Spring Security 3.0.5, login problem with JSF
My login.xhtml:
HTML Code:
<html>
<h:head></h:head>
<h:form id="frm" prependId="false">
<h:panelGrid columns="1" style="margin-left:auto; margin-right:auto;">
<h:panelGrid columns="2" style="margin-left:auto; margin-right:auto;">
<h:outputText value="User:" />
<h:inputText id="j_username" />
<h:outputText value="Password:" />
<h:inputSecret id="j_password" />
</h:panelGrid>
<h:panelGrid columns="1" style="margin-left:auto; margin-right:auto;">
<h:commandButton type="submit" value="Submit" />
</h:panelGrid>
</h:panelGrid>
</h:form>
</body>
</html>
This JSF generates for h:form tag the following HTML code:
HTML Code:
<form id="frm" name="frm" action="views/login.xhtml">
So the action as I can not change my Spring Security configuration is as follows:
HTML Code:
<security:http auto-config="true" >
<security:intercept-url pattern="/views/login.xhtml" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<security:form-login login-processing-url="/views/login.xhtml"
login-page="/views/login.xhtml"
default-target-url="/views/blog.xhtml"
authentication-failure-url="/views/login.xhtml?error=1"
/>
<security:logout logout-url="/views/logout.xhtml" />
<security:access-denied-handler error-page="/views/accessDenied.xhtml" />
</security:http>
<security:authentication-manager>
<security:authentication-provider user-service-ref="ValidacionUsuariosService" />
</security:authentication-manager>
My processing-url is the same than authentication-failure-url and login-page, as validation using a customized service.
If the login is correct it works fine, but if not, it gives an error in the browser "This webpage have a redirect loop."
If I use the HTML form tag, and the action and the login-processing-url put another URL works well.
How I can fix this problem if I want use h: form?
