm-mail</display-name>

    <welcome-file-list>

    <welcome-file>login.xhtml</welcome-file>

    </welcome-file-list>

    <servlet>

    <servlet-name>FacesServlet</servlet-name>

    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>

    <load-on-startup>1</load-on-startup>

    </servlet>

    <servlet-mapping>

    <servlet-name>FacesServlet</servlet-name>

    <url-pattern>*.xhtml</url-pattern>

    </servlet-mapping>

    <context-param>

    <param-name>javax.faces.CONFIG_FILES</param-name>

    <param-value>/WEB-INF/faces-config.xml</param-value>

    </context-param>

    <context-param>

    <param-name>javax.faces.DEFAULT_SUFFIX</param-name>

    <param-value>.xhtml</param-value>

    </context-param>

    <context-param>

    <param-name>javax.faces.STATE_SAVING_METHOD</param-name>

    <param-value>client</param-value>

    </context-param>

    <context-param>

    <param-name>org.ajax4jsf.VIEW_HANDLERS</param-name>

    <param-value>com.sun.facelets.FaceletViewHandler</param-value>

    </context-param>

    <context-param>

    <param-name>contextConfigLocation</param-name>

    <param-value>

    classpath*:/applicationContext.xml

    classpath*:/applicationContext-security.xml

    </param-value>

    </context-param>

    <context-param>

    <param-name>org.richfaces.skin</param-name>

    <param-value>pm</param-value>

    </context-param>

    <context-param>

    <param-name>org.richfaces.enableControlSkinning</param-name>

    <param-value>false</param-value>

    </context-param>

    <context-param>

    <param-name>org.richfaces.enableControlSkinningClasses</param-name>

    <param-value>false</param-value>

    </context-param>

    <listener>

    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>

    </listener>

    <listener>

    <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>

    </listener>

    <listener>

    <listener-class>org.springframework.web.util.IntrospectorCleanupListener</listener-class>

    </listener>

    <listener>

    <listener-class>com.sun.faces.config.ConfigureListener</listener-class>

    </listener>

    <filter>

    <filter-name>springSecurityFilterChain</filter-name>

    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>

    </filter>

    <filter-mapping>

    <filter-name>springSecurityFilterChain</filter-name>

    <url-pattern>/*</url-pattern>

    <dispatcher>FORWARD</dispatcher>

    <dispatcher>REQUEST</dispatcher>

    </filter-mapping>

    <filter>

    <filter-name>Pretty Filter</filter-name>

    <filter-class>com.ocpsoft.pretty.PrettyFilter</filter-class>

    </filter>

    <filter-mapping>

    <filter-name>Pretty Filter</filter-name>

    <url-pattern>/*</url-pattern>

    <dispatcher>FORWARD</dispatcher>

    <dispatcher>REQUEST</dispatcher>

    <dispatcher>ERROR</dispatcher>

    </filter-mapping>

    <session-config>

    <session-timeout>30</session-timeout>

    </session-config>

    <error-page>

    <error-code>404</error-code>

    <location>/home</location>

    </error-page>

    <error-page>

    <error-code>403</error-code>

    <location>/home</location>

    </error-page>

    <error-page>

    <exception-type>com.sun.faces.context.FacesFileNotFoundException</exception-type>

    <location>/home</location>

    </error-page>

    <error-page>

    <exception-type>java.lang.Throwable</exception-type>

    <location>/error.xhtml</location>

    </error-page>

    </web-app>

    pretty-config.xml

    <pretty-config xmlns=”http://ocpsoft.com/prettyfaces/3.3.0″

    xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance”

    xsi:schemaLocation=”http://ocpsoft.com/prettyfaces/3.3.0

    http://ocpsoft.com/xml/ns/prettyfaces/ocpsoft-pretty-faces-3.3.0.xsd“>

    <url-mapping id=”previewNewMail”>

    <pattern value=”/preview” />

    <view-id value=”/preview.xhtml” />

    <action>#{mailingController.createPreviewMailingFromEditor}</action>

    </url-mapping>

    <url-mapping id=”previewFromTable”>

    <pattern value=”/preview/#{mailingController.mailingBeanView.mailingId}” />

    <view-id value=”/preview.xhtml” />

    <action>#{mailingController.createPreviewMailingFromTable}</action>

    </url-mapping>

    <url-mapping id=”home”>

    <pattern value=”/home” />

    <view-id value=”/home.xhtml” />

    </url-mapping>

    <url-mapping id=”login”>

    <pattern value=”/login” />

    <view-id value=”/login.xhtml” />

    </url-mapping>

    </pretty-config>

    Thank you!

    #21600

    KaarinaS
    Participant

    Our Spring Security configurations:

    <?xml version=”1.0″ encoding=”UTF-8″?>

    <beans xmlns=”http://www.springframework.org/schema/beans”

    xmlns:security=”http://www.springframework.org/schema/security”

    xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance”

    xsi:schemaLocation=”http://www.springframework.org/schema/beans

    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd

    http://www.springframework.org/schema/security

    http://www.springframework.org/schema/security/spring-security-3.0.xsd“>

    <security:http use-expressions=”true”>

    <security:intercept-url pattern=”/login” access=”!isAuthenticated()”/>

    <security:intercept-url pattern=”/STATIC/**” filters=”none”/>

    <security:intercept-url pattern=”/WEB-INF/**” filters=”none”/>

    <security:intercept-url pattern=”/javax.faces.resource/**” filters=”none”/>

    <security:intercept-url pattern=”/**” access=”isAuthenticated()”/>

    <security:session-management session-fixation-protection=”none”/>

    <security:form-login login-page=”/login”

    login-processing-url=”/j_spring_security_check”

    default-target-url=”/home”

    always-use-default-target=”true”

    authentication-failure-url=”/login”/>

    <security:logout invalidate-session=”true”

    logout-url=”/j_spring_security_logout”

    logout-success-url=”/login”/>

    </security:http>

    <security:authentication-manager>

    <security:authentication-provider ref=”authenticationProvider” />

    </security:authentication-manager>

    </beans>

    #21601

    Could you please post the full stacktrace? I would be interested to see who calls PrettyFacesWrappedRequest.getParameter().

    #21602

    KaarinaS
    Participant

    GRAVE: “Servlet.service()” pour la servlet default a lancé une exception

    java.lang.NullPointerException

    at java.util.TreeMap.getEntry(TreeMap.java:324)

    at java.util.TreeMap.get(TreeMap.java:255)

    at java.util.Collections$UnmodifiableMap.get(Collections.java:1282)

    at com.ocpsoft.pretty.faces.servlet.PrettyFacesWrappedRequest.getParameter(PrettyFacesWrappedRequest.java:53)

    at javax.servlet.ServletRequestWrapper.getParameter(ServletRequestWrapper.java:140)

    at javax.servlet.ServletRequestWrapper.getParameter(ServletRequestWrapper.java:140)

    at javax.servlet.ServletRequestWrapper.getParameter(ServletRequestWrapper.java:140)

    at org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler.determineTargetUrl(AbstractAuthenticationTargetUrlRequestHandler.java:86)

    at org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler.handle(AbstractAuthenticationTargetUrlRequestHandler.java:67)

    at org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler.onLogoutSuccess(SimpleUrlLogoutSuccessHandler.java:28)

    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:100)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)

    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:57)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)

    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:168)

    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)

    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

    at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:684)

    at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:471)

    at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:402)

    at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:329)

    at com.priceminister.mto.pmmails.application.LogoutController.logout(LogoutController.java:54)

    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

    at java.lang.reflect.Method.invoke(Method.java:597)

    at org.apache.el.parser.AstValue.invoke(AstValue.java:262)

    at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:278)

    at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)

    at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:88)

    at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102)

    at javax.faces.component.UICommand.broadcast(UICommand.java:315)

    at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794)

    at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259)

    at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)

    at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)

    at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)

    at javax.faces.webapp.FacesServlet.service(FacesServlet.java:409)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:304)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

    at com.ocpsoft.pretty.PrettyFilter.doFilter(PrettyFilter.java:118)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:369)

    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:99)

    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)

    at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)

    at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)

    at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)

    at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)

    at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:187)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)

    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)

    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:57)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)

    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:168)

    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)

    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

    at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:684)

    at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:471)

    at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:402)

    at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:329)

    at com.ocpsoft.pretty.PrettyFilter.doFilter(PrettyFilter.java:110)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:369)

    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)

    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)

    at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)

    at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)

    at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)

    at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)

    at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:187)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)

    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)

    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)

    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381)

    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:168)

    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)

    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:240)

    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:164)

    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:462)

    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164)

    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)

    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:563)

    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)

    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:403)

    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:301)

    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:162)

    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:309)

    at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)

    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)

    at java.lang.Thread.run(Thread.java:662)

    #21603

    It looks like AbstractAuthenticationTargetUrlRequestHandler calls HttpServletRequest.getParameter(String name) with null as the argument. This doesn’t look right. You could try to debug this and look why the name gets null in this situation.

Viewing 5 posts - 1 through 5 (of 5 total)

The forum ‘PrettyFaces Users’ is closed to new topics and replies.

Comments are closed.