Announcement Announcement Module
Collapse
No announcement yet.
Multiple Authentication Entry Points Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    The page flow likes such:
    1. loginMain.jsp ----> loginMainServlet ----> j_acegi_security_check_home ----> userWelcome.jsp

    2. login.jsp ----> loginServlet ----> j_acegi_security_check ----> mainMenu.html

    3. userWelcome.jsp -----> logoutMain.jsp ----> loginFilter (invalidate the session and ContextHolder.setContext(null)

    4. mainMenu.html ----> logout.jsp ---> loginFilter(invalidate the session and ContextHolder.setContext(null)

    Comment


    • #17
      What's the problem with that? AFAICS it's behaving as configured.

      Comment


      • #18
        The page flow I posted is the result I want. But actually not.

        I have tried two filters in applicationContext.xml file, page flow 1 is correct, but page flow 2 is not, the error info is : j_acegi_security_check can't be found.

        Then I returned to the previous trick: using servlet and jsp to authenticate user and populate session. The first time I logged in on the home page(loginMain.jsp), and showed userWelcome.jsp, this is correct. After logged out through logout.jsp, I returned to the loginMain.jsp. But when I logged in through loginMain.jsp again, I got the login.jsp. This is the problem: for it should display mainMenu.html.

        Comment


        • #19
          The following information is copied from tomcat console. From the second login to showing login.jsp:
          Code:
          [edusupp] DEBUG [Thread-13] LoginMainServlet.execute(93) | Encrypting password f
          or user 'student_1'
          [edusupp] DEBUG [Thread-13] ProviderManager.doAuthentication(125) | Authenticati
          on attempt using net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider
          [edusupp] DEBUG [Thread-13] EhCacheBasedUserCache.getUserFromCache(86) | Cache h
          it: false; username: student_1
          [edusupp] DEBUG [Thread-13] EhCacheBasedUserCache.putUserInCache(119) | Cache pu
          t: student_1
          [edusupp] INFO [Thread-13] UserCounterListenerSpring.onApplicationEvent(55) | Au
          thentication success for user: student_1; details: 127.0.0.1
          [edusupp] DEBUG [Thread-13] SecurityEnforcementFilter.doFilter(168) | Chain proc
          essed normally
          [edusupp] DEBUG [Thread-13] AbstractIntegrationFilter.doFilter(176) | Updating c
          ontainer with new Authentication object, and then removing Authentication from C
          ontextHolder
          [edusupp] DEBUG [Thread-13] AbstractIntegrationFilter.doFilter(164) | Authentica
          tion not added to ContextHolder (could not extract an authentication object from
           the container which is an instance of Authentication)
          [edusupp] DEBUG [Thread-13] AbstractSecurityInterceptor.interceptor(346) | Publi
          c object - authentication not attempted
          [edusupp] DEBUG [Thread-13] SecurityEnforcementFilter.doFilter(168) | Chain proc
          essed normally
          [edusupp] DEBUG [Thread-13] AbstractIntegrationFilter.doFilter(176) | Updating c
          ontainer with new Authentication object, and then removing Authentication from C
          ontextHolder
          [edusupp] DEBUG [Thread-13] AbstractIntegrationFilter.doFilter(164) | Authentica
          tion not added to ContextHolder (could not extract an authentication object from
           the container which is an instance of Authentication)
          [edusupp] DEBUG [Thread-13] AbstractSecurityInterceptor.interceptor(346) | Publi
          c object - authentication not attempted
          [edusupp] DEBUG [Thread-13] SecurityEnforcementFilter.doFilter(168) | Chain proc
          essed normally
          [edusupp] DEBUG [Thread-13] AbstractIntegrationFilter.doFilter(176) | Updating c
          ontainer with new Authentication object, and then removing Authentication from C
          ontextHolder
          [edusupp] DEBUG [Thread-13] AbstractIntegrationFilter.doFilter(164) | Authentica
          tion not added to ContextHolder (could not extract an authentication object from
           the container which is an instance of Authentication)
          [edusupp] DEBUG [Thread-13] AbstractSecurityInterceptor.interceptor(273) | Secur
          e object: FilterInvocation: URL: /mainMenu.html; ConfigAttributes: [ROLE_SUPERVI
          SOR, ROLE_STUDENT, ROLE_TEACHER, ROLE_PARENT, ROLE_EXPERT, ROLE_CA]
          [edusupp] DEBUG [Thread-13] SecurityEnforcementFilter.doFilter(191) | Authentica
          tion failed - adding target URL to Session: http://localhost:8080/edusupp/mainMe
          nu.html
          net.sf.acegisecurity.AuthenticationCredentialsNotFoundException: Authentication
          credentials were not found in the SecureContext
                  at net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.intercepto
          r(AbstractSecurityInterceptor.java:289)
                  at net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor.invoke(F
          ilterSecurityInterceptor.java:78)
                  at net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter.doFilter
          (SecurityEnforcementFilter.java:165)
                  at net.sf.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProx
          y.java:88)
                  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
          icationFilterChain.java:213)
                  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
          ilterChain.java:193)
                  at net.sf.acegisecurity.ui.AbstractIntegrationFilter.doFilter(AbstractIn
          tegrationFilter.java:170)
                  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
          icationFilterChain.java:213)
                  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
          ilterChain.java:193)
                  at net.sf.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractPro
          cessingFilter.java:368)
                  at net.sf.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProx
          y.java:88)
                  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
          icationFilterChain.java:213)
                  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
          ilterChain.java:193)
                  at org.displaytag.filter.ResponseOverrideFilter.doFilter(ResponseOverrid
          eFilter.java:88)
                  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
          icationFilterChain.java:213)
                  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
          ilterChain.java:193)
                  at org.appfuse.webapp.filter.GZIPFilter.doFilter(GZIPFilter.java:51)
                  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
          icationFilterChain.java:213)
                  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
          ilterChain.java:193)
                  at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
          alve.java:256)
                  at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
          t.invokeNext(StandardPipeline.java:643)
                  at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav
          a:480)
                  at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
          
