Results 1 to 3 of 3

Thread: problem with hiding the url of entry-point

  1. Aug 2nd, 2012, 01:20 PM #1
    Shining77
    Shining77 is offline Junior Member
    Join Date
    Jan 2010
    Posts
    14

    Default problem with hiding the url of entry-point

    Hello,

    I have the following problem:

    I am using Spring Security and my entry-point is

    <security:form-login login-page="/index.htm" default-target-url="/start.htm" always-use-default-target="true" authentication-failure-url="/index.htm" />

    So when I am starting my tomcat and go to localhost:8080 and then he redirect automatically to index.htm

    So far so good that the correct behavior. But in my case I do not want to see this localhost:8080/index.htm in the browser, but only localhost:8080

    Is there a possiblity with this redirect without displaying the URL in the browser?
    Reply With Quote Reply With Quote
  2. Aug 2nd, 2012, 03:13 PM #2
    Rob Winch
    Rob Winch is offline Senior Member Spring Team
    Join Date
    Jan 2008
    Posts
    1,826

    Default

    I assume you mean you want to forward to the login url as apposed to perform a redirect? Checkout LoginUrlAuthenticationEntryPoint and the useForward attribute. You can then specify the AuthenticationEntryPoint using http@entry-point-ref.
    Rob Winch - @rob_winch
    Spring Security Lead
    Pivotal
    Reply With Quote Reply With Quote
  3. Aug 3rd, 2012, 11:47 AM #3
    Shining77
    Shining77 is offline Junior Member
    Join Date
    Jan 2010
    Posts
    14

    Default

    That is working now with the forward, many thanks!

    Now my last problem: When I call a secured URL with no user login, it is now not jumping to my entry point anymore.

    My configuration is the following one:

    <security:http entry-point-ref="loginUrlAuthenticationEntryPoint" auto-config="true" use-expressions="true" disable-url-rewriting="true">
    <security:intercept-url pattern="/user/**" access="hasRole('ROLE_USER')" />
    <security:form-login login-page="/index.htm" default-target-url="/start.htm" always-use-default-target="true" authentication-failure-url="/index.htm" />
    <security:logout />
    <session-management session-authentication-strategy-ref="sas" />
    </security:http>

    <beans:bean id="loginUrlAuthenticationEntryPoint"
    class="org.springframework.security.web.authentica tion.LoginUrlAuthenticationEntryPoint">
    <beansroperty name="loginFormUrl" value="/index.htm" />
    <beansroperty name="useForward" value="true" />
    </beans:bean>

    My call of /user/home.htm without any user login do not correctly redirect to my index.htm, but open the /user/home.htm which is actually not permitted.

    What might the failure here? Before I am using the entry-point everything has gone well.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules