Announcement Announcement Module
Collapse
No announcement yet.
Authenticating from a mobile app return a 302 status Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Authenticating from a mobile app return a 302 status

    The server side of the solution is using Spring security to authenticate it's users. When I try to login from the web page works fine but when I try the same from the mobile app, it receives a 302 http status.

    This is the security context I'm using

    <security:http auto-config="true" lowercase-comparisons="false" use-expressions="true" >
    <security:intercept-url pattern="/app/**" access="isAuthenticated()" />
    <security:access-denied-handler error-page="/services/security/deniedAccess.json" />

    <security:form-login login-page="/app/login.html" login-processing-url="/app/loginProcess"
    default-target-url="/app/home.html"
    authentication-failure-url="/services/security/deniedAccess.json" />

    <security:logout logout-success-url="/app/login.html" logout-url="/app/logout.html" />
    </security:http>


    <bean id="sessionRegistry" class="org.springframework.security.core.session.S essionRegistryImpl"/>

    <!-- Override the default password-encoder (SHA) by uncommenting the following and changing the class -->
    <bean id="passwordEncoder" class="org.springframework.security.authentication .encoding.ShaPasswordEncoder" />

    <security:authentication-manager alias="authenticationManager">
    <security:authentication-provider user-service-ref="userSecurityService">
    <securityassword-encoder ref="passwordEncoder"/>
    </security:authentication-provider>
    </security:authentication-manager>
    <security:global-method-security secured-annotations="enabled" />

    </beans>

  • #2
    You need a different set of filters for processing mobile authentication requests. The web page filters will always perform a server-side redirect (302 HTTP Status) no matter if the authentication was successful or not.

    Comment

    Working...
    X