Announcement Announcement Module
Collapse
No announcement yet.
how to use defaulttargeturl for basic processing filter Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • how to use defaulttargeturl for basic processing filter

    I implemented Basic Processing Filter for in my application, which is working fine. But If I try to access any middle jsp page, soon authentication, it should be redirected to home page, which is not happening in the moment.
    I know that it could be possible to restrict the access of other pages, after login using few properties like defaultTargetURL, authentication failure URL, which are available only with authentication processing filter.
    Is there any way that I use similar properties with Basic processing filter?
    Please suggest and I appreciate your early response.
    Thanks
    Krishna

  • #2
    can any one please respond to this mail?
    Thanks

    Comment


    • #3
      You should look at exceptionProcessingFilter.

      Comment


      • #4
        how does exception translationfilter helps here?
        what type of exception it could be?

        If I try to access some middle jsp page, officially it should be redirected to homepage, which would be possible using defaulttargeturl that is definied as a property for authentication processing filter. But this property(defaluttargeturl) is not available for Basic Processing Filter. whats the alternative solution for Basic Processing Filter?

        Can you explain in more detail?
        Thanks
        Krishna

        Comment


        • #5
          1. What is middle jsp page?
          2. default-target-url - is the page the user to be redirected after successful login.
          3. If user tries to access the page, that is secured, but he has no privileges for that, some page should be rendered. This is what you want to get? If yes, here is an example of exceptionTranslationFilter(sorry, I wrote exceptionProccessingFilter last time):
          Code:
              <bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
                  <property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
                  <property name="accessDeniedHandler" ref="accessDeniedHandler"/>
              </bean>
          If access is denied for current user, this filter redirects him to the page, specified in accessDeniedHandler:
          Code:
              <bean id="accessDeniedHandler" class="org.springframework.security.ui.AccessDeniedHandlerImpl">
                  <property name="errorPage" value="/Error.action"/>
              </bean>

          Comment


          • #6
            Hi,
            Thanks for your patience for trying to understand my problem.
            Let me explain you my problem in more detail with following example

            User1 has access to page1,page2, page3 and page4 resources.
            page1 is a home page.
            itemsub is the context root.
            if user tries to access the application with the following url,
            http://localhost:9080/itemsub then home page is getting displayed soon after he successfully logged in which is accurate. This is happening because I mentioned pag1 as welcome page in web.xml.

            if user tries to access the application with
            http://localhost:9080/itemsub/page3, I wanted it gets redirected to home page, soon after he logged in, though he has access to page3.

            But in this case, my application discarding welcome page defined in web.xml and trying to access page3, as he has access to this page.

            how can I control this behavior?
            In simple words, what I need is just to redirect to home page, soon after user logged in through basic processing filter, irrespective of page name he mentions in the URL.

            Sorry if it is silly question, but struggling from morning, and am new to spring security.
            Your help is appreciated.
            Thanks
            Krishna

            Comment


            • #7
              So you want user to go to home page always after logining? (Maybe my level of English is just not sufficient to understand you )
              Code:
                      <form-login login-page="/login.action" default-target-url="/secure/home.action"
                                  authentication-failure-url="/login.action?login_error=1"
                                  login-processing-url="/j_spring_security_check"
                                  always-use-default-target="/home.action"/><!--here it is! -->
              It is from inside of <http> tag in applicationContext-security.xml

              Comment


              • #8
                I think what you said is possible with Form Authentication Mechanism,but mine is Basic Authentication mechanism.
                I dont have any login page here.
                soon after usre tries to login, a dialog gets displayed, where he provides, his authentication credentials.
                Here is my current configuration,.

                Code:
                <bean id="basicProcessingFilter"
                	     class="org.acegisecurity.ui.basicauth.BasicProcessingFilter">
                        <property name="authenticationManager" ref="authenticationManager"/>
                        <property name="authenticationEntryPoint" ref="basicProcessingFilterEntryPoint"/>
                    </bean>
                
                 <bean id="basicProcessingFilterEntryPoint"
                          class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint">
                        <property name="realmName" value="Secured"/>
                    </bean>
                <bean id="authenticationManager"
                		class="org.acegisecurity.providers.ProviderManager">
                		<property name="providers">
                			<list>
                				<ref local="ldapAuthenticationProvider"/>
                			</list>
                		</property>
                	</bean>
                I didn't find the properties you suggested like (default target url)
                for basic authentication mechanism.
                any ideas?

                Comment

                Working...
                X