Announcement Announcement Module
Collapse
No announcement yet.
Spring Security logout error login Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring Security logout error login

    hi my problem is when i logout and try to login again it shows me this mensage:

    {"rs":[]}
    and dont show anything, the page stay in blank.

    after that the url of my application shows:
    http://localhost:8084/ManejoyControl...esktop&opt_0=i
    normaly is:
    http://localhost:8084/ManejoyControldeEquipos/

    i am using spring security and zk framework.

    i am using basic configuration:
    Code:
     <http auto-config="true" use-expressions="true">
            <intercept-url pattern="/**" access="isAuthenticated()"  />
    </http>
    
        <authentication-manager>
            <authentication-provider>
                <user-service>
                    <user name="tomas" password="america" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
                    <user name="tomas2" password="america2" authorities="ROLE_USER,ROLE_TELLER" />
                    <user name="tomas3" password="america3" authorities="ROLE_USER" />
                </user-service>
            </authentication-provider>
        </authentication-manager>

  • #2
    Can you be a little more detailed in the steps to reproduce? It sounds as though the logout page has an asynchronous request to a protected resource that is protected (i.e. javascript, css, image, etc). By default after logging in Spring Security will send you to the last protected URL that was requested.

    Comment


    • #3
      well when the app start it shows the spring login page then i log it and shows me index.zul, i have a link to logout "<a href="/j_spring_security_logout">Salir</a>" when i click it shows me the login page again but when i try to log with the same user again it shows me this {"rs":[]} and dont show index.zul.

      i am using zk framework, spring security 3.

      Comment


      • #4
        So that sounds to me like the guess was correct. A few options to resolve your issue are
        • Prevent the application from requesting http://localhost:8084/ManejoyControl...esktop&opt_0=i while you are logged out. This can be done by removing the request to those resources or by using access="permitAll"
        • Specify form-login@default-target-url and form-login@always-use-default-target="true"
        • Create a modified version of HttpSessionRequestCache which prevents requests to javascript from being saved. You can then wire this custom implementation into your Spring configuration using http/request-cache@ref

        Comment


        • #5
          i Specify form-login@default-target-url now it shows the "Processing..." zk message and dont show login page just stay loading and no more

          this is the config:

          <global-method-security pre-post-annotations="enabled">

          </global-method-security>

          <http auto-config="true" use-expressions="true">


          <intercept-url pattern="/folder/**" access="permitAll" />

          <form-login login-page="/manejoUsuario/loginUser.zul" default-target-url="/index.zul"/>
          <intercept-url pattern="/**" access="isAuthenticated()" />

          </http>

          <authentication-manager>
          <authentication-provider>

          <user-service>
          <user name="tomas" password="america" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
          <user name="tomas2" password="america2" authorities="ROLE_USER,ROLE_TELLER" />
          <user name="tomas3" password="america3" authorities="ROLE_USER" />
          </user-service>
          </authentication-provider>
          </authentication-manager>

          this is the zul login page

          <?xml version="1.0" encoding="UTF-8"?>
          <?init class="org.zkoss.zkplus.databind.AnnotateDataBinde rInit"?>
          <?variable-resolver class="org.zkoss.zkplus.spring.DelegatingVariableR esolver"?>
          <div height="100%" >
          <groupbox>
          <caption>Login</caption>
          <h:form id="f" name="f" action="j_spring_security_check" method="POST"
          xmlns:h="http://www.w3.org/1999/xhtml">
          <grid>
          <rows>
          <row>User:
          <textbox id="u" name="j_username"/>
          </row>
          <row>Password:
          <textbox id="p" type="password" name="j_password"/>
          </row>
          <!--<row>
          <checkbox id="r" name="_spring_security_remember_me"/>Don't ask for my password for two weeks
          </row>-->
          <row spans="2">
          <hbox>
          <h:input type="submit" value="Submit Query"/>
          <h:input type="reset" value="Reset"/>
          </hbox>
          </row>
          </rows>
          </grid>
          </h:form>
          </groupbox>
          </div>

          Comment


          • #6
            For that solution you also need to specify form-login@always-use-default-target="true"

            Comment


            • #7
              the solution didnt work, still it showing the "Processing..." zk message, now i use Google Chrome console and get a error, and dont do anything just stay like this pic:
              Attachment
              Attached Files

              Comment


              • #8
                If you go to /index.zul after you login does it display that page or does it display the login page? You might also try enabling logging for Spring Security. If the logs do not help you post them and perhaps I can figure out what is happening.

