Announcement Announcement Module
Collapse
No announcement yet.
No redirection After login Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • No redirection After login

    Hi,

    I have no redirection after login using a custom form with spring security

    i defined my securitis configs in an external xml file (applicationContext-security.xml)

    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <beans:beans xmlns="http://www.springframework.org/schema/security"
        xmlns:beans="http://www.springframework.org/schema/beans"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://www.springframework.org/schema/beans 
                        http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                        http://www.springframework.org/schema/security 
                        http://www.springframework.org/schema/security/spring-security-3.1.xsd">
    
        <http use-expressions="true">
        	<form-login login-page="/index.jsp" default-target-url="/liste-fiches.jsp" authentication-failure-url="/error.jsp"/>
            <intercept-url pattern="/index.jsp" access="permitAll()" />
            <intercept-url pattern="/css/**" access="permitAll()" />
            <intercept-url pattern="/js/**" access="permitAll()" />
            <intercept-url pattern="/img/**" access="permitAll()" />
            <intercept-url pattern="/resources/**" access="permitAll()" />
    	    <intercept-url pattern="/vues/**" access="isAuthenticated()" />
    	    <intercept-url pattern="/**" access="isAuthenticated()" />
        	
        	<logout />
        </http>
    
        <authentication-manager>
            <authentication-provider>
                <user-service>
                    <user name="patricx" password="test" authorities="supervisor, teller, user" />
                </user-service>
            </authentication-provider>
        </authentication-manager>
    </beans:beans>
    here is my web.xml file
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xmlns="http://java.sun.com/xml/ns/javaee"
        xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
        xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 
        					http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
        				id="WebApp_ID" version="2.5">
     
      <display-name>Suivi Collaborateurs</display-name>
        <context-param>
    	    <param-name>contextConfigLocation</param-name>
    	    <param-value>
    	    	/WEB-INF/spring-servlet.xml
    	      /WEB-INF/applicationContext-security.xml      
    	    </param-value>
    	</context-param>
    	<listener>
        	<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
        </listener>
    	<filter>
    		<filter-name>springSecurityFilterChain</filter-name>
    		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    	</filter>
    	<filter-mapping>
    		<filter-name>springSecurityFilterChain</filter-name>
    		<url-pattern>/*</url-pattern>
    	</filter-mapping>
        <servlet>
          <servlet-name>spring</servlet-name>
          <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
          <load-on-startup>1</load-on-startup>
        </servlet>
        <servlet-mapping>
          <servlet-name>spring</servlet-name>
          <url-pattern>*.html</url-pattern>
        </servlet-mapping>
        <servlet-mapping>
          <servlet-name>default</servlet-name>
          <url-pattern>*.less</url-pattern>
        </servlet-mapping>
        
        <servlet-mapping>
          <servlet-name>default</servlet-name>
          <url-pattern>*.css</url-pattern>
        </servlet-mapping>
        <servlet-mapping>
          <servlet-name>default</servlet-name>
          <url-pattern>*.js</url-pattern>
        </servlet-mapping>
        <servlet-mapping>
          <servlet-name>default</servlet-name>
          <url-pattern>*.ico</url-pattern>
        </servlet-mapping>
        <servlet-mapping>
          <servlet-name>default</servlet-name>
          <url-pattern>*.txt</url-pattern>
        </servlet-mapping>
        <servlet-mapping>
          <servlet-name>default</servlet-name>
          <url-pattern>*.gif</url-pattern>
        </servlet-mapping>
        <servlet-mapping>
          <servlet-name>default</servlet-name>
          <url-pattern>*.jpg</url-pattern>
        </servlet-mapping>
        <servlet-mapping>
          <servlet-name>default</servlet-name>
          <url-pattern>*.png</url-pattern>
        </servlet-mapping>
      
    	
        <welcome-file-list>
          <welcome-file>index.jsp</welcome-file>
        </welcome-file-list>
      </web-app>

