Announcement Announcement Module
Collapse
No announcement yet.
Question on authentication success handler Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Question on authentication success handler

    We have a hidden login form on the most of pages. It will show up when a user click the signin link. We also have a login page for the situation when an anonymous want to access user restricted pages. (We would like to have the login form pops up instead of the login page. However, it doesn't seem to be doable to trigger a Javascript code with a URL.) With the following SS configuration, we have a desired behaviour for enforced login.
    Code:
    	<http auto-config="true" path-type="regex">
    		<form-login login-page="/profiles/lognin/form"
    			authentication-failure-url="/accessDenied"
    			/>
    		<remember-me key="myAppKey" />
    	</http>
    What change(s) I need to make to let a user stay on the same page when s/he click the signin link instead of the home page?

  • #2
    Question on authentication success handler

    Hi,

    What I understand from your question is, you want to stay on the same page once you are successfully authenticated by the login pop up?

    Is it redirecting to defaultTargetURL? which is your home page's url?

    Thanks,
    Nisha

    Comment


    • #3
      I'm confused by what you mean "it doesn't seem to be doable to trigger a Javascript code with a URL" - this is of course possible using onclick etc. What exactly are you trying to do in this case?

      Regardless, have you tried the "always-use-default-target" attribute on the <form-login> element, setting it to "false"?

      Comment


      • #4
        Originally posted by nishashirawala View Post
        Hi,

        What I understand from your question is, you want to stay on the same page once you are successfully authenticated by the login pop up?

        Is it redirecting to defaultTargetURL? which is your home page's url?

        Thanks,
        Nisha
        Your understanding is correct.

        Yes, it is redirected to the home page.

        Comment


        • #5
          Originally posted by pmularien View Post
          I'm confused by what you mean "it doesn't seem to be doable to trigger a Javascript code with a URL" - this is of course possible using onclick etc. What exactly are you trying to do in this case?

          Regardless, have you tried the "always-use-default-target" attribute on the <form-login> element, setting it to "false"?
          What I referred to is that login-page URL in the form-login. Can it trigger a Javascript function?

          Setting "always-use-default-target" to "false" doesn't change the behaviour at all.

          Comment


          • #6
            Hi,

            Please try using

            <property name="continueChainBeforeSuccessfulAuthentication" value="true"/>

            for authenticationProcessingFilter bean.

            It should work..

            -Nisha

            Comment


            • #7
              Originally posted by nishashirawala View Post
              Hi,

              Please try using

              <property name="continueChainBeforeSuccessfulAuthentication" value="true"/>

              for authenticationProcessingFilter bean.

              It should work..

              -Nisha
              In the 3.0 version, AuthenticationProcessingFilter is renamed as UsernamePasswordAuthenticationFilter. After having the following in the configuration file, I need to put the filter inside of the http block.
              Code:
              	<beans:bean id="authenticationFilter"
              		class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter"
              		p:authenticationManager-ref="authenticationManager"
              		p:continueChainBeforeSuccessfulAuthentication="true" />
              I have tried to place the following in every possible place inside of the http block.
              Code:
              		<custom-filter position="FORM_LOGIN_FILTER" ref="authenticationFilter"/>
              and I always get this configuration error:
              Filter beans '<authenticationFilter>' and 'Root bean: class [org.springframework.security.web.authentication.Us ernamePasswordAuthenticationFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0;
              dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null' have the same 'order' value. When using custom filters, please make sure the positions do not conflict with default filters. Alternatively you can disable the default filters by removing the corresponding child elements from <http> and avoiding the use of <http auto-config='true'>.
              The reference information I follow is on http://mrather.blogspot.com/2010/02/...enticatio.html

              Comment


              • #8
                If you're replacing the form login filter, you need to remove the <form-login> tag. Ref: Link

                Comment


                • #9
                  Originally posted by pmularien View Post
                  If you're replacing the form login filter, you need to remove the <form-login> tag. Ref: Link
                  So what you say is that I need to use the security:http tag instead? If so, what are the equivalent of property login-page and authentication-failure-url of the form-login tag? I scan over the reference documentation and can't find the information.

                  Comment


                  • #10
                    Originally posted by vw729 View Post
                    So what you say is that I need to use the security:http tag instead?
                    I don't see what you mean? You already seem to be using it...

                    Peter said you have to remove the <form-login> tag if you are adding another filter at the same position (which you are in the sample you've given above).

                    Comment

                    Working...
                    X