aspose file tools*
The moose likes Spring and the fly likes Spring successHandler not being called. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "Spring successHandler not being called." Watch "Spring successHandler not being called." New topic
Author

Spring successHandler not being called.

Darvesh Niz
Ranch Hand

Joined: May 12, 2008
Posts: 119
Hello

i am working on Spring security and i have an issue where after successfulAuthentication the request is not being passed to the sucesshandler url
i have my own CustomAuthenticationProcessingFilter which extends UsernamePasswordAuthenticationFilter and added two overridden methods as seen below
Below is my spring security configuration




When the user submits the login form the request comes to these overridden methods and we create all necessary cookies but the request is not delegated to the url mentioned in successHandler
in the browser window the request comes back to
http://myhost:8080/j_security_check with a blank screen

just to add my login form submit action url is
<s:form action="/j_spring_security_check" method="post" id="form1" name="form1">


Any advice.

Bill Gorder
Bartender

Joined: Mar 07, 2010
Posts: 1680
    
    7

Can you please bump logging up to debug for org.springframework.security.web.authentication and post back with what gets logged.


[How To Ask Questions][Read before you PM me]
Darvesh Niz
Ranch Hand

Joined: May 12, 2008
Posts: 119
i tried printing out log4j debug messaging and looks like spring is not spitting out any message
my log4j.properties file looks like but i am not seeing any messages in the output

log4j.rootCategory=DEBUG, stdout
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d{ABSOLUTE} %5p %t %c{2}:%L - %m%n
log4j.category.org.springframework=DEBUG

Thats one problem
The other problem i have is for example the first time when i go to secure page for example
http://domian:8080/era/secure/MyAccount.load.action
the request gets intercepted and i see login page, i enter my username and password and the request comes to attemptAuthentication and i see we create the correct user object with granted authority as ROLE_USER
return new org.springframework.security.core.userdetails.User(user.getEmail(),
user.getNewPassword(), notPending, true, true, notDisabled, grantedAuthcollection)
and i also see the jSESSION cookie created.

so i assume the next time when i hit the same url again
http://domian:8080/era/secure/MyAccount.load.action

it should let me go that url but its again redirecting it to login page.

i am really doubting could there be some issue with jetty working with spring security.

any advice?
Darvesh Niz
Ranch Hand

Joined: May 12, 2008
Posts: 119
ok
i figured out that i accidently deleted this line in my
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException,ServletException {

super.successfulAuthentication(request, response, authentication);

after putting it its fine now.
Bill Gorder
Bartender

Joined: Mar 07, 2010
Posts: 1680
    
    7

Yeah, that line is important Glad you got it figured out. Thanks for posting back.
Darvesh Niz
Ranch Hand

Joined: May 12, 2008
Posts: 119
Hello

i am faced with some new issue where i am not able to see the cookie created in the same request.
when i hit this url the first time
domain.com/era/secure/MyAccount.load.action

As is said before it routes me to login page i enter my login info and in the successfulAuthentication method we create some cookie.

After login, spring now directs the request comes to MyAccount.load.action i am trying to get that cookie but its not available, since its the same request. Hence Myaccount.load.action class does not find the cookie and we have written some code to redirect back to login screen. once the request gets complete i see the cookie now.

How is it possible to make the Myaccount.load.action class to see the cookie in the same request flow after user is logged in.

any advice.
Thanks
Darvesh Niz
Ranch Hand

Joined: May 12, 2008
Posts: 119
Just to add in order to fix this i implemented my own DefaultRedirectStrategy, but still no luck
The below is my code where i redirect the request, so i assume when the contorl goes to myaccount action class the cookie should be present but still not the case, any advice.

 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Spring successHandler not being called.