    Does i need to import my applicationContext-security.xml in my applicationContext.xml??
    Code:
    <?xml  version="1.0" encoding="UTF-8"?>
    <beans xmlns="http://www.springframework.org/schema/beans"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xmlns:aop="http://www.springframework.org/schema/aop"
        xmlns:context="http://www.springframework.org/schema/context"
        xmlns:jee="http://www.springframework.org/schema/jee"
        xmlns:lang="http://www.springframework.org/schema/lang"
        xmlns:p="http://www.springframework.org/schema/p"
        xmlns:tx="http://www.springframework.org/schema/tx"
        xmlns:mvc="http://www.springframework.org/schema/mvc"
        xmlns:mongo="http://www.springframework.org/schema/data/mongo"
        xmlns:util="http://www.springframework.org/schema/util"
        xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
            http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
            http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
            http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee.xsd
            http://www.springframework.org/schema/lang http://www.springframework.org/schema/lang/spring-lang.xsd
            http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd
            http://www.springframework.org/schema/data/mongo http://www.springframework.org/schema/data/mongo/spring-mongo.xsd
            http://www.springframework.org/schema/spring-data-mongodb http://www.springframework.org/schema/spring-data-mongodb-1.2.xsd
            http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd	
            http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
     
    
      <context:annotation-config/>
      <context:component-scan base-package="com.sogeti"/>
      	
      	<mvc:interceptors>
    
    	<bean class="org.springframework.mobile.device.DeviceResolverHandlerInterceptor" />
    		
    	</mvc:interceptors>
      	<mvc:annotation-driven>
        	<mvc:argument-resolvers>
    	        <bean class="org.springframework.mobile.device.DeviceWebArgumentResolver" />
    	    </mvc:argument-resolvers>
    	</mvc:annotation-driven>
                                        
    	<bean id="viewResolver"
    	 	class=" org.springframework.web.servlet.view.InternalResourceViewResolver" >
    		<property name="prefix">
    			<value>/WEB-INF/vues/</value>
    		</property>
    		<property name="suffix">
    			<value>.jsp</value>
    		</property>
    	</bean>
    
     	<mongo:mongo host="localhost" port="27017" />
    	<mongo:db-factory dbname="suivivicollaborateurs" />
     
    	<bean id="mongoTemplate" 
                    class="org.springframework.data.mongodb.core.MongoTemplate">
    		<constructor-arg name="mongoDbFactory" ref="mongoDbFactory" />
    	</bean>
    </beans>
    if yes where ?( top, bottom, .... )

    When i clic on enter on this form
    Code:
    <form method="post">
    			<fieldset>
    				<legend>Authentification</legend>
    				<p>
    					<label for="login"> Login :</label>
    					<input name="login"  placeholder="Login" id="login" type="text"/>
    				</p>
    				<p>
    					<label for="password"> Mot de Passe :</label>
    					<input name="password"  placeholder="********" id="password" type="password"/>
    				</p>
    				<p class="entrer">
    					<input name="entrer"  value="Entrer" id="entrer" type="button"/>
    				</p>
    			</fieldset>
    		</form>
    there is no redirection why? i can't find it

    How to fix the redirection problem

    Thanks

  • #2
    Your form tag looks like it is missing the action attribute. Make sure to post to the URL that UsernamePasswordAuthenticationFilter is listening to (in this case it is using the default "/j_spring_security_check"). When specifying the action ensure that you include the context root of your web application. If you use the tag libs this will be done automatically.

    Comment


    • #3
      Yes, your form is missing <form name='f' action="<c:url value='j_spring_security_check' />". After making this change, post login will be redirected to "/liste-fiches.jsp" which is configured as default-target-url.

