Announcement Announcement Module
Collapse
No announcement yet.
Help on spring security 2.0.5 multiple login page Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Help on spring security 2.0.5 multiple login page

    Hi Guys

    I'm working with SpringSecurity and trying to create multiple login page.
    My first login page(for concierge user, /service/loginConcierge.htm) is working properly,
    but can't transit to concierge's top page (concierge-flow).
    However my second login page(owner user , /service/owner.htm) always transit to manage-flow, by non authentication.
    Sorry.. hope you'll help.

    Below's a my security config file:

    PHP Code:

        
    <security:global-method-security secured-annotations="enabled">
            <
    security:protect-pointcut access="ROLE_EDIT" expression="execution(* jp.co.kkc.tabinavi.service.*.*Service.execUpdate*(..))"/>
            <
    security:protect-pointcut access="ROLE_EDIT" expression="execution(* jp.co.kkc.tabinavi.service.*.*Service.execDelete*(..))"/>
        </
    security:global-method-security>

       
        <
    bean id="springSecurityFilterChain" class="org.springframework.security.util.FilterChainProxy">
            <
    security:filter-chain-map path-type="ant">
                <
    security:filter-chain filters="none" pattern="/resources/**"/>
                <
    security:filter-chain filters="none" pattern="/js/**"/>
                <
    security:filter-chain filters="none" pattern="/css/**"/>
                <
    security:filter-chain filters="none" pattern="/images/**"/>
                <
    security:filter-chain filters="none" pattern="/service/owner.htm*"/>
                <
    security:filter-chain filters="none" pattern="/service/loginConcierge.htm*"/>
                <
    security:filter-chain filters="none" pattern="/service/errors/**"/>
                
                <
    security:filter-chain pattern="/service/owner/**"
                    
    filters="ownerLogoutFilter,ownerAuthenticationProcessingFilter,
                    ownerSessionExpirationFilter, ownerExceptionTranslationFilter"
    />
                    
                <
    security:filter-chain pattern="/service/concierge/**"
                    
    filters="conciergeLogoutFilter,conciergeAuthenticationProcessingFilter,
                    conciergeSessionExpirationFilter, conciergeExceptionTranslationFilter"
    />
            </
    security:filter-chain-map>
        </
    bean>
        
        <
    bean id="ownerLogoutFilter" class="org.springframework.security.ui.logout.LogoutFilter" >
            <
    security:custom-filter position="LOGOUT_FILTER" />
            
            <
    property name="filterProcessesUrl" value="/service/owner/authentication/logout"></property>
            
            <
    constructor-arg value="/service/owner.htm?loggedout=true"/>
            <
    constructor-arg>
                <list>
                    <
    ref local="writeLogoutLog" />
                    <
    bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler"/>
                </list>
            </
    constructor-arg>
        </
    bean>
        
        <
    bean id="conciergeLogoutFilter" class="org.springframework.security.ui.logout.LogoutFilter" >
            <
    security:custom-filter position="LOGOUT_FILTER" />
            <
    property name="filterProcessesUrl" value="/service/concierge/authentication/logout"></property>
            
            <
    constructor-arg value="/service/loginConcierge.htm?loggedout=true"/>
            <
    constructor-arg>
                <list>
                    <
    ref local="writeLogoutLog" />
                    <
    bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler"/>
                </list>
            </
    constructor-arg>
        </
    bean>
        
        <
    bean id="ownerSessionExpirationFilter" class="jp.co.kkc.tabinavi.web.util.SessionExpirationFilter">
            <
    security:custom-filter position="FIRST" />
            
            <
    property name="invalidSessionUrl" value="/service/loginConcierge.htm?sessionTimeout=true" ></property>

        </
    bean>
        
        <
    bean id="conciergeSessionExpirationFilter" class="jp.co.kkc.tabinavi.web.util.SessionExpirationFilter">
            <
    security:custom-filter position="FIRST" />
            
            <
    property name="invalidSessionUrl" value="/service/loginConcierge.htm?sessionTimeout=true" ></property>
            
        </
    bean>
        
        <
    security:authentication-provider user-service-ref="customUserDetailsService">
        </
    security:authentication-provider>
        
        <
    security:authentication-provider user-service-ref="conciergeUserDetailsService">
        </
    security:authentication-provider>
        
        <
    bean id="customUserDetailsService" class="jp.co.kkc.tabinavi.service.authentication.impl.CustomUserDetailsServiceImpl" >
            <
    property name="authenticationBl" ref="authenticationBl"></property>
            <
    property name="rolePrefix" value="ROLE_" />
            <
    property name="messageSource" ref="messageSource"></property>
        </
    bean>

        <
    bean id="conciergeUserDetailsService" class="jp.co.kkc.tabinavi.service.authentication.impl.ConciergeUserDetailsServiceImpl" >
            <
    property name="authenticationBl" ref="authenticationBl"></property>
            <
    property name="rolePrefix" value="ROLE_" />
            <
    property name="messageSource" ref="messageSource"></property>
        </
    bean>

        <
    bean id="ownerAuthenticationProcessingFilter" 
            
    class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
            <
    security:custom-filter position="AUTHENTICATION_PROCESSING_FILTER" />
            
            <
    property name="filterProcessesUrl" value="/service/owner/authentication/j_acegi_security_check"></property>
            
            <
    property name="defaultTargetUrl" value="/service/owner/manage-flow" />
            
            <
    property name="authenticationManager" ref="ownerAuthenticationManager" />
            
            <
    property name="authenticationFailureUrl" value="/service/owner.htm?authfailed=true" />
            
        </
    bean>
        <
    bean id="conciergeAuthenticationProcessingFilter" 
            
    class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
            <
    security:custom-filter position="AUTHENTICATION_PROCESSING_FILTER" />
            
            <
    property name="filterProcessesUrl" value="/service/concierge/authentication/j_acegi_security_check"></property>
            
            <
    property name="defaultTargetUrl" value="/service/concierge/concierge-flow" />
            
            <
    property name="authenticationManager" ref="conciergeAuthenticationManager" />
            
            <
    property name="authenticationFailureUrl" value="/service/loginConcierge.htm?authfailed=true" />
            
        </
    bean>
        
        <
    bean id="ownerExceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
            <
    property name="authenticationEntryPoint">
                <
    bean class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
                    <
    property name="loginFormUrl" value="/service/owner.htm" />
                    <
    property name="forceHttps" value="false" />
                </
    bean>
            </
    property>
        </
    bean>
        
        <
    bean id="conciergeExceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
            <
    property name="authenticationEntryPoint">
                <
    bean class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
                    <
    property name="loginFormUrl" value="/service/loginConcierge.htm"/>
                    <
    property name="forceHttps" value="false" />
                </
    bean>
            </
    property>
        </
    bean>
                
        <
    bean id="ownerAuthenticationManager"
            
    class="org.springframework.security.providers.ProviderManager">
            <
    property name="providers">
                <list>
                    <
    ref local="customDaoAuthenticationProvider" />
                </list>
            </
    property>
            <
    property name="sessionController" ref="defaultConcurrentSessionController" />
        </
    bean>
        <
    bean id="conciergeAuthenticationManager"
            
    class="org.springframework.security.providers.ProviderManager">
            
            <
    property name="providers">
                <list>
                
                    <
    ref local="conciergeDaoAuthenticationProvider" />
                    
                </list>
            </
    property>
            
            <
    property name="sessionController" ref="defaultConcurrentSessionController" />
        </
    bean>
            
        <
    bean id="sessionRegistry"
            
    class="org.springframework.security.concurrent.SessionRegistryImpl" />

        <
    bean id="defaultConcurrentSessionController"
            
    class="org.springframework.security.concurrent.ConcurrentSessionControllerImpl">
            <
    property name="sessionRegistry" ref="sessionRegistry" />
            
            <
    property name="exceptionIfMaximumExceeded" value="false" />
            
        </
    bean>

        <
    bean id="customDaoAuthenticationProvider"
                
    class="jp.co.kkc.tabinavi.bl.authentication.CustomDaoAuthenticationProvider">
            <
    property name="userDetailsService" ref="customUserDetailsService" />
            <
    property name="hideUserNotFoundExceptions" value="false" />
        </
    bean>
        <
    bean id="conciergeDaoAuthenticationProvider"
                
    class="jp.co.kkc.tabinavi.bl.authentication.CustomDaoAuthenticationProvider">
            <
    property name="userDetailsService" ref="conciergeUserDetailsService" />
            <
    property name="hideUserNotFoundExceptions" value="false" />
        </
    bean>
       
        <
    bean class="jp.co.kkc.tabinavi.web.util.AuthenticationEventListener">
            <
    property name="messageSource" ref="messageSource"/>
            <
    property name="commonBl" ref="commonBl"/>
            
            <
    property name="defaultSucceedProcessContents" value="success"/>
            
            <
    property name="defaultFailedProcessContents" value="failed"/>
            
        </
    bean>

    </
    beans
    web.xml
    PHP Code:
        <filter>
            <
    filter-name>springSecurityFilterChain</filter-name>
            <
    filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
        </
    filter>
        
        <
    filter-mapping>
            <
    filter-name>springSecurityFilterChain</filter-name>
            <
    url-pattern>/  *  </url-pattern>
        </
    filter-mapping>
        
        <
    listener>
            <
    listener-class>
    org.springframework.security.ui.session.HttpSessionEventPublisher</listener-class>
        </
    listener
    Thanks & Regards
    Ganaa
Working...
X