Announcement Announcement Module
Collapse
No announcement yet.
Can't get IceFaces login form to work Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Can't get IceFaces login form to work

    Hi

    I've read numerous posts about this issue, and tried all possible solutions I could find, but none is working for me. I'm writing a IceFaces 1.8.2-based webapp, and added Spring Security for authentication and authorization. I want to have a custom login page (also written in JSF/icefaces). So I declared the following:

    Code:
    ...
    		<security:form-login login-page="/secured/login.faces" default-target-url="/entry/entry.faces" />
    		<security:logout logout-success-url="/secured/logout.faces" />
    ...
    The login page is the following

    Code:
    		<ice:form id="loginform">
    			<ice:panelGrid columns="2">
    				<ice:outputLabel value="User Name" for="j_username" />
    				<ice:inputText id="j_username" value="#{loginBean.userId}" size="40"
    					maxlength="80" />
    				<ice:outputLabel value="Password" for="j_password" />
    				<ice:inputSecret id="j_password" value="#{loginBean.password}"
    					size="40" maxlength="80" />
    			</ice:panelGrid>
    			<ice:commandButton action="#{loginBean.login}" value="Login" />
    			<ice:messages style="color: red;" />
    		</ice:form>
    The action in the backing bean is:
    Code:
    		ExternalContext context = FacesContext.getCurrentInstance()
    				.getExternalContext();
    
    		context.dispatch("/j_spring_security_check");
    When trying to reach a protected resource, I can indeed see the login page, then I enter my credentials, but after submitting, I always get an exception:

    Code:
    javax.servlet.ServletException: java.io.IOException: Cannot dispatch on XMLHTTP request.
    	com.icesoft.faces.webapp.http.servlet.MainServlet.service(MainServlet.java:158)
    	javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
    	com.icesoft.faces.webapp.xmlhttp.BlockingServlet.service(BlockingServlet.java:56)
    ...
    I also tried the following code for the action:
    Code:
    		ExternalContext context = FacesContext.getCurrentInstance()
    				.getExternalContext();
    
    		RequestDispatcher dispatcher = ((HttpServletRequest) context
    				.getRequest()).getRequestDispatcher("/j_spring_security_check");
    		try {
    			dispatcher.forward((HttpServletRequest) context.getRequest(),
    					(HttpServletResponse) context.getResponse());
    		} catch (ServletException e1) {
    			e1.printStackTrace();
    		}
    
    		FacesContext.getCurrentInstance().responseComplete();
    		// It's OK to return null here because Faces is just going to exit.
    		return null;
    but in that case, I get the following exception:
    Code:
    java.lang.UnsupportedOperationException: Use navigation rules instead
    	com.icesoft.faces.webapp.http.servlet.ServletEnvironmentRequest.getRequestDispatcher(ServletEnvironmentRequest.java:340)
    	be.oxys.itimesheets.beans.LoginBean.login(LoginBean.java:86)
    	sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    	sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    I've read all following sources, but none of them work.

    Of course, I could use a plain jsp, without any JSF and IceFaces, but I still hope there's a way to combine IceFaces and Spring Security

    I'd be very grateful if someone could help me? In the meantime, I'll revert to the standard login form

    Thanks a lot for your help

    Jean-Noel

  • #2
    ICEFaces login problem

    I actually had a lot of problems with this too (but on JSF Facelets RichFaces) I see I found the same style LoginController code so that is definitely ok.

    I currently use that same style action code i.e.

    Code:
    ExternalContext context = FacesContext.getCurrentInstance().getExternalContext();
    
    RequestDispatcher dispatcher = ((ServletRequest) context.getRequest())
    				.getRequestDispatcher("/j_spring_security_check");
    
    dispatcher.forward((ServletRequest) context.getRequest(), (ServletResponse) context.getResponse());
    
    FacesContext.getCurrentInstance().responseComplete();
    Similar kind of View too