      Comment


      • #4
        Thanks for your answers

        here is my index.jsp file which contains my login form
        Code:
        <%@ page language="java" contentType="text/html; charset=ISO-8859-1"
            pageEncoding="ISO-8859-1"%>
        <%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>
        <%@taglib uri="http://www.springframework.org/tags/form" prefix="f"%>
        <%@taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
        <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
        <html>
        <head>
        <meta name="viewport"
        	content="width=device-width,initial-scale=1,maximum-scale=1,minimum-scale=1,user-scalable=no" />
        <meta name="apple-mobile-web-app-capable" content="yes" />
        <link rel="shortcut icon" href="img/favicon.ico" type="image/vnd.microsoft.icon" />
        <link rel="stylesheet/less" type="text/css" href="css/suivicollaborateur.less" />
        <script src="js/less.js" type="text/javascript"></script>
        <script src="js/jquery-1.9.1.js" type="text/javascript"></script>
        <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
        <title>Suivi Collaborateur - Bienvenue</title>
        </head>
        <body>
        	<header>
        		<div class="dparties">
        			<h2 class="logo">
        				<img src="img/sogeti.png" />
        			</h2>
        			<h1 class="titre">Suivi Collaborateurs</h1>
        			 <nav id="menu">
        				<ul>
        					<li><a href="insertion.html"> Inserer une Mission </a></li>
        					<li><a href="liste-fiches.html"> Liste des Fiches </a></li>
        					<li><a href="liste-fiches.html"> Rechercher Une Fiche </a></li>
        				</ul>
        			</nav>
        		</div>
        	</header>
        	<section id="global">
        	<div id="authentification">
        		<form action="<c:url value='j_spring_security_check' />" name="f" method="post">
        			<fieldset>
        				<legend>Authentification</legend>
        				<p>
        					<label for="login"> Login :</label>
        					<input name="login"  placeholder="Login" id="login" type="text"/>
        				</p>
        				<p>
        					<label for="password"> Mot de Passe :</label>
        					<input name="password"  placeholder="********" id="password" type="password"/>
        				</p>
        				<p class="entrer">
        					<input name="entrer"  value="Entrer" id="entrer" type="submit"/>
        				</p>
        			</fieldset>
        		</form>
        		</div>
        	 </section>
        </body>
        </html>
        after login i have a 404 error on this page
        http://localhost:8080/suivicollabora...security_check

        Comment


        • #5
          Thanks

          I modified my form like this

          <form name='f' action='j_spring_security_check' method="post">
          <fieldset>
          <legend>Authentification</legend>
          <p>
          <label for="login"> Login :</label>
          <input name="login" placeholder="Login" id="login" type="text"/>
          </p>
          <p>
          <label for="password"> Mot de Passe :</label>
          <input name="password" placeholder="********" id="password" type="password"/>
          </p>
          <p class="entrer">
          <input name="entrer" value="Entrer" id="entrer" type="button"/>
          </p>
          </fieldset>
          </form>
          No redirection

          Comment


          • #6
            It looks like you found the remaining issue, but posted on this thread by mistake?

            Comment


            • #7
              @partick u need to use replace your action with this <c:url value='j_spring_security_check' />

              Comment


              • #8
                No(no mistake) I Was facing those two issues the other thread is solved

                This one is not yet solved i'm still facing the same problem

                Comment


                • #9
                  Can you go through this example in this project https://github.com/rrajendran/spring-security-demo

                  It uses custom login screen. It also redirects after login.

                  Comment


                  • #10
                    Originally posted by patricx View Post
                    No(no mistake) I Was facing those two issues the other thread is solved

                    This one is not yet solved i'm still facing the same problem
                    So this one is a submit button and you have updated your action URL to <c:url value='j_spring_security_check' /> as specified by
                    rameshchinnu61? If not, what do your logs look like? If you install something like Tamper Data what does your network traffic look like?

                    Comment


                    • #11
                      Yes i updated,
                      there is no error displayed in my tomcat console,
                      I'm working on my computer is it necessary to analyse network traffic??

                      this is what my web.xml looks like

                      Code:
                      <?xml version="1.0" encoding="UTF-8"?>
                      <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                          xmlns="http://java.sun.com/xml/ns/javaee"
                          xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
                          xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 
                          					http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
                          				id="WebApp_ID" version="2.5">
                       
                        <display-name>Suivi Collaborateurs</display-name>
                          <context-param>
                      	    <param-name>contextConfigLocation</param-name>
                      	    <param-value>
                      	    	/WEB-INF/spring-servlet.xml
                      	      /WEB-INF/applicationContext-security.xml      
                      	    </param-value>
                      	</context-param>
                      	<listener>
                          	<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
                          </listener>
                       <filter>
                      		<filter-name>springSecurityFilterChain</filter-name>
                      		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
                      	</filter>
                      	<filter-mapping>
                      		<filter-name>springSecurityFilterChain</filter-name>
                      		<url-pattern>/*</url-pattern>
                      	</filter-mapping>
                      
