Announcement Announcement Module
Collapse
No announcement yet.
"remember me" requires refresh? №2 Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • "remember me" requires refresh? №2

    Hi to all!
    have a problem like this:
    Only after page refreshing my RememberMe service , I automatic login to site. Sometimes site didn't load ActionScript3 content.

    I debug my class that extends RememberMeAuthenticationProvider. It's seems than authentication goes well

    I've read previous topic " remember me requires refresh? " but it doesn't help me



    I've try to use SecurityContextHolder.getContext().getAuthenticati on().getPrincipal();
    but it doesn't helped me too .


    I test diferent sequesnce of filters like this
    Code:
    httpSessionContextIntegrationFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,authenticationProcessingFilter,logoutFilter,exceptionTranslationFilter,filterInvocationInterceptor

    What I even didn't try

    my security xml file :
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    
    
    	<!-- Filters -->
    	<bean id="filterChainProxy"
    		class="org.acegisecurity.util.FilterChainProxy">
    		<property name="filterInvocationDefinitionSource">
    			<value>
    				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    				PATTERN_TYPE_APACHE_ANT
    				/**=httpSessionContextIntegrationFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,authenticationProcessingFilter,logoutFilter,exceptionTranslationFilter,filterInvocationInterceptor
    
    			</value>
    		</property>
    	</bean>
    
    
    	<bean id="daoAuthenticationProvider"
    		class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
    		<property name="userDetailsService" ref="securityService" />
    		<property name="passwordEncoder">
    			<ref bean="passwordEncoder" />
    		</property>
    	</bean>
    
    	<bean id="httpSessionContextIntegrationFilter"
    		class="org.acegisecurity.context.HttpSessionContextIntegrationFilter" />
    
    	<bean id="logoutFilter"
    		class="org.acegisecurity.ui.logout.LogoutFilter">
    		<constructor-arg value="/c/home" />
    		<constructor-arg>
    			<list>
    				<ref bean="rememberMeService"/>
    				<bean class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler" />
    			</list>
    		</constructor-arg>
    
    		<property name="filterProcessesUrl" value="/c/logout" />
    	</bean>
    
    	<bean id="authenticationProcessingFilter"
    		class="com.xxx.core.security.filters.xxxAuthentificationFilter">
    		<property name="authenticationManager"
    			ref="authenticationManager" />
    		<property name="authenticationFailureUrl" value="/c/login" />
    		<property name="defaultTargetUrl" value="/c/home" />
    		<property name="alwaysUseDefaultTargetUrl" value="true" />
    		<property name="filterProcessesUrl"
    			value="/c/login/check_login" />
    		<property name="rememberMeServices" ref="rememberMeService" />
    	</bean>
    
    	<bean id="securityContextHolderAwareRequestFilter"
    		class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter" />
    
    	<bean id="rememberMeProcessingFilter"
    		class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">
    		<property name="authenticationManager"
    			ref="authenticationManager" />
    		<property name="rememberMeServices" ref="rememberMeService" />
    	</bean>
    
    	<bean id="anonymousProcessingFilter"
    		class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
    		<property name="userAttribute"
    			value="anonymousUser,ROLE_ANONYMOUS" />
    		<property name="key" value="xxx" />
    	</bean>
    
    	<bean id="exceptionTranslationFilter"
    		class="org.acegisecurity.ui.ExceptionTranslationFilter">
    		<property name="authenticationEntryPoint">
    			<bean
    				class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
    				<property name="loginFormUrl" value="/c/login" />
    				<property name="forceHttps" value="false" />
    			</bean>
    		</property>
    		<property name="accessDeniedHandler">
    			<bean
    				class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
    				<property name="errorPage" value="/c/access_denied" />
    			</bean>
    		</property>
    	</bean>
    
    	<!-- Interceptor -->
    	<bean id="filterInvocationInterceptor"
    		class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
    		<property name="authenticationManager"
    			ref="authenticationManager" />
    		<property name="accessDecisionManager">
    
    			<bean class="org.acegisecurity.vote.AffirmativeBased">
    				<property name="allowIfAllAbstainDecisions"
    					value="false" />
    				<property name="decisionVoters">
    					<list>
    						<bean class="org.acegisecurity.vote.RoleVoter" />
    						<bean
    							class="org.acegisecurity.vote.AuthenticatedVoter" />
    					</list>
    				</property>
    			</bean>
    		</property>
    		<property name="objectDefinitionSource">
    			<value>
    				<![CDATA[
    					CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    					PATTERN_TYPE_APACHE_ANT
    
    					/c/login/**=ROLE_ANONYMOUS
    
    					/c/profile/**=ROLE_USER
    
    					/c/**=IS_AUTHENTICATED_ANONYMOUSLY
    
    					/c/xmlrpc/**=ROLE_ANONYMOUS
    	    		]]>
    			</value>
    		</property>
    	</bean>
    	<!-- /c/**=IS_AUTHENTICATED_REMEMBERED -->
    	<!-- Services -->
    	<bean id="rememberMeService"
    		class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices">
    		<property name="userDetailsService" ref="securityService" />
    		<!-- refers to xxx security service -->
    		<property name="tokenValiditySeconds" value="1209600" />
    		<!-- equals to 14 days -->
    		<property name="cookieName" value="xxx_member" />
    		<property name="key" value="xxx" />
    	</bean>
    
    	<!-- Managers -->
    	<bean id="authenticationManager"
    		class="org.acegisecurity.providers.ProviderManager">
    		<property name="providers">
    			<list>
    				<ref bean="xxxDAOAuthenticationProvider" />
    				<ref bean="xxxRememberMeAuthenticationProvider" />
    				<ref bean="anonymousAuthenticationProvider" />
    			</list>
    		</property>
    	</bean>
    
    	<!-- Providers -->
    	<bean id="xxxDAOAuthenticationProvider"
    		class="com.xxx.core.security.providers.xxxDAOAuthenticationProvider">
    		<property name="securityService" ref="securityService" />
    		<property name="passwordEncoder" ref="passwordEncoder" />
    	</bean>
    	<bean id="xxxRememberMeAuthenticationProvider"
    		class="com.xxx.core.security.providers.xxxRememberMeAuthenticationProvider">
    		<property name="key" value="xxx" />
    	</bean>
    	<bean id="anonymousAuthenticationProvider"
    		class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
    		<property name="key" value="xxx" />
    	</bean>
    
    	<bean id="passwordEncoder"
    		class="org.acegisecurity.providers.encoding.Md5PasswordEncoder" />
    </beans>




    getting AuthenticatedUserName using SecurityContext :
    Code:
     public String getAuthenticatedUserName(SecurityContext context) {
            if (context == null) {
                return null;
            }
    
            Authentication authentication = context.getAuthentication();
           if (authentication == null) {
                return null;
            }
          
            Object principal = authentication.getPrincipal();
            if ((principal == null) || !(principal instanceof User)) {
                return null;
            }
            return ((User) principal).getUsername();
           
        }

    Anyone have some idea how to fix this bug ?
    Last edited by sentor; Oct 22nd, 2008, 06:45 AM.

  • #2
    Hi again


    Any your inputs will be welcome....

    Thanks

    Comment


    • #3
      the configutation seems to be ok
      can you post the debug console in that section

      Comment

      Working...
      X