    Code:
    <h:form id="loginForm" prependId="false">
    	<h:panelGrid align="center">
    		<h:outputText value="${loginController.loginMessage}" />
    		<h:messages id="messages" layout="table" globalOnly="false" showSummary="true"
    			showDetail="false" />
    		<h:panelGrid cellpadding="20">
    			<h:panelGrid columns="2">
    				<h:outputText id="userNameText" value="#{text['login.label.userId']}" />
    				<h:inputText id="j_username" forceId="true" value="#{loginController.userName}"
    					size="20" maxlength="20"></h:inputText>
    				<h:outputText id="passwordText" value="#{text['login.label.password']}" />
    				<h:inputSecret id="j_password" forceId="true" value="#{loginController.password}"
    					size="20" maxlength="20" redisplay="true"></h:inputSecret>
    				<h:panelGroup styleClass="formr">
    					<h:commandButton value="#{text['login.button.login']}"
    						action="#{loginController.login}" id="login" styleClass="button" />
    				</h:panelGroup>
    			</h:panelGrid>
    		</h:panelGrid>
    	</h:panelGrid>
    </h:form>
    And the faces-config.xml
    Code:
      <managed-bean>
        <managed-bean-name>loginController</managed-bean-name>
        <managed-bean-class>
          xyz....action.LoginController
        </managed-bean-class>
        <managed-bean-scope>request</managed-bean-scope>
      </managed-bean>
    ...
      <navigation-rule>
        <from-view-id>/*</from-view-id>
        <navigation-case>
          <from-outcome>login</from-outcome>
          <to-view-id>/login.xhtml</to-view-id>
          <redirect />
        </navigation-case>
      </navigation-rule>
      <navigation-rule>
        <from-view-id>/login.xhtml</from-view-id>
        <navigation-case>
          <from-outcome>login</from-outcome>
          <to-view-id>/j_spring_security_check</to-view-id>
        </navigation-case>
      </navigation-rule>
    And from the Spring application context

    Code:
    	<http auto-config="true" access-denied-page="/403.html" lowercase-comparisons="false" >
    		<intercept-url pattern="/login.html" filters="none" />
    
    		<intercept-url pattern="/admin/*" access="ROLE_ADMIN" />
    			
    		<form-login 
    			login-page="/login.html"
    			authentication-failure-url="/login.html" 
    			login-processing-url="/j_spring_security_check"
    			always-use-default-target="true" 
    			default-target-url="/admin/mainMenu.html" />
    		<logout logout-success-url="/mainMenu.html" invalidate-session="true"
    			logout-url="/j_spring_security_logout" />
    			
    		<!-- if your application uses non-standard ports for HTTP -->
    		<port-mappings>
    			<port-mapping http="9080" https="9443"/>
    		</port-mappings>
        
    		<!-- Spring Security will detect the submission of an invalid session ID and redirect the user
    		to an appropriate URL. This is achieved through the session-management element -->
    		<session-management invalid-session-url="/mainMenu.html" />    
    	</http>
    I'm hoping you see something helpful in the above (it is a lot of pieces to process a login!). Sorry I can't help from an ICEFaces point of view (although I'm tempted to try ICEFaces too), but it looks like your on the right track...

    Comment


    • #3
      Unfortunately, trying that solution, I always get the same exception from the getRequestDispatcher call.

      [CODE
      ]RequestDispatcher dispatcher = ((ServletRequest) context.getRequest())
      .getRequestDispatcher("/j_spring_security_check");
      [/CODE]

      and indeed, when checking the source of com.icesoft.faces.webapp.http.servlet.ServletEnvir onmentRequest which is used as a wrapper around HttpRequest, I can read:

      Code:
          public RequestDispatcher getRequestDispatcher(String name) {
              throw new UnsupportedOperationException("Use navigation rules instead");
          }
      So there's definitely something wrong here. Btw, I also see that you have a navigation rule, but what does the action method return? It's calling ResponseComplete, isn't it?

      Thanks for your help

      Jean-Noel

      Comment


      • #4
        Have you confirmed whether the ICEfaces form is doing a partial postback (via XHR)? You could confirm this with something like Firebug. If so, a dispatch definitely will not work. This isn't default behavior of the ICEfaces form, though, but it's worth checking.

        Comment


        • #5
          Hello jncolin,

          have you found a solution for this? i'm facing exactly the same problems...

          thanks for your help
          andi

          Comment


          • #6
            Hi I have the same problem with Spring Webflow and ICEfaces 1.8.2. Have anyone any idea?

