Announcement Announcement Module
Collapse
No announcement yet.
Cant get springSecurityFilterChain to intercept FORWARDS initiated via struts2 Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cant get springSecurityFilterChain to intercept FORWARDS initiated via struts2

    I have a protected realm called spages

    The realm is protected via spring-security:

    Code:
    <http auto-config='true'>
        <intercept-url pattern="/spages/**" access="ROLE_USER" />
        <form-login
    	login-processing-url="/j_spring_security_check"
    	login-page="/login"
    	default-target-url="/spages/signin"
    	always-use-default-target="true"			
    	authentication-failure-url="/login?error" />		
    </http>
    When I link to /spages/signin I get the login form.. Thats ok and thats what I want.

    But I also have a struts2 action:

    Code:
    <package name="admin" extends="struts-default">
        <action name="CategoryManagement">
            <result name="success">/spages/AdminCategoryHome.jsp</result>
        </action>		
    </package>
    See, the AdminCategoryHome.jsp page is in the secured directory. But when I invoke the struts action CategoryManagement, the spring-security form does not intercept the forward. I configured the spring filter as so, including the FORWARD dispatcher:

    Code:
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
        <dispatcher>FORWARD</dispatcher>
        <dispatcher>REQUEST</dispatcher>    
    </filter-mapping>
    Is there any way I can protected resources when the page is in the protected realm and accessed via a struts2 forward?

    Thanks,

    John Dickonson
Working...
X