                  at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
          alve.java:191)
                  at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
          t.invokeNext(StandardPipeline.java:643)
                  at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav
          a:480)
                  at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
          
                  at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:
          2415)
                  at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
          ava:180)
                  at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
          t.invokeNext(StandardPipeline.java:643)
                  at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatche
          rValve.java:171)
                  at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
          t.invokeNext(StandardPipeline.java:641)
                  at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
          ava:172)
                  at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
          t.invokeNext(StandardPipeline.java:641)
                  at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav
          a:480)
                  at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
          
                  at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
          ve.java:174)
                  at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContex
          t.invokeNext(StandardPipeline.java:643)
                  at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav
          a:480)
                  at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
          
                  at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:22
          3)
                  at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
          :594)
                  at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce
          ssConnection(Http11Protocol.java:392)
                  at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java
          :565)
                  at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadP
          ool.java:619)
                  at java.lang.Thread.run(Thread.java:534)
          [edusupp] DEBUG [Thread-13] AuthenticationProcessingFilterEntryPoint.commence(17
          6) | Redirecting to: http://localhost:8080/edusupp/login.jsp
          [edusupp] DEBUG [Thread-13] AbstractIntegrationFilter.doFilter(176) | Updating c
          ontainer with new Authentication object, and then removing Authentication from C
          ontextHolder
          [edusupp] DEBUG [Thread-13] AbstractIntegrationFilter.doFilter(164) | Authentica
          tion not added to ContextHolder (could not extract an authentication object from
           the container which is an instance of Authentication)
          [edusupp] DEBUG [Thread-13] AbstractSecurityInterceptor.interceptor(346) | Publi
          c object - authentication not attempted
          [edusupp] DEBUG [Thread-13] SecurityEnforcementFilter.doFilter(168) | Chain proc
          essed normally
          [edusupp] DEBUG [Thread-13] AbstractIntegrationFilter.doFilter(176) | Updating c
          ontainer with new Authentication object, and then removing Authentication from C
          ontextHolder
          login user name : student_1, and his password is encrypted using sha. His role is ROLE_STUDENT.

          Comment

          Working...
          X