            Comment


            • #7
              Hi,

              ICEfaces is doing the POST requests in a different way. The ice:form is submitted via send-receive-updates. So, you can either make a non-ICEfaces login page or you can use the following in your action method:

              FacesContext context = FacesContext.getCurrentInstance();
              ExternalContext ec = context.getExternalContext();
              String encodedURL = ec.encodeResourceURL(ec.getRequestContextPath() + "/j_spring_security_check?j_username="
              + userId.toLowerCase() + "&j_password=" + password + "&_spring_security_remember_me=" + rememberMe);

              ec.redirect(encodedURL);

              But, as you can see, a redirect is used and the password might not be safe.

              Anyway, this is what I'm using at the moment so if you need any help just let me know.

              Best regards,
              Dumi.
              Last edited by Dumi; Mar 12th, 2010, 12:43 PM.

              Comment


              • #8
                Originally posted by Dumi View Post
                FacesContext context = FacesContext.getCurrentInstance();
                ExternalContext ec = context.getExternalContext();
                String encodedURL = ec.encodeResourceURL(ec.getRequestContextPath() + "/j_spring_security_check?j_username="
                + userId.toLowerCase() + "&j_password=" + password + "&_spring_security_remember_me=" + rememberMe);

                ec.redirect(encodedURL);
                Hi I am currently facing the same Problem. I'd like to implement a simple Login-Form using ICEFaces + Spring Security. I used you're code above and always get the following Exception:

                Code:
                javax.faces.FacesException: Error calling action method of component with id j_id9:j_id15
                	at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:72)
                	at javax.faces.component.UICommand.broadcast(UICommand.java:127)
                	at javax.faces.component.UIViewRoot._broadcastForPhase(UIViewRoot.java:369)
                	at javax.faces.component.UIViewRoot.process(UIViewRoot.java:264)
                	at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:153)
                	at org.apache.myfaces.lifecycle.InvokeApplicationExecutor.execute(InvokeApplicationExecutor.java:32)
                	at org.apache.myfaces.lifecycle.LifecycleImpl.executePhase(LifecycleImpl.java:103)
                	at org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:76)
                	at com.icesoft.faces.webapp.http.core.JsfLifecycleExecutor.apply(JsfLifecycleExecutor.java:18)
                	at com.icesoft.faces.webapp.http.core.ReceiveSendUpdates.renderCycle(ReceiveSendUpdates.java:132)
                	at com.icesoft.faces.webapp.http.core.ReceiveSendUpdates.service(ReceiveSendUpdates.java:74)
                	at com.icesoft.faces.webapp.http.core.RequestVerifier.service(RequestVerifier.java:31)
                	at com.icesoft.faces.webapp.http.common.standard.PathDispatcherServer.service(PathDispatcherServer.java:24)
                	at com.icesoft.faces.webapp.http.servlet.BasicAdaptingServlet.service(BasicAdaptingServlet.java:16)
                	at com.icesoft.faces.webapp.http.servlet.PathDispatcher.service(PathDispatcher.java:23)
                	at com.icesoft.faces.webapp.http.servlet.SessionDispatcher.service(SessionDispatcher.java:53)
                	at com.icesoft.faces.webapp.http.servlet.SessionVerifier.service(SessionVerifier.java:26)
                	at com.icesoft.faces.webapp.http.servlet.PathDispatcher.service(PathDispatcher.java:23)
                	at com.icesoft.faces.webapp.http.servlet.MainServlet.service(MainServlet.java:131)
                	at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
                	at com.icesoft.faces.webapp.xmlhttp.BlockingServlet.service(BlockingServlet.java:56)
                	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
                	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
                	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:343)
                	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)
                	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
                	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
                	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)
                	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
                	at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)
                	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
                	at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)
                	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
                	at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
                	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
                	at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)
                	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
                	at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
                	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
                	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:188)
                	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
                	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
                	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
                	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
                	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
                	at org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:109)
                	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
                	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:149)
                	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
                	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
                	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
                	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
                	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
                	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
                	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
                	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
                	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
                	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
                	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:852)
                	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
                	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
                	at java.lang.Thread.run(Thread.java:619)
                Caused by: javax.faces.el.EvaluationException: javax.el.ELException: /login.xhtml @30,72 action="#{LoginController.login}": java.lang.UnsupportedOperationException: Use navigation rules instead
                	at javax.faces.component._MethodExpressionToMethodBinding.invoke(_MethodExpressionToMethodBinding.java:82)
                	at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:57)
                	... 61 more
                Caused by: javax.el.ELException: /login.xhtml @30,72 action="#{LoginController.login}": java.lang.UnsupportedOperationException: Use navigation rules instead
                	at com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:74)
                	at javax.faces.component._MethodExpressionToMethodBinding.invoke(_MethodExpressionToMethodBinding.java:78)
                	... 62 more
                Caused by: java.lang.UnsupportedOperationException: Use navigation rules instead
                	at com.icesoft.faces.webapp.http.servlet.ServletEnvironmentRequest.getRequestDispatcher(ServletEnvironmentRequest.java:340)
                	at com.scaratec.simpelkom.unitedCalling.controller.LoginController.login(LoginController.java:100)
                	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
                	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
                	at java.lang.reflect.Method.invoke(Method.java:597)
                	at org.apache.el.parser.AstValue.invoke(AstValue.java:172)
                	at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276)
                	at com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68)
                	... 63 more
                Any idea how I can solve this?

