Announcement Announcement Module
Collapse
No announcement yet.
AbstractAuthenticationProcessingFilter. requiresAuthentication and JSF 2 Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • AbstractAuthenticationProcessingFilter. requiresAuthentication and JSF 2

    Hallo,

    I'm using Spring Security 3.1 and JSF 2 for the first time.

    This is my login definition in spring-security.xml:

    Code:
    <http auto-config="true" access-denied-page="/login.xhtml">
    <form-login 
      login-page="/login.xhtml" default-target-url="/pages/main.xhtml"
    			authentication-failure-url="/login.xhtml" />
    
      <logout logout-url="/logout" invalidate-session="true"
    			logout-success-url="/login.xhtml" />
    </http>
    and my login.xhtml:

    Code:
    <?xml version="1.0" encoding="UTF-8" standalone="no"?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml"
    	xmlns:f="http://java.sun.com/jsf/core"
    	xmlns:h="http://java.sun.com/jsf/html"
    	xmlns:ui="http://java.sun.com/jsf/facelets"
    	xmlns:p="http://primefaces.org/ui">
    ...
    <h:form>
    <h:panelGrid columns="2" cellpadding="2">
    <h:outputLabel for="#{loginBean.userName}" value="Username" />
    <h:inputText id="j_username" value="#{loginBean.userName}"
    label="Username"></h:inputText>
    <h:outputLabel for="#{loginBean.password}" value="Password" />
    <h:inputSecret id="j_password" value="#{loginBean.password}"></h:inputSecret>
    <div class="submit">
    <button type="submit"
    class="ui-button ui-widget ui-state-default ui-corner-all ui-button-text-only">
    <span class="ui-button-text">Login</span>
    </button>
    </div>
    </h:panelGrid>
    </h:form>
    ...
    </html>
    A defined authentification provider isn't called after a submit in requiresAuthentication because

    Code:
    uri = "<webapp>/login.xhtml"
    and

    Code:
    request.getContextPath() + filterProcessesUrl) = "<webapp>/j_spring_security_check"
    Set login-processing-url="/j_spring_security_check" or "/login.xhtml" in my form-login definition can't be a solution, because it generates a continuous-loop of AbstractProcesingFilter.requiresAuthentication() calls and an AuthenticationException in AbstractAuthenticationProcessingFilter before a login form is displayed for the first time?!

    Can someone help me? I'm looking for an running JSF 2 example (without any jsp pages)?!
    Last edited by nabert007; Jul 10th, 2012, 03:30 AM.

  • #2
    If you want a sample of using Spring Security and JSF I would recommend looking at the SWF samples (i.e. webflow-primefaces-showcase) which provide a good example of using Spring Security and JSF along with Spring Security JSF taglib integration. Make sure to read the reference which contains the sample documentation and the Spring Security integration documentation.

    PS: Please use code tags when posting code and configurations as it makes things much easier to read

    Comment

    Working...
    X