                          <servlet>
                            <servlet-name>spring</servlet-name>
                            <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
                            <load-on-startup>1</load-on-startup>
                          </servlet>
                          <servlet-mapping>
                            <servlet-name>spring</servlet-name>
                            <url-pattern>*.html</url-pattern>
                          </servlet-mapping>
                          <servlet-mapping>
                            <servlet-name>default</servlet-name>
                            <url-pattern>*.less</url-pattern>
                          </servlet-mapping>
                          
                          <servlet-mapping>
                            <servlet-name>default</servlet-name>
                            <url-pattern>*.css</url-pattern>
                          </servlet-mapping>
                          <servlet-mapping>
                            <servlet-name>default</servlet-name>
                            <url-pattern>*.js</url-pattern>
                          </servlet-mapping>
                          <servlet-mapping>
                            <servlet-name>default</servlet-name>
                            <url-pattern>*.ico</url-pattern>
                          </servlet-mapping>
                          <servlet-mapping>
                            <servlet-name>default</servlet-name>
                            <url-pattern>*.txt</url-pattern>
                          </servlet-mapping>
                          <servlet-mapping>
                            <servlet-name>default</servlet-name>
                            <url-pattern>*.gif</url-pattern>
                          </servlet-mapping>
                          <servlet-mapping>
                            <servlet-name>default</servlet-name>
                            <url-pattern>*.jpg</url-pattern>
                          </servlet-mapping>
                          <servlet-mapping>
                            <servlet-name>default</servlet-name>
                            <url-pattern>*.png</url-pattern>
                          </servlet-mapping>
                          <servlet-mapping>
                      	    <servlet-name>default</servlet-name>
                      	    <url-pattern>/j_spring_security_check</url-pattern>
                      	</servlet-mapping>
                          <welcome-file-list>
                            <welcome-file>index.jsp</welcome-file>
                          </welcome-file-list>
                        </web-app>
                      the index.jspredirects to login.jsp
                      Code:
                      <jsp:forward page="login.html" />
                      which constains my login form
                      Code:
                      <form name='f' action="<c:url value='j_spring_security_check' />" method="post">
                      			<fieldset>
                      				<legend>Authentification</legend>
                      				<p>
                      					<label for="login"> Login :</label>
                      					<input name="login"  placeholder="Login" id="login" type="text"/>
                      				</p>
                      				<p>
                      					<label for="password"> Mot de Passe :</label>
                      					<input name="password"  placeholder="********" id="password" type="password"/>
                      				</p>
                      				<p class="entrer">
                      					<input name="entrer"  value="Entrer" id="entrer" type="submit"/>
                      				</p>
                      				<p class="entrer">
                      					<input name="reset"  value="Reset" id="entrer" type="reset" />
                      				</p>
                      			</fieldset>
                      		</form>
                      my security config

                      Code:
                      <?xml version="1.0" encoding="UTF-8"?>
                      <beans:beans xmlns="http://www.springframework.org/schema/security"
                          xmlns:beans="http://www.springframework.org/schema/beans"
                          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                          xsi:schemaLocation="http://www.springframework.org/schema/beans 
                                          http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                                          http://www.springframework.org/schema/security 
                                          http://www.springframework.org/schema/security/spring-security-3.1.xsd">
                      
                          <http auto-config="true" use-expressions="true">
                          	<form-login login-page="/vues/login.html" 
                                  login-processing-url="/vues/liste-fiches.html" 
                                  default-target-url="/vues/liste-fiches.html" 
                                  authentication-failure-url="/error.html" 
                                  always-use-default-target="true"/>
                          	 <!-- Restrict URLs based on role -->
                          	  <anonymous /> 
                      		  <intercept-url pattern="/WEB-INF/vues/login.html*" access="permitAll()" />
                      		  <intercept-url pattern="/WEB-INF/vues/entete.html*" access="permitAll()" />
                      		  <intercept-url pattern="/login*" access="permitAll()" />
                      		  <intercept-url pattern="/index.html" access="permitAll()" />
                      		  <intercept-url pattern="/logoutSuccess*" access="permitAll()" />
                      		  <intercept-url pattern="/js/**" access="permitAll()" />
                      		  <intercept-url pattern="/css/**" access="permitAll()" />
                      		  <intercept-url pattern="/img/**" access="permitAll()" />
                      		  <intercept-url pattern="/**" access="isAuthenticated()" />
                          	
                          	<logout />
                          </http>
                      
                          <authentication-manager>
                              <authentication-provider>
                                  <user-service>
                                      <user name="patricx" password="test" authorities="user" />
                                  </user-service>
                              </authentication-provider>
                          </authentication-manager>
                      </beans:beans>
                      Thanks for your help

                      Comment


                      • #12
                        hi here are my logs http://pastebin.com/5YYcZpr2 thanks

                        Comment


                        • #13
                          Yes please post your request/responses using a plugin like Tamper Data.