                regards
                neurox

                Comment


                • #9
                  From what I see in the stack trace you are also using MyFaces. Can you post your configuration files (web.xml, faces-config.xml, applicationContext.xml) ? I'm using the code I've posted in 2 of my ICEfaces/Spring/Hibernate applications and it works just fine.

                  Thanks & best regards,
                  Dumi.

                  Comment


                  • #10
                    I have attached the config files to this post.

                    Thank you for your assistance! Your help is greatly appreciated!

                    Comment


                    • #11
                      Can you please also post your login page and login bean?

                      Dumi.

                      Comment


                      • #12
                        In the meantime I got a least a bit further. I had some misconfiguration in my Maven POM which is solved now. However I still have problems with Spring Security getting the message:

                        Code:
                        Authentication request failed: org.springframework.security.authentication.AuthenticationServiceException: Authentication m
                        ethod not supported: GET
                        My login-Method looks like this:
                        Code:
                        	public void login(ActionEvent e) throws java.io.IOException {
                        		FacesContext context = FacesContext.getCurrentInstance();
                        		ExternalContext ec = context.getExternalContext();
                        		String encodedURL = ec.encodeResourceURL(ec.getRequestContextPath() + "/j_spring_security_check?j_username=" + loginName.toLowerCase() + "&j_password=" + password + "&_spring_security_remember_me=" + "true");
                        	
                        		ec.redirect(encodedURL);
                        
                        		FacesContext.getCurrentInstance().responseComplete();
                        
                        	}
                        My Login-Form is like this:
                        Code:
                        	<body>
                        	<h2>Login</h2>
                        	<ice:form>
                        		<ice:panelGrid columns="3">
                        
                        			<ice:outputText value="Benutzername: " />
                        			<ice:inputText id="j_username" value="#{LoginController.loginName}"
                        				redisplay="true" />
                        			<br />
                        
                        			<ice:outputText value="Passwort: " />
                        			<ice:inputSecret id="j_password" value="#{LoginController.password}" />
                        			<br />
                        
                        			<ice:commandButton actionListener="#{LoginController.login}" value="Login"/>
                        
                        		</ice:panelGrid>
                        		<ice:messages style="color: red;"/>
                        	</ice:form>
                        	</body>
                        It seems as Version 3 of Spring Security is not accepting GETs anymore (which I can understand). However I am wondering how to POST the credentials to the Spring Security Filter.

                        Comment


                        • #13
                          Yes, this is where I also got today using your configuration files. This "Authentication method not supported: GET" is caused by the latest version of Spring Security. In my projects I'm using Spring 2.5.6.SEC01 and Spring Security 2.0.4.
                          What I was trying right now was to change the version of Spring/Spring Security in your pom to the ones that work for me, but I'm getting some other errors.
                          I'll play more with it tomorrow. In the end I will also need to use Spring 3, so we must find a solution

                          Dumi.

