Results 1 to 2 of 2

Thread: Not redirecting to login page when using https with a domain name - Error 310

  1. Jul 31st, 2012, 04:26 AM #1
    sree135
    sree135 is offline Junior Member
    Join Date
    May 2012
    Posts
    6

    Post Not redirecting to login page when using https with a domain name - Error 310

    Hi:
    I am facing an error when I use requires-channel="https" for login page.
    I am securing my resources using defined roles by using expressions.

    I have configured filter as below in web.xml:
    <filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFil terProxy</filter-class>
    </filter>

    <filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
    </filter-mapping>

    And in the following is my security configuration.

    <?xml version="1.0" encoding="UTF-8"?>

    <beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schem...-beans-3.0.xsd
    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">


    <http use-expressions="true">
    <intercept-url pattern="/login.jsp" access="permitAll" />
    <intercept-url pattern="/My_Home.html" access="hasRole('admin')" requires-channel="https" />
    <form-login login-page="/login.jsp" authentication-failure-url="/login.jsp?login_error=1" />
    <logout logout-success-url="/login.jsp" />
    <port-mappings>
    <port-mapping http="8080" https="8443"/>
    </port-mappings>
    </http>


    <authentication-manager>
    <authentication-provider>
    <user-service>
    <user name="sree" password="mypass" authorities="admin" />
    </user-service>
    </authentication-provider>
    </authentication-manager>

    </beans:beans>

    I am basically securing a static page (html5 page), which has calls to some third party REST services.

    Application is deployed on WAS CE 3.0.

    It is working fine when I access the resources using localhost on https, if I am not logged in it is re directing to the login page i.e.
    https://localhost:8443/HTML5Web/My_Home.html is taking me to https://localhost:8443/HTML5Web/login.jsp

    And on successful login it is displaying the secured resource.

    But when I access the same secured resource using the domain name on https i.e.

    https://domainname:8443/HTML5Web/My_Home.html, it is giving an error as

    "Error 310 (net::ERR_TOO_MANY_REDIRECTS): There were too many redirects."

    Please help me in resolving this error, is it a problem with Spring Configuration?

    Regards
    Sreedhar
    Reply With Quote Reply With Quote
  2. Jul 31st, 2012, 09:18 AM #2
    Rob Winch
    Rob Winch is offline Senior Member Spring Team
    Join Date
    Jan 2008
    Posts
    1,826

    Default

    Try capturing the redirects with a plugin like FireFox tamper data. Ensure that the HTTP session is being submitted in the requests. Also try enabling logging in Spring Security and determining if that helps figure out the issue.
    Rob Winch - @rob_winch
    Spring Security Lead
    Pivotal
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules