Announcement Announcement Module
Collapse
No announcement yet.
Issue after login using remember me functionality (Spring Sec 3.1) Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Issue after login using remember me functionality (Spring Sec 3.1)

    I'm about at my wits end with this issue, and I haven't been able to find anything specifically regarding it on google. I sincerely hope someone can help point me in the right direction.

    I implemented the persistent token version of the remember me functionality on the login page. When I login for the first time with the remember me checkbox checked, it saves the token to the db correctly. When I close the browser and come back to the app, it hits the userdetailsservice i created correctly, and verifies the token is correct. It then hit the correct get method in the controller associated url i navigated to. The function then returns a view string with no problems in the console.

    The issue is, my browser only displays a blank page at this point. No errors, nothing but a blank page. This only happens when I'm re-authenticating with the remember me token though, not on the initial login.

    Does anybody have any ideas or have seen something like this before?

  • #2
    Dang, I was hoping your issue was the same as the one I documented in another thread!

    Anyway, have you tried inspecting the server response to see exactly what is being returned, e.g. correct headers but no payload, or maybe the payload is being returned and simply not getting rendered due to invalid syntax, etc.?

    Apologies if you've already done this or know how to. All the modern browsers support this out of the box. For instance, in Chrome you can open the developer tools (Ctrl + Shift + J) and look at the Network tab; click on your page's request and it may show you something obvious.

    I have seen a blank page response lots of times. Could be anything. Easiest and first step to take is to inspect the actual response.
    Last edited by damrass; Apr 4th, 2012, 01:14 PM.

    Comment


    • #3
      Ah, I had already done that! The response tab for the request says no response data is available.

      I'm also sending these response headers:

      HTTP/1.1 200 OK
      Server: Apache-Coyote/1.1
      Cache-Control: no-store
      Expires: Wed, 31 Dec 1969 23:59:59 GMT
      Pragma: no-cache
      Content-Type: text/html;charset=UTF-8
      Content-Language: en-US
      Content-Length: 0
      Date: Wed, 04 Apr 2012 18:17:31 GMT


      The cache control does not appear to be the issue, however.

      Comment


      • #4
        That is weird! Could you post your logs when this happens with DEBUG level enabled?

        Comment


        • #5
          I noticed a small point in divergence when debugging. In my execution stack, Sitemesh.obtainContent and the doFilter get called. In the 'good' request the response outputstream gets filled with content. In the 'bad' one, the stream is set to closed with no content

          Comment


          • #6
            Are you requesting the same URL when it succeeds and when it fails?

            Did you try diffing the logs for when you do RememberMe and regular log in (i.e. when it works and when it fails)?

            After you get the error, what happens if you make requests for other pages? Does the page show up or does it result in the same problem? If you re-request the same page does the page show up?

            Have you tried multiple browsers? Which browsers have you tried?

            Comment


            • #7
              I've tried requesting the same page and different pages as well as different browsers. I've had no luck.

              But after further investigation, I've concluded the issue isnt caused by the remember me functionality. The issue manifested because of this:

              I use a custom authentication provider and service. Within the authenticate method for logging normally, i return an instance of a customuserauthentication class. This class implements authentication and has a few extra fields and functions. When im logged in using this class, things work fine. The problem occurs when my auth object is a RememberMeToken. That causes this issue to happen. So, I changed my customauthprovider to return a plain UserNameAndPasswordToken instead of my custom object. This caused the same blankpage issue to happen, even without the whole remember me stuff on.

              So, the issue is, unless i return a customized object for authentication, it seems to load blank pages.

              Comment


              • #8
                It sounds there might be an error casting the Authentication to your custom implementation or trying to invoke the custom methods in your controller or UI. The error is then manifesting itself as a blank page (perhaps due to mis-configured error handling).

                Comment


                • #9
                  That was originally the case.
                  Most of my methods looked like:
                  method(Locale locale, Model model, HttpSession session, CustomUserAuthentication principal)

                  This was returning an error when it was using the RememberMeToken. so I changed the signature to:

                  method(Locale locale, Model model, HttpSession session, Authentication principal)
                  and this works when principal is CustomUserAuthentication but not RememberMeToken. I'm trying to figure out why, as both implement Authentication. I'm also not sure why no error shows up in the console when the page is blank.

                  Comment


                  • #10
                    omg...case closed. Thanks for all the help guys. I had a custom get method being referenced on jsps. The RememberMeToken had no such method. *sigh*

                    Comment

                    Working...
                    X