Announcement Announcement Module
Collapse
No announcement yet.
spring security ALWAYS ALWAYS redirects to the INDEX PAGE Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • spring security ALWAYS ALWAYS redirects to the INDEX PAGE

    Im having this problem in my website. Everytime I FIRST visit my WEBSITE, whenever I'm trying to visit a NON-SECURED page, I will always get redirected to the index page.

    Im not sure if I have misconfigured something but whenever I clear the cache on my browser, and then access a NON-SECURED page, I am ALWAYS redirected to my index page.

    The console log will follow, for more information.

    Can somebody help me?

    Scenario:
    INDEX PAGE: Guest.do
    NONSECURE PAGE: LocalAction.do

    Clear cache
    Visit LocalAction.do
    you will be redirected to Guest.do
    Now visit LocalAction.do AGAIN
    and everything is fine


    Please advise. This is an urgent bug.

    -marckun

  • #2
    Code:
    2010-06-03 16:46:08,707 DEBUG [org.springframework.security.util.FilterChainProxy] - Candidate is: '/customer/localaction.do'; pattern is /_notes/**; matched=false
    ......
    2010-06-03 16:46:08,713 DEBUG [org.springframework.security.util.FilterChainProxy] - Candidate is: '/customer/localaction.do'; pattern is /customer/localaction.do; matched=true
    2010-06-03 16:46:08,738 DEBUG [org.springframework.security.util.FilterChainProxy] - /customer/LocalAction.do?username=hmac01&lang=en&action=lo&key=12346a7d27b076fcb3231f4884a8904bf3b9123456 at position 1 of 7 in additional filter chain; firing Filter: 'org.springframework.security.context.HttpSessionContextIntegrationFilter[ order=200; ]'
    2010-06-03 16:46:08,738 DEBUG [org.springframework.security.context.HttpSessionContextIntegrationFilter] - No HttpSession currently exists
    2010-06-03 16:46:08,738 DEBUG [org.springframework.security.context.HttpSessionContextIntegrationFilter] - New SecurityContext instance will be associated with SecurityContextHolder
    2010-06-03 16:46:08,751 DEBUG [org.springframework.security.util.FilterChainProxy] - /customer/LocalAction.do?username=hmac01&lang=en&action=lo&key=12346a7d27b076fcb3231f4884a8904bf3b9123456 at position 2 of 7 in additional filter chain; firing Filter: 'org.springframework.security.ui.logout.LogoutFilter[ order=300; ]'
    2010-06-03 16:46:08,752 DEBUG [org.springframework.security.util.FilterChainProxy] - /customer/LocalAction.do?username=hmac01&lang=en&action=lo&key=12346a7d27b076fcb3231f4884a8904bf3b9123456 at position 3 of 7 in additional filter chain; firing Filter: 'crown.security.CustomerAuthenticationProcessingFilter[ order=700; ]'
    2010-06-03 16:46:08,752 DEBUG [org.springframework.security.util.FilterChainProxy] - /customer/LocalAction.do?username=hmac01&lang=en&action=lo&key=12346a7d27b076fcb3231f4884a8904bf3b9123456 at position 4 of 7 in additional filter chain; firing Filter: 'org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter[ order=1100; ]'
    2010-06-03 16:46:08,752 DEBUG [org.springframework.security.wrapper.SavedRequestAwareWrapper] - Wrapper not replaced; no session available for SavedRequest extraction
    2010-06-03 16:46:08,752 DEBUG [org.springframework.security.util.FilterChainProxy] - /customer/LocalAction.do?username=hmac01&lang=en&action=lo&key=12346a7d27b076fcb3231f4884a8904bf3b9123456 at position 5 of 7 in additional filter chain; firing Filter: 'org.springframework.security.ui.ExceptionTranslationFilter[ order=1400; ]'
    2010-06-03 16:46:08,752 DEBUG [org.springframework.security.util.FilterChainProxy] - /customer/LocalAction.do?username=hmac01&lang=en&action=lo&key=12346a7d27b076fcb3231f4884a8904bf3b9123456 at position 6 of 7 in additional filter chain; firing Filter: 'org.springframework.security.ui.SessionFixationProtectionFilter[ order=1600; ]'
    2010-06-03 16:46:08,752 DEBUG [org.springframework.security.util.FilterChainProxy] - /customer/LocalAction.do?username=hmac01&lang=en&action=lo&key=12346a7d27b076fcb3231f4884a8904bf3b9123456 at position 7 of 7 in additional filter chain; firing Filter: 'org.springframework.security.intercept.web.FilterSecurityInterceptor@d54304'
    2010-06-03 16:46:08,752 DEBUG [org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource] - Converted URL to lowercase, from: '/customer/localaction.do?username=hmac01&lang=en&action=lo&key=12346a7d27b076fcb3231f4884a8904bf3b9123456'; to: '/customer/localaction.do?username=hmac01&lang=en&action=lo&key=12346a7d27b076fcb3231f4884a8904bf3b9123456'
    ....
    2010-06-03 16:46:08,885 DEBUG [org.springframework.beans.CachedIntrospectionResults] - Getting BeanInfo for class [crown.action.LocalAction]
    ...
    2010-06-03 16:46:09,050 DEBUG [org.springframework.security.ui.ExceptionTranslationFilter] - Chain processed normally
    ....
    2010-06-03 16:46:09,050 DEBUG [org.springframework.security.context.HttpSessionContextIntegrationFilter] - SecurityContextHolder now cleared, as request processing completed
    ...
    2010-06-03 16:46:09,065 DEBUG [org.springframework.security.util.FilterChainProxy] - Converted URL to lowercase, from: '/jsp/guest.do'; to: '/jsp/guest.do'
    ...
    2010-06-03 16:46:09,065 DEBUG [org.springframework.security.util.FilterChainProxy] - Candidate is: '/jsp/guest.do'; pattern is /css/**; matched=false
    .....

    Comment


    • #3
      Hi Marckun,

      It may happen when you are accessing the images and css files as well i guess.
      Please change your configuration of AuthenticationProcessFilter to access this contents by ROLE_ANONYMOUS also

      Thanks
      Pavan

      Comment


      • #4
        Would you mind sharing your configurations?

        Comment

        Working...
        X