Announcement Announcement Module
Collapse
No announcement yet.
Unable to reach controller after spring security has authenticated Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Unable to reach controller after spring security has authenticated

    I am having some issues with the authentication process. I am using a pre auth filter that extends the AbstractAuthenticationProcessingFilter class. I am overriding the attemptAuthentication and requiresAuthentication methods. The attemptAuthenication is working as expected validating user data submitted from a client and generating a security token.

    The issue I have is after the authentication is complete I am not getting to the controller method and am receiving back a 404 not found response. If I turn off security I can reach the controller. What could the problem be?

    Here is some of my security configuration
    Code:
    <sec:http create-session="stateless" pattern="/private/**" entry-point-ref="http403ForbiddenEntryPoint" 
    		authentication-manager-ref="authManager">
    		<sec:port-mappings>
    			<sec:port-mapping http="8080" https="8081"/>
    		</sec:port-mappings>
    		<sec:intercept-url pattern="/private/auth" access="IS_AUTHENTICATED_ANONYMOUSLY" requires-channel="any" />
    		<sec:intercept-url pattern="/private/secure/**" access="ROLE_OPERATOR" requires-channel="any"/>
    		<sec:custom-filter position="PRE_AUTH_FILTER" ref="authFilter"/>
     	</sec:http>
    
    <bean id="authFilter" class="...AuthFilter">
    		<property name="authenticationManager" ref="authManager" />
    	</bean>
    
    	<sec:authentication-manager id="authManager">
    		<sec:authentication-provider ref="authProvider" /> 
    	</sec:authentication-manager>
    web.xml
    Code:
    <filter>
    	  <filter-name>springSecurityFilterChain</filter-name>
    	  <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    	</filter>
    	
    	<filter-mapping>
    	  <filter-name>springSecurityFilterChain</filter-name>
    	  <url-pattern>/*</url-pattern>
    	</filter-mapping>

    Here are some logs after authentication is complete

    org.springframework.security.web.DefaultRedirectSt rategy (DefaultRedirectStrategy.java:36) - Redirecting to '/testapp/'

    org.springframework.security.web.context.SecurityC ontextPersistenceFilter (SecurityContextPersistenceFilter.java:97) - SecurityContextHolder now cleared, as request processing completed

    org.springframework.security.web.util.AntPathReque stMatcher (AntPathRequestMatcher.java:103) - Checking match of request : '/'; against '/private/**'

    org.springframework.security.web.FilterChainProxy (FilterChainProxy.java:161) - / has no matching filters

    org.springframework.web.servlet.DispatcherServlet (DispatcherServlet.java:819) - DispatcherServlet with name 'start' processing GET request for [/testapp/]

    org.springframework.web.servlet.mvc.method.annotat ion.RequestMappingHandlerMapping (AbstractHandlerMethodMapping.java:213) - Looking up handler method for path /

    org.springframework.web.servlet.mvc.method.annotat ion.RequestMappingHandlerMapping (AbstractHandlerMethodMapping.java:223) - Did not find handler method for [/]

    org.springframework.web.servlet.PageNotFound (DispatcherServlet.java:1080) - No mapping found for HTTP request with URI [/test/] in DispatcherServlet with name 'start'
Working...
X