                          Comment


                          • #14
                            Just as an Update: What I have changed since yesterday is my POM. This was essential to have the right set of JARs:

                            Code:
                            	<properties>
                            		<spring.version>3.0.2.RELEASE</spring.version>
                            	</properties>
                            
                            	<dependencies>
                            		<dependency>
                            			<groupId>org.springframework</groupId>
                            			<artifactId>org.springframework.orm</artifactId>
                            			<version>${spring.version}</version>
                            		</dependency>
                            		<dependency>
                            			<groupId>org.springframework</groupId>
                            			<artifactId>org.springframework.asm</artifactId>
                            			<version>${spring.version}</version>
                            		</dependency>
                            		<dependency>
                            			<groupId>org.springframework</groupId>
                            			<artifactId>org.springframework.web</artifactId>
                            			<version>${spring.version}</version>
                            		</dependency>
                            		<dependency>
                            			<groupId>org.springframework.security</groupId>
                            			<artifactId>org.springframework.security.web</artifactId>
                            			<version>${spring.version}</version>
                            		</dependency>
                            		<dependency>
                            			<groupId>org.springframework.security</groupId>
                            			<artifactId>org.springframework.security.core</artifactId>
                            			<version>${spring-security.version}</version>
                            			<scope>compile</scope>
                            		</dependency>
                            		<dependency>
                            			<groupId>org.springframework.security</groupId>
                            			<artifactId>org.springframework.security.config</artifactId>
                            			<version>${spring-security.version}</version>
                            			<scope>compile</scope>
                            		</dependency>
                            	</dependencies>

                            Comment


                            • #15
                              I've managed to make it work, but I'm not using j_spring_security_check anymore. Here is the updated code in my login bean:

                              Code:
                              public AuthenticationManager getAuthenticationManager() {
                              	return authenticationManager;
                              }
                              
                              public void setAuthenticationManager(AuthenticationManager authenticationManager) {
                              	this.authenticationManager = authenticationManager;
                              }
                              
                              public void login(ActionEvent e) throws IOException {
                              	try {
                              		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
                              		UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(username, password);
                              		authToken.setDetails(authentication.getDetails());
                              
                              		FacesContext context = FacesContext.getCurrentInstance();
                              		ExternalContext ec = context.getExternalContext();
                              		((HttpServletRequest) ec.getRequest()).getSession().setAttribute(
                              				UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY, authToken.getName());
                              
                              		Authentication newAuth = authenticationManager.authenticate(authToken);
                              		SecurityContextHolder.getContext().setAuthentication(newAuth);
                              	} catch (UsernameNotFoundException unfe) {
                              		FacesContext.getCurrentInstance().addMessage(null,
                              				new FacesMessage(FacesMessage.SEVERITY_ERROR, unfe.getMessage(), unfe.getMessage()));
                              	}
                              
                              	ExternalContext ec = FacesContext.getCurrentInstance().getExternalContext();
                              	String encodedURL = ec.encodeResourceURL(ec.getRequestContextPath() + "/test.xhtml");
                              
                              	((HttpServletResponse) ec.getResponse()).sendRedirect(encodedURL);
                              }
                              I'm not using navigation rules and the login method is used from actionListener.

                              Also, to make this work I had to remove the LoginController bean from faces-config and define it using spring:

                              Code:
                              <security:authentication-manager alias="authenticationManager">
                              	<security:authentication-provider>
                              		<security:user-service>
                              			<security:user name="bob" password="bobspassword" authorities="ROLE_USER" />
                              		</security:user-service>
                              	</security:authentication-provider>
                              </security:authentication-manager>
                              <bean id="loginBean" class="test.LoginController" scope="session">
                              	<property name="authenticationManager" ref="authenticationManager" />
                              </bean>
                              I've added the required alias to the authentication manager.

                              For "remember me" to work you will need to call the rememberMeServices.loginSuccess(...).

                              Best regards,
                              Dumi.

                              Comment

                              Working...
                              X