Results 1 to 2 of 2

Thread: AbstractAuthenticationProcessingFilter. requiresAuthentication and JSF 2

  1. Jul 2nd, 2012, 01:40 AM #1
    nabert007
    nabert007 is offline Junior Member
    Join Date
    Jun 2012
    Location
    Kirchhain, Germany
    Posts
    3

    Default AbstractAuthenticationProcessingFilter. requiresAuthentication and JSF 2

    Hallo,

    I'm using Spring Security 3.1 and JSF 2 for the first time.

    This is my login definition in spring-security.xml:

    Code:
    <http auto-config="true" access-denied-page="/login.xhtml">
<form-login 
  login-page="/login.xhtml" default-target-url="/pages/main.xhtml"
			authentication-failure-url="/login.xhtml" />

  <logout logout-url="/logout" invalidate-session="true"
			logout-success-url="/login.xhtml" />
</http>
    and my login.xhtml:

    Code:
    <?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
	xmlns:f="http://java.sun.com/jsf/core"
	xmlns:h="http://java.sun.com/jsf/html"
	xmlns:ui="http://java.sun.com/jsf/facelets"
	xmlns:p="http://primefaces.org/ui">
...
<h:form>
<h:panelGrid columns="2" cellpadding="2">
<h:outputLabel for="#{loginBean.userName}" value="Username" />
<h:inputText id="j_username" value="#{loginBean.userName}"
label="Username"></h:inputText>
<h:outputLabel for="#{loginBean.password}" value="Password" />
<h:inputSecret id="j_password" value="#{loginBean.password}"></h:inputSecret>
<div class="submit">
<button type="submit"
class="ui-button ui-widget ui-state-default ui-corner-all ui-button-text-only">
<span class="ui-button-text">Login</span>
</button>
</div>
</h:panelGrid>
</h:form>
...
</html>
    A defined authentification provider isn't called after a submit in requiresAuthentication because

    Code:
    uri = "<webapp>/login.xhtml"
    and

    Code:
    request.getContextPath() + filterProcessesUrl) = "<webapp>/j_spring_security_check"
    Set login-processing-url="/j_spring_security_check" or "/login.xhtml" in my form-login definition can't be a solution, because it generates a continuous-loop of AbstractProcesingFilter.requiresAuthentication() calls and an AuthenticationException in AbstractAuthenticationProcessingFilter before a login form is displayed for the first time?!

    Can someone help me? I'm looking for an running JSF 2 example (without any jsp pages)?!
    Last edited by nabert007; Jul 10th, 2012 at 02:30 AM.
    Reply With Quote Reply With Quote
  2. Jul 2nd, 2012, 09:43 AM #2
    Rob Winch
    Rob Winch is offline Senior Member Spring Team
    Join Date
    Jan 2008
    Posts
    1,826

    Default

    If you want a sample of using Spring Security and JSF I would recommend looking at the SWF samples (i.e. webflow-primefaces-showcase) which provide a good example of using Spring Security and JSF along with Spring Security JSF taglib integration. Make sure to read the reference which contains the sample documentation and the Spring Security integration documentation.

    PS: Please use code tags when posting code and configurations as it makes things much easier to read
    Rob Winch - @rob_winch
    Spring Security Lead
    Pivotal
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules