Announcement Announcement Module
Collapse
No announcement yet.
Remember me - major problem Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Remember me - major problem

    I have this situation:

    1. an acegi-secured.jsp
    2. and a style.css link inside of it.

    I've obeserved following:

    1. Access to the acegi-secured.jsp page triggers rememberMe's autoLogin, it finishes successfully. getRequestSessionID of this operation is, let's say "A"
    2. Shortly after a request for style.css follows, once AGAIN (!!!) triggering rememberMe's autologin, with different getRequestSessionID of this operation is, let's say "B".

    Every following call either to this page or the following ones works properly, as long as session is valid.

    I need to maintain my logged user's list, so I put in a register every event of type InteractiveAuthenticationSuccessEvent. Issue above results in many, many bogus user records. Points 1. and 2. above result on two complete different instances of UserDetails in events coming from these Rememberme actions.


    Please help, this kills me...


    My filterchain:
    /**=httpSessionContextIntegrationFilter,logoutFilte r
    ,authenticationProcessingFilter,rememberMeProcessi ngFilter,anonymousProcessingFilter,exceptionTransl ationFilter,
    filterInvocationInterceptor

    Environment: Acegi Security 1.0.3, problem noticed on Firefox, Opera, IE.
    Last edited by przemjaskier; Apr 19th, 2007, 10:50 AM.

  • #2
    Set up a different chain for you css files etc, so they aren't protected. You'll find this discussed elsewhere in the forum.

    Comment


    • #3
      You might want to do a search for #NONE#.
      e.g.
      http://forum.springframework.org/arc...p/t-35720.html

      Comment

      Working...
      X