Announcement Announcement Module
Collapse
No announcement yet.
HELP: RememberMe does not work Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • HELP: RememberMe does not work

    Hi,
    Must be something wrong in my configuration but just can not find out where.
    Problem: I do not see rememberMe being fired. No cookie is generated.

    Here is my configuration:

    1. login.jsp
    <form method="POST" action="j_acegi_security_check" focus="username">
    ......
    <input type="checkbox" name="_acegi_security_remember_me"/>
    </form>

    2. applicationContext-security.xml
    <bean id="filterChainProxy" class="net.sf.acegisecurity.util.FilterChainProxy" >
    <property name="filterInvocationDefinitionSource">
    <value>
    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    PATTERN_TYPE_APACHE_ANT
    /j_acegi_security_check*=httpSessionContextIntegrat ionFilter,authenticationProcessingFilter,rememberM eProcessingFilter
    /app/*.do*=httpSessionContextIntegrationFilter,remoteUs erFilter,rememberMeProcessingFilter,securityEnforc ementFilter
    /admin/*.do*=httpSessionContextIntegrationFilter,remoteUs erFilter,rememberMeProcessingFilter,securityEnforc ementFilter
    </value>
    </property>
    </bean>
    ......
    <bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderMana ger">
    <property name="providers">
    <list>
    <ref local="daoAuthenticationProvider"/>
    <ref local="anonymousAuthenticationProvider"/>
    <ref local="rememberMeAuthenticationProvider"/>
    </list>
    </property>
    </bean>
    ......

    <bean id="rememberMeProcessingFilter" class="net.sf.acegisecurity.ui.rememberme.Remember MeProcessingFilter">
    <property name="rememberMeServices">
    <ref local="rememberMeServices"/>
    </property>
    </bean>

    <bean id="rememberMeServices" class="net.sf.acegisecurity.ui.rememberme.TokenBas edRememberMeServices">
    <property name="authenticationDao">
    <ref local="jdbcAuthenticationDao"/></property>
    <property name="key"><value>canalRocks</value></property>
    <property name="tokenValiditySeconds">
    <value>1209600</value>
    </property>
    </bean>

    <bean id="rememberMeAuthenticationProvider" class="net.sf.acegisecurity.providers.rememberme.R ememberMeAuthenticationProvider">
    <property name="key"><value>canalRocks</value></property>
    </bean>


    I am using Acegi 0.8.1.

    The flow is something like this:
    * accessing http://localhost:8080/application
    * using welcome file /login.jsp
    * submit with 'remember me' selected
    * once authentication is success, go to home page.

