Spring security not invoking request mapping after authorization -


i have custom login page authenticates user using custom userdetailsservice bean. in spring security debug logs see authentication proceeds fine , list of granted authorities contains role_user.

as per configuration page should redirect welcomepage.html does. response welcomepage.html login.html page. logs suggest authentication proceeded successfully.

i using annotation driven configuration in servlet xml file.

  1. why request handler welcomepage.html not being invoked?
  2. how request handler invoked? used work before spring security integration. other request handlers not being invoked after spring security integration.
  3. as aside how spring security know security configuration should forward requests servlet. there more servlets in application. login-page property of form-login consult web.xml finding appropriate handler? why not consult web.xml , not find request mapping welcomepage.html then? using spring mvc dispatcherservlet.
  4. is related? http://mark.koli.ch/2010/07/spring-3-and-spring-security-setting-your-own-custom-j-spring-security-check-filter-processes-url.html

here spring security logs:

19:03:49,645 debug antpathrequestmatcher:103 - checking match of request : '/welcomepage.html'; against '/**/*.css' 19:03:49,645 debug antpathrequestmatcher:103 - checking match of request : '/welcomepage.html'; against '/**/*.js' 19:03:49,645 debug antpathrequestmatcher:103 - checking match of request : '/welcomepage.html'; against '/**/*.png' 19:03:49,646 debug filterchainproxy:337 - /welcomepage.html @ position 1 of 10 in additional filter chain; firing filter: 'securitycontextpersistence filter' 19:03:49,646 debug httpsessionsecuritycontextrepository:158 - obtained valid securitycontext spring_security_context: 'org.springframework.secu rity.core.context.securitycontextimpl@afe7c13e: authentication: org.springframework.security.authentication.usernamepasswordauthenticationtoken@afe7c1 3e: principal: security.v2vuserdetails@4a97111c; credentials: [protected]; authenticated: true; details: org.springframework.security.web.authenticati on.webauthenticationdetails@1c07a: remoteipaddress: 127.0.0.1; sessionid: e5639123a984ee19e0cefca19c37da42; granted authorities: admin, role_user' 19:03:49,646 debug filterchainproxy:337 - /welcomepage.html @ position 2 of 10 in additional filter chain; firing filter: 'logoutfilter' 19:03:49,646 debug filterchainproxy:337 - /welcomepage.html @ position 3 of 10 in additional filter chain; firing filter: 'usernamepasswordauthentica tionfilter' 19:03:49,646 debug filterchainproxy:337 - /welcomepage.html @ position 4 of 10 in additional filter chain; firing filter: 'basicauthenticationfilter' 19:03:49,646 debug filterchainproxy:337 - /welcomepage.html @ position 5 of 10 in additional filter chain; firing filter: 'requestcacheawarefilter' 19:03:49,647 debug filterchainproxy:337 - /welcomepage.html @ position 6 of 10 in additional filter chain; firing filter: 'securitycontextholderaware requestfilter' 19:03:49,647 debug filterchainproxy:337 - /welcomepage.html @ position 7 of 10 in additional filter chain; firing filter: 'anonymousauthenticationfil ter' 19:03:49,647 debug anonymousauthenticationfilter:107 - securitycontextholder not populated anonymous token, contained: 'org.springf ramework.security.authentication.usernamepasswordauthenticationtoken@afe7c13e: principal: security.v2vuserdetails@4a97111c; credentials: [protected];  authenticated: true; details: org.springframework.security.web.authentication.webauthenticationdetails@1c07a: remoteipaddress: 127.0.0.1; sessionid: e 5639123a984ee19e0cefca19c37da42; granted authorities: admin, role_user' 19:03:49,647 debug filterchainproxy:337 - /welcomepage.html @ position 8 of 10 in additional filter chain; firing filter: 'sessionmanagementfilter' 19:03:49,647 debug filterchainproxy:337 - /welcomepage.html @ position 9 of 10 in additional filter chain; firing filter: 'exceptiontranslationfilter ' 19:03:49,647 debug filterchainproxy:337 - /welcomepage.html @ position 10 of 10 in additional filter chain; firing filter: 'filtersecurityinterceptor ' 19:03:49,648 debug antpathrequestmatcher:103 - checking match of request : '/welcomepage.html'; against '/login.html*' 19:03:49,648 debug antpathrequestmatcher:103 - checking match of request : '/welcomepage.html'; against '/welcomepage.html*' 19:03:49,648 debug filtersecurityinterceptor:194 - secure object: filterinvocation: url: /welcomepage.html; attributes: [hasrole('role_user')] 19:03:49,649 debug filtersecurityinterceptor:310 - authenticated: org.springframework.security.authentication.usernamepasswordauthenticatio ntoken@afe7c13e: principal: security.v2vuserdetails@4a97111c; credentials: [protected]; authenticated: true; details: org.springframework.security.web .authentication.webauthenticationdetails@1c07a: remoteipaddress: 127.0.0.1; sessionid: e5639123a984ee19e0cefca19c37da42; granted authorities: admin, r ole_user 19:03:49,649 debug affirmativebased:65 - voter: org.springframework.security.web.access.expression.webexpressionvoter@4481f947, returned: 1 19:03:49,650 debug filtersecurityinterceptor:215 - authorization successful 19:03:49,650 debug filtersecurityinterceptor:227 - runasmanager did not change authentication object 19:03:49,651 debug filterchainproxy:323 - /welcomepage.html reached end of additional filter chain; proceeding original chain 19:03:49,660 debug antpathrequestmatcher:103 - checking match of request : '/web-inf/jsp/login.jsp'; against '/**/*.css' 19:03:49,660 debug antpathrequestmatcher:103 - checking match of request : '/web-inf/jsp/login.jsp'; against '/**/*.js' 19:03:49,661 debug antpathrequestmatcher:103 - checking match of request : '/web-inf/jsp/login.jsp'; against '/**/*.png' 19:03:49,661 debug filterchainproxy:337 - /web-inf/jsp/login.jsp @ position 1 of 10 in additional filter chain; firing filter: 'securitycontextpersis tencefilter' 19:03:49,661 debug filterchainproxy:337 - /web-inf/jsp/login.jsp @ position 2 of 10 in additional filter chain; firing filter: 'logoutfilter' 19:03:49,661 debug filterchainproxy:337 - /web-inf/jsp/login.jsp @ position 3 of 10 in additional filter chain; firing filter: 'usernamepasswordauthe nticationfilter' 19:03:49,661 debug filterchainproxy:337 - /web-inf/jsp/login.jsp @ position 4 of 10 in additional filter chain; firing filter: 'basicauthenticationfi lter' 19:03:49,661 debug filterchainproxy:337 - /web-inf/jsp/login.jsp @ position 5 of 10 in additional filter chain; firing filter: 'requestcacheawarefilt er' 19:03:49,662 debug filterchainproxy:337 - /web-inf/jsp/login.jsp @ position 6 of 10 in additional filter chain; firing filter: 'securitycontextholder awarerequestfilter' 19:03:49,662 debug filterchainproxy:337 - /web-inf/jsp/login.jsp @ position 7 of 10 in additional filter chain; firing filter: 'anonymousauthenticati onfilter' 19:03:49,662 debug anonymousauthenticationfilter:107 - securitycontextholder not populated anonymous token, contained: 'org.springf ramework.security.authentication.usernamepasswordauthenticationtoken@afe7c13e: principal: security.v2vuserdetails@4a97111c; credentials: [protected];  authenticated: true; details: org.springframework.security.web.authentication.webauthenticationdetails@1c07a: remoteipaddress: 127.0.0.1; sessionid: e 5639123a984ee19e0cefca19c37da42; granted authorities: admin, role_user' 19:03:49,662 debug filterchainproxy:337 - /web-inf/jsp/login.jsp @ position 8 of 10 in additional filter chain; firing filter: 'sessionmanagementfilt er' 19:03:49,662 debug filterchainproxy:337 - /web-inf/jsp/login.jsp @ position 9 of 10 in additional filter chain; firing filter: 'exceptiontranslationf ilter' 19:03:49,663 debug filterchainproxy:337 - /web-inf/jsp/login.jsp @ position 10 of 10 in additional filter chain; firing filter: 'filtersecurityinterc eptor' 19:03:49,663 debug filterchainproxy:323 - /web-inf/jsp/login.jsp reached end of additional filter chain; proceeding original chain 19:03:49,665 debug exceptiontranslationfilter:115 - chain processed 19:03:49,665 debug exceptiontranslationfilter:115 - chain processed 19:03:49,665 debug securitycontextpersistencefilter:97 - securitycontextholder cleared, request processing completed 19:03:49,915 debug antpathrequestmatcher:103 - checking match of request : '/css/jquery-ui-1.8.16.custom.css'; against '/**/*.css' 19:03:49,916 debug filterchainproxy:180 - /css/jquery-ui-1.8.16.custom.css has empty filter list 19:03:49,915 debug antpathrequestmatcher:103 - checking match of request : '/plugins/datatables/media/css/jquery.datatables.css'; against '/**/*.css' 19:03:49,916 debug filterchainproxy:180 - /plugins/datatables/media/css/jquery.datatables.css has empty filter list 19:03:49,916 debug antpathrequestmatcher:103 - checking match of request : '/plugins/datatables/media/css/jquery.datatables_themeroller.css'; against  '/**/*.css' 19:03:49,917 debug filterchainproxy:180 - /plugins/datatables/media/css/jquery.datatables_themeroller.css has empty filter list 19:03:49,961 debug antpathrequestmatcher:103 - checking match of request : '/css/redmond.custom/redmond.custom.css'; against '/**/*.css' 19:03:49,961 debug antpathrequestmatcher:103 - checking match of request : '/js/jquery-1.8.1.min.js'; against '/**/*.css' 19:03:49,961 debug filterchainproxy:180 - /css/redmond.custom/redmond.custom.css has empty filter list 19:03:49,962 debug antpathrequestmatcher:103 - checking match of request : '/jquery-ui/js/jquery-ui-1.8.23.custom.min.js'; against '/**/*.css' 19:03:49,962 debug antpathrequestmatcher:103 - checking match of request : '/jquery-ui/js/jquery-ui-1.8.23.custom.min.js'; against '/**/*.js' 19:03:49,962 debug antpathrequestmatcher:103 - checking match of request : '/js/jquery-1.8.1.min.js'; against '/**/*.js' 19:03:49,962 debug filterchainproxy:180 - /jquery-ui/js/jquery-ui-1.8.23.custom.min.js has empty filter list 19:03:49,963 debug filterchainproxy:180 - /js/jquery-1.8.1.min.js has empty filter list 19:03:49,970 debug antpathrequestmatcher:103 - checking match of request : '/plugins/jqueryui-multiselect/jquery.multiselect.css'; against '/**/*.css' 19:03:49,971 debug filterchainproxy:180 - /plugins/jqueryui-multiselect/jquery.multiselect.css has empty filter list 19:03:49,972 debug antpathrequestmatcher:103 - checking match of request : '/plugins/jqueryui-multiselect/jquery.multiselect.filter.css'; against '/** /*.css' 19:03:49,972 debug antpathrequestmatcher:103 - checking match of request : '/plugins/datatables/extras/tabletools/media/css/tabletools.css'; against ' /**/*.css' 19:03:49,972 debug filterchainproxy:180 - /plugins/jqueryui-multiselect/jquery.multiselect.filter.css has empty filter list 19:03:49,973 debug filterchainproxy:180 - /plugins/datatables/extras/tabletools/media/css/tabletools.css has empty filter list 19:03:49,973 debug antpathrequestmatcher:103 - checking match of request : '/plugins/datatables/extras/tabletools/media/css/tabletools_jui.css'; again st '/**/*.css' 19:03:49,973 debug filterchainproxy:180 - /plugins/datatables/extras/tabletools/media/css/tabletools_jui.css has empty filter list 19:03:50,018 debug antpathrequestmatcher:103 - checking match of request : '/plugins/datatables/extras/colvis/media/css/colvis.css'; against '/**/*.cs s' 19:03:50,019 debug filterchainproxy:180 - /plugins/datatables/extras/colvis/media/css/colvis.css has empty filter list 19:03:50,021 debug antpathrequestmatcher:103 - checking match of request : '/css/common.css'; against '/**/*.css' 19:03:50,021 debug filterchainproxy:180 - /css/common.css has empty filter list 19:03:50,062 debug antpathrequestmatcher:103 - checking match of request : '/css/toppanel.css'; against '/**/*.css' 19:03:50,063 debug filterchainproxy:180 - /css/toppanel.css has empty filter list 19:03:50,063 debug antpathrequestmatcher:103 - checking match of request : '/css/login.css'; against '/**/*.css' 19:03:50,063 debug filterchainproxy:180 - /css/login.css has empty filter list 19:03:50,065 debug antpathrequestmatcher:103 - checking match of request : '/plugins/datatables/media/js/jquery.datatables.js'; against '/**/*.css' 19:03:50,065 debug antpathrequestmatcher:103 - checking match of request : '/plugins/datatables/media/js/jquery.datatables.js'; against '/**/*.js' 19:03:50,065 debug filterchainproxy:180 - /plugins/datatables/media/js/jquery.datatables.js has empty filter list 19:03:50,066 debug antpathrequestmatcher:103 - checking match of request : '/plugins/datatables/extras/tabletools/media/js/tabletools.min.js'; against  '/**/*.css' 19:03:50,067 debug antpathrequestmatcher:103 - checking match of request : '/plugins/datatables/extras/tabletools/media/js/tabletools.min.js'; against  '/**/*.js' 19:03:50,067 debug filterchainproxy:180 - /plugins/datatables/extras/tabletools/media/js/tabletools.min.js has empty filter list 19:03:50,069 debug antpathrequestmatcher:103 - checking match of request : '/plugins/datatables/extras/fixedcolumns/media/js/fixedcolumns.min.js'; aga inst '/**/*.css' 19:03:50,069 debug antpathrequestmatcher:103 - checking match of request : '/plugins/datatables/extras/fixedcolumns/media/js/fixedcolumns.min.js'; aga inst '/**/*.js' 19:03:50,069 debug filterchainproxy:180 - /plugins/datatables/extras/fixedcolumns/media/js/fixedcolumns.min.js has empty filter list 19:03:50,070 debug antpathrequestmatcher:103 - checking match of request : '/plugins/datatables/extras/colvis/media/js/colvis.min.js'; against '/**/*. css' 19:03:50,070 debug antpathrequestmatcher:103 - checking match of request : '/plugins/datatables/extras/colvis/media/js/colvis.min.js'; against '/**/*. js' 19:03:50,071 debug filterchainproxy:180 - /plugins/datatables/extras/colvis/media/js/colvis.min.js has empty filter list 19:03:50,071 debug antpathrequestmatcher:103 - checking match of request : '/plugins/slidingmessage/jquery.slidingmessage.js'; against '/**/*.css' 19:03:50,072 debug antpathrequestmatcher:103 - checking match of request : '/plugins/slidingmessage/jquery.slidingmessage.js'; against '/**/*.js' 19:03:50,072 debug filterchainproxy:180 - /plugins/slidingmessage/jquery.slidingmessage.js has empty filter list 19:03:50,073 debug antpathrequestmatcher:103 - checking match of request : '/plugins/barcode/jquery-barcode-2.0.2.min.js'; against '/**/*.css' 19:03:50,074 debug antpathrequestmatcher:103 - checking match of request : '/plugins/barcode/jquery-barcode-2.0.2.min.js'; against '/**/*.js' 19:03:50,074 debug filterchainproxy:180 - /plugins/barcode/jquery-barcode-2.0.2.min.js has empty filter list 19:03:50,092 debug antpathrequestmatcher:103 - checking match of request : '/plugins/printarea/jquery.printarea.js'; against '/**/*.css' 19:03:50,093 debug antpathrequestmatcher:103 - checking match of request : '/plugins/printarea/jquery.printarea.js'; against '/**/*.js' 19:03:50,093 debug filterchainproxy:180 - /plugins/printarea/jquery.printarea.js has empty filter list 19:03:50,095 debug antpathrequestmatcher:103 - checking match of request : '/js/common.js'; against '/**/*.css' 19:03:50,095 debug antpathrequestmatcher:103 - checking match of request : '/js/fnreloadajax.datatables.js'; against '/**/*.css' 19:03:50,095 debug antpathrequestmatcher:103 - checking match of request : '/js/common.js'; against '/**/*.js' 19:03:50,095 debug filterchainproxy:180 - /js/common.js has empty filter list 19:03:50,095 debug antpathrequestmatcher:103 - checking match of request : '/js/fnreloadajax.datatables.js'; against '/**/*.js' 19:03:50,096 debug filterchainproxy:180 - /js/fnreloadajax.datatables.js has empty filter list 19:03:50,096 debug antpathrequestmatcher:103 - checking match of request : '/js/fnstandingredraw.datatables.js'; against '/**/*.css' 19:03:50,097 debug antpathrequestmatcher:103 - checking match of request : '/js/fnstandingredraw.datatables.js'; against '/**/*.js' 19:03:50,097 debug filterchainproxy:180 - /js/fnstandingredraw.datatables.js has empty filter list 19:03:50,098 debug antpathrequestmatcher:103 - checking match of request : '/plugins/jqueryui-multiselect/jquery.multiselect.min.js'; against '/**/*.c ss' 19:03:50,098 debug antpathrequestmatcher:103 - checking match of request : '/plugins/jqueryui-multiselect/jquery.multiselect.min.js'; against '/**/*.j s' 19:03:50,099 debug filterchainproxy:180 - /plugins/jqueryui-multiselect/jquery.multiselect.min.js has empty filter list 19:03:50,100 debug antpathrequestmatcher:103 - checking match of request : '/plugins/jqueryui-multiselect/jquery.multiselect.filter.min.js'; against ' /**/*.css' 19:03:50,100 debug antpathrequestmatcher:103 - checking match of request : '/plugins/jqueryui-multiselect/jquery.multiselect.filter.min.js'; against ' /**/*.js' 19:03:50,100 debug filterchainproxy:180 - /plugins/jqueryui-multiselect/jquery.multiselect.filter.min.js has empty filter list 19:03:50,102 debug antpathrequestmatcher:103 - checking match of request : '/plugins/toggleradio/toggleradio.js'; against '/**/*.css' 19:03:50,102 debug antpathrequestmatcher:103 - checking match of request : '/plugins/highlight/highlight.js'; against '/**/*.css' 19:03:50,102 debug antpathrequestmatcher:103 - checking match of request : '/plugins/toggleradio/toggleradio.js'; against '/**/*.js' 19:03:50,103 debug antpathrequestmatcher:103 - checking match of request : '/plugins/highlight/highlight.js'; against '/**/*.js' 19:03:50,103 debug filterchainproxy:180 - /plugins/toggleradio/toggleradio.js has empty filter list 19:03:50,103 debug filterchainproxy:180 - /plugins/highlight/highlight.js has empty filter list 19:03:50,105 debug antpathrequestmatcher:103 - checking match of request : '/plugins/jquery-ui-timepicker/jquery-ui-timepicker-addon.js'; against '/** /*.css' 19:03:50,105 debug antpathrequestmatcher:103 - checking match of request : '/plugins/jquery-ui-timepicker/jquery-ui-timepicker-addon.js'; against '/** /*.js' 19:03:50,105 debug filterchainproxy:180 - /plugins/jquery-ui-timepicker/jquery-ui-timepicker-addon.js has empty filter list 19:03:50,229 debug antpathrequestmatcher:103 - checking match of request : '/css/redmond.custom/images/ui-icons_6da8d5_256x240.png'; against '/**/*.cs s' 19:03:50,229 debug antpathrequestmatcher:103 - checking match of request : '/css/redmond.custom/images/ui-icons_6da8d5_256x240.png'; against '/**/*.js ' 19:03:50,229 debug antpathrequestmatcher:103 - checking match of request : '/css/redmond.custom/images/ui-bg_glass_85_dfeffc_1x400.png'; against '/**/ *.css' 19:03:50,230 debug antpathrequestmatcher:103 - checking match of request : '/css/redmond.custom/images/ui-icons_6da8d5_256x240.png'; against '/**/*.pn g' 19:03:50,230 debug antpathrequestmatcher:103 - checking match of request : '/css/redmond.custom/images/ui-bg_glass_85_dfeffc_1x400.png'; against '/**/ *.js' 19:03:50,230 debug filterchainproxy:180 - /css/redmond.custom/images/ui-icons_6da8d5_256x240.png has empty filter list 19:03:50,230 debug antpathrequestmatcher:103 - checking match of request : '/css/redmond.custom/images/ui-bg_glass_85_dfeffc_1x400.png'; against '/**/ *.png' 19:03:50,231 debug filterchainproxy:180 - /css/redmond.custom/images/ui-bg_glass_85_dfeffc_1x400.png has empty filter list

