Announcement Announcement Module
Collapse
No announcement yet.
why is my doFilterInternal method not being called? Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • why is my doFilterInternal method not being called?

    Hi! Iīm trying to implement a filter that in the end will log the user navigation inside the system.

    My spring context goes like this:
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <b:beans xmlns="http://www.springframework.org/schema/beans"
    	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:b="http://www.springframework.org/schema/beans"
    	xmlns:context="http://www.springframework.org/schema/context"
    	xmlns:sec="http://www.springframework.org/schema/security"
    	xsi:schemaLocation="http://www.springframework.org/schema/beans
    						http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
    						http://www.springframework.org/schema/context
    						http://www.springframework.org/schema/context/spring-context-3.2.xsd
    	http://www.springframework.org/schema/security
        					http://www.springframework.org/schema/security/spring-security-3.1.xsd">
    
    	<!-- <sec:global-method-security secured-annotations="enabled" /> -->
    	<!-- Importa configuracion de seguridad de ldap -->
    	<import resource="classpath:/spring/ldap-config.xml" />
    
    	<sec:http pattern="/resources" security="none" />
    
    	<sec:http use-expressions="true" auto-config="true">
    
    		<sec:intercept-url pattern="/seguridad/login.xhtml"
    			access="permitAll" />
    		<sec:intercept-url pattern="/*.jsp" access="isAuthenticated()" />
    		<sec:intercept-url pattern="/" access="isAuthenticated()" />
    		<sec:intercept-url pattern="/views/**" access="isAuthenticated()" />
    
    		<sec:form-login login-page="/seguridad/login.xhtml"
    			authentication-failure-url="/seguridad/login.xhtml" />
    
    		<sec:logout invalidate-session="true" />
    
    		<sec:access-denied-handler error-page="/seguridad/accesoDenegado.xhtml" />
    
    		<sec:custom-filter ref="navegationFilter" after="FILTER_SECURITY_INTERCEPTOR" />
    	</sec:http>
    
    	<sec:authentication-manager alias="authenticationManager">
    		<sec:authentication-provider
    			user-service-ref="userDetailService" />
    	</sec:authentication-manager>
    
    	<b:bean id="navegationFilter" class="com.praxis.desvucem.web.service.seguridad.NavegationFilter" />
    
    
    </b:beans>
    and my filter class goes like this:
    Code:
    package com.praxis.desvucem.web.service.seguridad;
    
    import java.io.IOException;
    
    
    import javax.servlet.FilterChain;
    import javax.servlet.ServletException;
    import javax.servlet.http.HttpServletRequest;
    import javax.servlet.http.HttpServletResponse;
    
    import org.apache.log4j.Logger;
    
    import org.springframework.web.filter.RequestContextFilter;
    
    import javax.servlet.http.HttpSession;
    
    public class NavegationFilter extends RequestContextFilter {
    
        protected static Logger logger = Logger.getLogger("service");
    
        @Override
        // @LogMe
        protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
                throws ServletException, IOException {
    
            logger.debug("Running Navegation filter");
    
            HttpSession session = request.getSession(false);
    
            if (session != null) {
                logger.debug("User is trying to access site for the second time");
                logger.debug("Request URI: " + request.getRequestURI());
            }
            else {
                logger.debug("Session is null");
            }
    
            logger.debug("Continue with remaining filters");
            filterChain.doFilter(request, response);
        }
    
    }
    So when I run it, I donīt get any kind of error and my filter is even being fired but it neve calls my doFilterInternal method.
    Here is an excerpt of the log:
    Code:
    13:33:02.889 [168531621@qtp-1002845369-5] DEBUG o.s.security.web.FilterChainProxy - /seguridad/login.xhtml at position 6 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
    13:33:02.889 [168531621@qtp-1002845369-5] DEBUG o.s.security.web.FilterChainProxy - /seguridad/login.xhtml at position 7 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
    13:33:02.889 [168531621@qtp-1002845369-5] DEBUG o.s.s.w.a.AnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@9054b1a2: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@1c07a: RemoteIpAddress: 192.168.4.148; SessionId: 1v5ehc9tvkn7u1bft3w17n6wtv; Granted Authorities: ROLE_ANONYMOUS'
    13:33:02.889 [168531621@qtp-1002845369-5] DEBUG o.s.security.web.FilterChainProxy - /seguridad/login.xhtml at position 8 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
    13:33:02.889 [168531621@qtp-1002845369-5] DEBUG o.s.security.web.FilterChainProxy - /seguridad/login.xhtml at position 9 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
    13:33:02.889 [168531621@qtp-1002845369-5] DEBUG o.s.security.web.FilterChainProxy - /seguridad/login.xhtml at position 10 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
    13:33:02.889 [168531621@qtp-1002845369-5] DEBUG o.s.s.web.util.AntPathRequestMatcher - Checking match of request : '/seguridad/login.xhtml'; against '/seguridad/login.xhtml'
    13:33:02.889 [168531621@qtp-1002845369-5] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /seguridad/login.xhtml; Attributes: [permitAll]
    13:33:02.889 [168531621@qtp-1002845369-5] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@9054b1a2: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@1c07a: RemoteIpAddress: 192.168.4.148; SessionId: 1v5ehc9tvkn7u1bft3w17n6wtv; Granted Authorities: ROLE_ANONYMOUS
    13:33:02.889 [168531621@qtp-1002845369-5] DEBUG o.s.s.access.vote.AffirmativeBased - Voter: org.springframework.security.web.access.expression.WebExpressionVoter@9604a9e, returned: 1
    13:33:02.889 [168531621@qtp-1002845369-5] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Authorization successful
    13:33:02.890 [168531621@qtp-1002845369-5] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - RunAsManager did not change Authentication object
    13:33:02.890 [168531621@qtp-1002845369-5] DEBUG o.s.security.web.FilterChainProxy - /seguridad/login.xhtml at position 11 of 11 in additional filter chain; firing Filter: 'NavegationFilter'
    13:33:02.890 [168531621@qtp-1002845369-5] DEBUG o.s.security.web.FilterChainProxy - /seguridad/login.xhtml reached end of additional filter chain; proceeding with original chain
    So why isnīt my doFilterInternal being called?
    Thanks in advance.

  • #2
    Ok Iīve somehow managed to solve my problem by changing from RequestContextFilter to GenericFilterBean.
    In the extends of my class.

    Comment

    Working...
    X