    Here are the log messages. I do not find the place where the rememberMe service is being fired during the authentication process - do I have to put rememberMe as the first filter right after httpSessionContextIntegrationFilter :
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.intercept.web.PathBasedFilter InvocationDefinitionMap - Converted URL to lowercase, from: '/j_acegi_security_check'; to: '/j_acegi_security_check'
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.intercept.web.PathBasedFilter InvocationDefinitionMap - Candidate is: '/j_acegi_security_check'; pattern is /j_acegi_security_check*; matched=true
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.util.FilterChainProxy - /j_acegi_security_check at position 1 of 3 in additional filter chain; firing Filter: 'net.sf.acegisecurity.context.HttpSessionContextIn tegrationFilter@1db4c43'
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.context.HttpSessionContextInt egrationFilter - HttpSession returned null object for ACEGI_SECURITY_CONTEXT
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.context.HttpSessionContextInt egrationFilter - As ContextHolder null, setup ContextHolder with a fresh new instance: 'net.canal.security.CanalSecureContextImpl@1b3cc96 : Null authentication'
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.util.FilterChainProxy - /j_acegi_security_check at position 2 of 3 in additional filter chain; firing Filter: 'net.canal.security.CanalAuthenticationProcessingF ilter@1ddc3ea'
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.ui.AbstractProcessingFilter - Request is to process authentication
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.providers.ProviderManager - Authentication attempt using net.sf.acegisecurity.providers.dao.DaoAuthenticati onProvider
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.providers.dao.cache.EhCacheBa sedUserCache - Cache hit: false; username: alex
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.providers.dao.cache.EhCacheBa sedUserCache - Cache put: alex
    18.05.05 20:18:23 [http8080-Processor25] INFO net.sf.acegisecurity.providers.dao.event.LoggerLis tener - Authentication success for user: alex; details: net.sf.acegisecurity.ui.WebAuthenticationDetails@1 33fe5d: RemoteIpAddress: 127.0.0.1; SessionId: 42B43C085B2AE55A647C7CB9091250BD
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.ui.AbstractProcessingFilter - Authentication success: net.sf.acegisecurity.providers.UsernamePasswordAut henticationToken@809791: Username: net.sf.acegisecurity.providers.dao.User@5edcf5: Username: alex; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: 3, 3; Password: [PROTECTED]; Authenticated: false; Details: net.sf.acegisecurity.ui.WebAuthenticationDetails@1 33fe5d: RemoteIpAddress: 127.0.0.1; SessionId: 42B43C085B2AE55A647C7CB9091250BD; Granted Authorities: 3, 3
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.ui.AbstractProcessingFilter - Updated ContextHolder to contain the following Authentication: 'net.sf.acegisecurity.providers.UsernamePasswordAu thenticationToken@809791: Username: net.sf.acegisecurity.providers.dao.User@5edcf5: Username: alex; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: 3, 3; Password: [PROTECTED]; Authenticated: false; Details: net.sf.acegisecurity.ui.WebAuthenticationDetails@1 33fe5d: RemoteIpAddress: 127.0.0.1; SessionId: 42B43C085B2AE55A647C7CB9091250BD; Granted Authorities: 3, 3'
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.ui.AbstractProcessingFilter - Redirecting to target URL from HTTP Session (or default): /Canal/admin/MyHomePageManager.do?MyHomePageManager.prepare
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.context.HttpSessionContextInt egrationFilter - Context stored to HttpSession: 'net.canal.security.CanalSecureContextImpl@1b3cc96 : Authentication: net.sf.acegisecurity.providers.UsernamePasswordAut henticationToken@809791: Username: net.sf.acegisecurity.providers.dao.User@5edcf5: Username: alex; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: 3, 3; Password: [PROTECTED]; Authenticated: false; Details: net.sf.acegisecurity.ui.WebAuthenticationDetails@1 33fe5d: RemoteIpAddress: 127.0.0.1; SessionId: 42B43C085B2AE55A647C7CB9091250BD; Granted Authorities: 3, 3'
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.context.HttpSessionContextInt egrationFilter - ContextHolder set to null as request processing completed
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.intercept.web.PathBasedFilter InvocationDefinitionMap - Converted URL to lowercase, from: '/admin/myhomepagemanager.do?myhomepagemanager.prepare'; to: '/admin/myhomepagemanager.do?myhomepagemanager.prepare'
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.intercept.web.PathBasedFilter InvocationDefinitionMap - Candidate is: '/admin/myhomepagemanager.do?myhomepagemanager.prepare'; pattern is /j_acegi_security_check*; matched=false
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.intercept.web.PathBasedFilter InvocationDefinitionMap - Candidate is: '/admin/myhomepagemanager.do?myhomepagemanager.prepare'; pattern is /app/*.do*; matched=false
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.intercept.web.PathBasedFilter InvocationDefinitionMap - Candidate is: '/admin/myhomepagemanager.do?myhomepagemanager.prepare'; pattern is /admin/*.do*; matched=true
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.util.FilterChainProxy - /admin/MyHomePageManager.do?MyHomePageManager.prepare at position 1 of 4 in additional filter chain; firing Filter: 'net.sf.acegisecurity.context.HttpSessionContextIn tegrationFilter@1db4c43'