spring security configuration:

  <http pattern="/**/*.css" security="none" />   <http pattern="/**/*.js" security="none" />   <http pattern="/**/*.png" security="none" />    <http auto-config="true" use-expressions="true">     <intercept-url pattern="/login.html*" access="isanonymous()" />     <intercept-url pattern="/welcomepage.html*" access="hasrole('role_user')" />     <intercept-url pattern="/**" access="isfullyauthenticated()" />     <form-login login-page="/login.html"                 default-target-url="/welcomepage.html"                 authentication-failure-url="/login.html"                 always-use-default-target="true" />   </http>

found problem

i added spring security code forgot remove parts of old code responsible authentication. had interceptor check user in session , redirect login page if user not found.

removed old interceptor , problem fixed.


Comments

Post a Comment

Popular posts from this blog

linux - xterm copying to CLIPBOARD using copy-selection causes automatic updating of CLIPBOARD upon mouse selection -

i've tried various ways coerce xterm (versions 285 , 292) copy selection clipboard clipboard whenever press ctrl-shift-c. promising way far has been, in ~/.xresources, put this: xterm*vt100.translations: #override \ ctrl shift <keypress> c: copy-selection(clipboard) \n\ ctrl shift <keypress> v: insert-selection(clipboard) ctrl-shift-v works perfectly, copying has nuance... if restart xterm, highlighting text puts things in primary clipboard; expected, proper, default behavior. if hit ctrl-shift-c, copies current selection clipboard clipboard. the bug, however, if highlight text after first time pressed ctrl-shift-c, you'll see highlighting copies both primary and clipboard. cannot figure out how stop xterm updating clipboard upon selection... , doesn't make sense me in first place. i said, @ specific point in time, copy selection clipboard... yet starts updating automatically upon selection after doing once... anyone have workaround...
Read more

c++ - qgraphicsview horizontal scrolling always has a vertical delta -

Image
i've subclassed qgraphicsview custom canvas used in cad application. i've reimplemented qgraphicsview::wheelevent check keyboard modifiers control key and, if control key pressed, zoom. i'm trying implement horizontal scroll when user holds shift , uses wheel. the problem i'm having horizontal scrolling always scrolls 0.279. not huge problem, hugely annoying , points else being wrong. so, here questions: is right way implement horizontal scrolling? if not, is? how eliminate delta of 0.279? thanks in advance. code , sample output below void myview::zoom(int delta) { double factor = pow(1.2, delta/abs(delta)); this->scale(factor, factor); } void myview::scrollhorizontal(int level) { qpointf center = maptoscene(viewport()->rect().center()); qdebug() << "center: " << center.x() << ", " << center.y(); centeron(qpointf(center.x() - level, center.y())); } void myview::wheelevent(qwheeleve...
Read more