                Comment


                • #9
                  ok i enable the log trace and it shows this:

                  6097 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - Converted URL to lowercase, from: '/index.zul'; to: '/index.zul'
                  6097 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - Candidate is: '/index.zul'; pattern is /**; matched=true
                  6100 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /index.zul at position 1 of 10 in additional filter chain; firing Filter: 'org.springframework.security.web.context.Security ContextPersistenceFilter@200bde'
                  6182 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.context.HttpSessi onSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
                  6182 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.context.HttpSessi onSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@ 1eb41d6. A new one will be created.
                  6186 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /index.zul at position 2 of 10 in additional filter chain; firing Filter: 'org.springframework.security.web.authentication.l ogout.LogoutFilter@1c5b828'
                  6232 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /index.zul at position 3 of 10 in additional filter chain; firing Filter: 'org.springframework.security.web.authentication.U sernamePasswordAuthenticationFilter@1bd8993'
                  6232 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /index.zul at position 4 of 10 in additional filter chain; firing Filter: 'org.springframework.security.web.authentication.www.BasicAuthenticationFilter@934c3b'
                  6232 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /index.zul at position 5 of 10 in additional filter chain; firing Filter: 'org.springframework.security.web.savedrequest.Req uestCacheAwareFilter@71dfd7'
                  6282 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.savedrequest.Defa ultSavedRequest - pathInfo: arg1=/web/_zv2011083110/js/zul.lang.wpd; arg2=null (property not equals)
                  6282 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.savedrequest.Http SessionRequestCache - saved request doesn't match
                  6282 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /index.zul at position 6 of 10 in additional filter chain; firing Filter: 'org.springframework.security.web.servletapi.Secur ityContextHolderAwareRequestFilter@1ebf5c'
                  6334 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /index.zul at position 7 of 10 in additional filter chain; firing Filter: 'org.springframework.security.web.authentication.A nonymousAuthenticationFilter@153d05b'
                  6335 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.authentication.An onymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.Anony mousAuthenticationToken@6fa90ed4: Principal: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.We bAuthenticationDetails@fffc7f0c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 5E561E9D9CF742C335447DCA2CE37B3C; Granted Authorities: ROLE_ANONYMOUS'
                  6382 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /index.zul at position 8 of 10 in additional filter chain; firing Filter: 'org.springframework.security.web.session.SessionM anagementFilter@194363b'
                  6382 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /index.zul at position 9 of 10 in additional filter chain; firing Filter: 'org.springframework.security.web.access.Exception TranslationFilter@17470d0'
                  6382 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /index.zul at position 10 of 10 in additional filter chain; firing Filter: 'org.springframework.security.web.access.intercept .FilterSecurityInterceptor@19a8942'
                  6432 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.access.expression .ExpressionBasedFilterInvocationSecurityMetadataSo urce - Converted URL to lowercase, from: '/index.zul'; to: '/index.zul'
                  6432 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.access.expression .ExpressionBasedFilterInvocationSecurityMetadataSo urce - Candidate is: '/index.zul'; pattern is /manejousuario/**; matched=false
                  6432 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.access.expression .ExpressionBasedFilterInvocationSecurityMetadataSo urce - Candidate is: '/index.zul'; pattern is /**; matched=true
                  6482 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.access.intercept. FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /index.zul; Attributes: [hasRole('ROLE_USER')]
                  6482 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.access.intercept. FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.Anonym ousAuthenticationToken@6fa90ed4: Principal: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.We bAuthenticationDetails@fffc7f0c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 5E561E9D9CF742C335447DCA2CE37B3C; Granted Authorities: ROLE_ANONYMOUS
                  6596 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.access.vote.Affirmati veBased - Voter: org.springframework.security.web.access.expression .WebExpressionVoter@17b650a, returned: -1
                  6598 ["http-bio-8084"-exec-5] DEBUG org.springframework.security.web.access.ExceptionT ranslationFilter - Access is denied (user is anonymous); redirecting to authentication entry point
                  org.springframework.security.access.AccessDeniedEx ception: Access is denied
                  i dont know what means but i can see a error "org.springframework.security.access.AccessDeniedE xception: Access is denied" and dont display loggin page, just stay in processing zk message

                  Comment


                  • #10
                    Please post the logs for the entire problem (i.e. starting from when the user logs in the first time and ending when they try to login the second time).

                    Comment


                    • #11
                      well that is the problem my login page is not displayed and i cant login.

                      Comment


                      • #12
                        The logs still do not contain anything about the request for the authentication entry point. Another thing is that the login page is not public. Add it as an intercept-url with access="permitAll"

                        PS: I did not realize your problem no longer required you to logout. You may give detailed steps for how to reproduce the problem. I was interpreting your update as requiring the same steps (i.e. the user logs out and then tries to login), but something different being displayed.

                        Comment


                        • #13
                          Sorry y not speak english, but in this error, i repair with:
                          <http auto-config="true">
                          <intercept-url pattern="/zkau/**" filters="none" />
                          <intercept-url pattern="/login.zul" access="IS_AUTHENTICATED_ANONYMOUSLY" />
                          <intercept-url pattern="/**" access="ROLE_SUPERVISOR" />
                          <form-login login-page="/login.zul"
                          authentication-failure-url="/login.zul?login_error=1"
                          always-use-default-target="true" default-target-url="/home.zul" />
                          ....
                          ....
                          Last edited by apalpan; Dec 1st, 2011, 11:42 PM.

                          Comment

                          Working...
                          X