Announcement Announcement Module
No announcement yet.
User Name and Password required validation with Sitemesh Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • User Name and Password required validation with Sitemesh

    My login controller is:
    public class LoginLogoutController {
    // Authentication has occurred previously by UserNamePasswordAuthenticationFilter.
    // This simply validates the Form
    @RequestMapping(value = "/login.html", method = RequestMethod.POST)
    public String login(@Valid @ModelAttribute("loginForm") LoginForm loginForm,
    BindingResult result, Map<String, String> model) {
    return "/login";
    @RequestMapping(value = "/login.html", method = RequestMethod.GET)
    public String loginForm() {
    return "login";

    I have Sitemesh Filter declared after SpringSecurity Filter as recommended. I have configured Spring Security to "forward" on authentication failure rather than re-direct.

    My problem is that on Authentication failure, although the POST method of the controller is called, Sitemesh filter is not invoked and the returned login page is not decorated. I think this is because the SimpleUrlAuthenticationFailureHandler does a request.getRequestDispatcher(defaultFailureUrl).fo rward(request, response) and does not invoke the rest of the filter chain.

    Am I missing something? I want to keep the authentication code out of my controller and abstracted away.

    Thanks in advance for any help

  • #2
    Did you ever solve this problem. I'm trying to do a sitemesh implementation with some secured pages. I'm "logged" in, but site mesh calls are getting redirected to login url. Any advice?


    • #3
      If you add
      to your web.xml. your request will be invoke the sitemeshfilter!