Announcement Announcement Module
Collapse
No announcement yet.
Two different login form Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Two different login form

    Hello, All!

    I'm using Spring Security 3.1.2-RELEASE
    I have two different resources - /account/ and /backend/, and I need to implement two different login form for them.

    I try to reach that by the follows config:
    Code:
    	<http pattern="/account/**" auto-config="true" use-expressions="true">
    		<intercept-url pattern="/account/**" access="isAuthenticated()" />
    		<form-login login-page="/login.html"
    				default-target-url="/account/history.html"
    				authentication-failure-url="/login.html"/>
    		<logout delete-cookies="JSESSIONID" />
    	</http>
    
    	<http pattern="/backend/**" use-expressions="true">
    		<intercept-url pattern="/backend/login.html" access="permitAll" />
    		<intercept-url pattern="/backend/**" access="isAuthenticated()" />
    		<form-login login-page="/backend/login.html" 
    				default-target-url="/backend/accounts.html"
    				authentication-failure-url="/backend/login.html"/>
    		<logout delete-cookies="JSESSIONID" />
    	</http>
    But it does't work.
    I alway get exception:
    Code:
    Caused by: java.lang.IllegalArgumentException: A universal match pattern ('/**') is defined  before other patterns in the filter chain, causing them to be ignored. Please check the ordering in your <security:http> namespace or FilterChainProxy bean configuration
    What I'm doing wrong? Where is my mistake?
Working...
X