Announcement Announcement Module
Collapse
No announcement yet.
First login fails, second login succeeds Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • First login fails, second login succeeds

    I am using spring security 2.0.4 with LDAP. The first time I login after application startup, I get this:
    Code:
    2010-04-16 07:36:39,501 [http-8080-1] DEBUG org.springframework.security.ldap.DefaultSpringSecurityContextSource - Creating context with principal: 'user_name'
    2010-04-16 07:36:39,619 [http-8080-1] DEBUG org.springframework.security.ui.webapp.AuthenticationProcessingFilter - Updated SecurityContextHolder to contain null Authentication
    2010-04-16 07:36:39,619 [http-8080-1] DEBUG org.springframework.security.ui.webapp.AuthenticationProcessingFilter - Authentication request failed: org.springframework.security.BadCredentialsException: Bad credentials; nested exception is org.springframework.ldap.AuthenticationException: [LDAP: error code 32 - No Such Object]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 32 - No Such Object]
    2010-04-16 07:36:39,621 [http-8080-1] DEBUG org.springframework.security.context.HttpSessionContextIntegrationFilter - SecurityContextHolder now cleared, as request processing completed
    2010-04-16 07:36:39,622 [http-8080-1] DEBUG org.springframework.security.util.FilterChainProxy - Converted URL to lowercase, from: '/jsp/login.jsp'; to: '/jsp/login.jsp'
    If I try to login immediately after that, it works:

    Code:
    2010-04-16 07:36:46,443 [http-8080-1] DEBUG org.springframework.security.ldap.DefaultSpringSecurityContextSource - Creating context with principal: 'user_name'
    2010-04-16 07:36:46,447 [http-8080-1] DEBUG org.springframework.security.ui.webapp.AuthenticationProcessingFilter - Authentication success: com.app.security.LdapAuthenticationToken@e00e8dc7: Principal: user_name; Password: [PROTECTED]; Authenticated: true; Details: org.springframework.security.ui.WebAuthenticationDetails@166c8: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 8FDF7B0C4DCB0A17EEEEAA11881B7FC6; Granted Authorities: ROLE_USER
    2010-04-16 07:36:46,447 [http-8080-1] DEBUG org.springframework.security.ui.webapp.AuthenticationProcessingFilter - Updated SecurityContextHolder to contain the following Authentication: 'com.app.security.LdapAuthenticationToken@e00e8dc7: Principal: user_name; Password: [PROTECTED]; Authenticated: true; Details: org.springframework.security.ui.WebAuthenticationDetails@166c8: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 8FDF7B0C4DCB0A17EEEEAA11881B7FC6; Granted Authorities: ROLE_USER'
    2010-04-16 07:36:46,450 [http-8080-1] DEBUG org.springframework.security.util.SessionUtils - Invalidating session with Id '8FDF7B0C4DCB0A17EEEEAA11881B7FC6' and migrating attributes.
    2010-04-16 07:36:46,451 [http-8080-1] DEBUG org.springframework.security.ui.session.HttpSessionEventPublisher - Publishing event: org.springframework.security.ui.session.HttpSessionDestroyedEvent[source=org.apache.catalina.session.StandardSessionFacade@ea7549]
    2010-04-16 07:36:46,451 [http-8080-1] DEBUG org.springframework.security.ui.session.HttpSessionEventPublisher - Publishing event: org.springframework.security.ui.session.HttpSessionCreatedEvent[source=org.apache.catalina.session.StandardSessionFacade@15863e4]
    2010-04-16 07:36:46,451 [http-8080-1] DEBUG org.springframework.security.util.SessionUtils - Started new session: FC8BDCC6130156E717B651971F8A69D8
    Any idea what might cause this behaviour?

  • #2
    First login fails, second login succeeds

    I've got the same problem (with REST clients and web browsers).
    Have you find any solutions?

    Thank.

    Comment


    • #3
      Adding create-session="never" solved the problem:


      Code:
      <http create-session="never">
      	<intercept-url pattern="/**" access="ROLE_USER" />
      	<http-basic />
      </http>

      Comment

      Working...
      X