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.context.HttpSessionContextInt egrationFilter - Obtained from ACEGI_SECURITY_CONTEXT a valid Context and set to ContextHolder: 'net.canal.security.CanalSecureContextImpl@1b3cc96 : Authentication: net.sf.acegisecurity.providers.UsernamePasswordAut henticationToken@809791: Username: net.sf.acegisecurity.providers.dao.User@5edcf5: Username: alex; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: 3, 3; Password: [PROTECTED]; Authenticated: false; Details: net.sf.acegisecurity.ui.WebAuthenticationDetails@1 33fe5d: RemoteIpAddress: 127.0.0.1; SessionId: 42B43C085B2AE55A647C7CB9091250BD; Granted Authorities: 3, 3'
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.util.FilterChainProxy - /admin/MyHomePageManager.do?MyHomePageManager.prepare at position 2 of 4 in additional filter chain; firing Filter: 'net.sf.acegisecurity.wrapper.ContextHolderAwareRe questFilter@275b35'
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.util.FilterChainProxy - /admin/MyHomePageManager.do?MyHomePageManager.prepare at position 3 of 4 in additional filter chain; firing Filter: 'net.sf.acegisecurity.ui.rememberme.RememberMeProc essingFilter@7612a'
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.ui.rememberme.RememberMeProce ssingFilter - ContextHolder not replaced with remember-me token, as ContextHolder already contained: 'net.sf.acegisecurity.providers.UsernamePasswordAu thenticationToken@809791: Username: net.sf.acegisecurity.providers.dao.User@5edcf5: Username: alex; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: 3, 3; Password: [PROTECTED]; Authenticated: false; Details: net.sf.acegisecurity.ui.WebAuthenticationDetails@1 33fe5d: RemoteIpAddress: 127.0.0.1; SessionId: 42B43C085B2AE55A647C7CB9091250BD; Granted Authorities: 3, 3'
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.util.FilterChainProxy - /admin/MyHomePageManager.do?MyHomePageManager.prepare at position 4 of 4 in additional filter chain; firing Filter: 'net.sf.acegisecurity.intercept.web.SecurityEnforc ementFilter@7c3b99'
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.intercept.web.PathBasedFilter InvocationDefinitionMap - Converted URL to lowercase, from: '/admin/myhomepagemanager.do?myhomepagemanager.prepare'; to: '/admin/myhomepagemanager.do?myhomepagemanager.prepare'
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.intercept.web.PathBasedFilter InvocationDefinitionMap - Candidate is: '/admin/myhomepagemanager.do?myhomepagemanager.prepare'; pattern is /app/*.do*; matched=false
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.intercept.web.PathBasedFilter InvocationDefinitionMap - Candidate is: '/admin/myhomepagemanager.do?myhomepagemanager.prepare'; pattern is /admin/*.do*; matched=true
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.intercept.AbstractSecurityInt erceptor - Secure object: FilterInvocation: URL: /admin/MyHomePageManager.do?MyHomePageManager.prepare; ConfigAttributes: [1, 2, 3]
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.providers.ProviderManager - Authentication attempt using net.sf.acegisecurity.providers.dao.DaoAuthenticati onProvider
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.providers.dao.cache.EhCacheBa sedUserCache - Cache hit: true; username: alex
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.intercept.AbstractSecurityInt erceptor - Authenticated: net.sf.acegisecurity.providers.UsernamePasswordAut henticationToken@1cfb8d3: Username: net.sf.acegisecurity.providers.dao.User@5edcf5: Username: alex; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: 3, 3; Password: [PROTECTED]; Authenticated: true; Details: net.sf.acegisecurity.ui.WebAuthenticationDetails@1 33fe5d: RemoteIpAddress: 127.0.0.1; SessionId: 42B43C085B2AE55A647C7CB9091250BD; Granted Authorities: 3, 3
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.intercept.AbstractSecurityInt erceptor - Authorization successful
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.intercept.AbstractSecurityInt erceptor - RunAsManager did not change Authentication object
    18.05.05 20:18:23 [http8080-Processor25] DEBUG net.sf.acegisecurity.util.FilterChainProxy - /admin/MyHomePageManager.do?MyHomePageManager.prepare reached end of additional filter chain; proceeding with original chain
    filters

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    many thanks !

  • #2
    I cannot see your CanalAuthenticationProcessingFilter configuration or what it does. I presume it's based on AuthenticationProcessingFilter, whose superclass (AbstractProcessingFilter) has a property, rememberMeServices, that must be set to your TokenBasedRememberMeServices bean. Would you please double-check that. If problems remain, try switching to the stock-standard AuthenticationProcessingFilter or post your CanalAuthenticationProcessingFilter here so that I can take a look at what it's doing.

    Comment


    • #3
      Hi Ben,
      thank you very much for your help. Yes, you are right, the problem is I did not specify the rememberServices for the authenticationProcessingFilter. - I also just realized that you have specifically mentioned this in the online doc in fact ! sorry.

      I have one more question regarding remember me service. In my own authentionProcessingFilter, I have added some extra information into session upon sucessful login, I need to add the same info also after rememberMe authentication, how should I do this ?

      Should I extend TokenBasedRememberMeServices and develop my own loginSuccess() or if there are other easier and better ways to do this ?

      thanks again for your help, Acegi is great !

      li xin

      Comment

      Working...
      X