                          I'm interested in the logs when you attempt to log in. Please post those in the forum with the code tags...the # button (this makes searching the forums easier for others).

                          One issue I see is your form is using the http parameter user and password instead of the input name j_username and j_password.

                          Comment


                          • #14
                            302 Status with tamper data

                            with tamper data i have a 302 status as noticed here

                            Code:
                            <?xml version="1.0"?>
                               <!-- Export of tamperdata transacions -->
                               <tdRequests>
                            <tdRequest uri="http%3A//localhost%3A8080/suivicollaborateur/j_spring_security_check"><tdStartTime>17:13:09.444</tdStartTime>
                            <tdStartTimeMS>1363968789444</tdStartTimeMS>
                            <tdElapsedTime>38</tdElapsedTime>
                            <tdTotalElapsedTime>38</tdTotalElapsedTime>
                            <tdStatus>302</tdStatus>
                            <tdStatusText>D%E9plac%E9%20Temporairement</tdStatusText><tdRequestMethod>POST</tdRequestMethod>
                            <tdContentSize>0</tdContentSize>
                            <tdMimeType>application/x-unknown-content-type</tdMimeType>
                            <tdRequestHeaders>
                            <tdRequestHeader name="Host">
                            localhost%3A8080</tdRequestHeader>
                            <tdRequestHeader name="User-Agent">
                            Mozilla/5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010.8%3B%20rv%3A14.0%29%20Gecko/20100101%20Firefox/14.0.1</tdRequestHeader>
                            <tdRequestHeader name="Accept">
                            text/html%2Capplication/xhtml+xml%2Capplication/xml%3Bq%3D0.9%2C*/*%3Bq%3D0.8</tdRequestHeader>
                            <tdRequestHeader name="Accept-Language">
                            fr%2Cfr-fr%3Bq%3D0.8%2Cen-us%3Bq%3D0.5%2Cen%3Bq%3D0.3</tdRequestHeader>
                            <tdRequestHeader name="Accept-Encoding">
                            gzip%2C%20deflate</tdRequestHeader>
                            <tdRequestHeader name="Connection">
                            keep-alive</tdRequestHeader>
                            <tdRequestHeader name="Referer">
                            http%3A//localhost%3A8080/suivicollaborateur/login.html</tdRequestHeader>
                            <tdRequestHeader name="Cookie">
                            JSESSIONID%3D61CF2AA7E513D17F8DCC03C3EAE55051</tdRequestHeader>
                            </tdRequestHeaders><tdPostHeaders><tdPostHeader name="Content-Type">
                            application/x-www-form-urlencoded
                            </tdPostHeader>
                            <tdPostHeader name="Content-Length">
                            45
                            </tdPostHeader>
                            </tdPostHeaders>
                            <tdPostElements>
                            <tdPostElement name="j_username">
                            test
                            </tdPostElement>
                            <tdPostElement name="j_password">
                            test
                            </tdPostElement>
                            <tdPostElement name="entrer">
                            Entrer
                            </tdPostElement>
                            </tdPostElements>
                            <tdResponseHeaders><tdResponseHeader name="Server">
                            Apache-Coyote/1.1
                            </tdResponseHeader>
                            <tdResponseHeader name="Location">
                            http%3A//localhost%3A8080/suivicollaborateur/login.html
                            </tdResponseHeader>
                            <tdResponseHeader name="Content-Length">
                            0
                            </tdResponseHeader>
                            <tdResponseHeader name="Date">
                            Fri%2C%2022%20Mar%202013%2016%3A13%3A09%20GMT
                            </tdResponseHeader>
                            </tdResponseHeaders>
                            </tdRequest>
                            </tdRequests>

                            Comment


                            • #15
                              I noticed that you have changed the login-processing-url so instead of submitting to /j_spring_security_check you must post to /vues/liste-fiches.html

                              Comment

                              Working...
                              X