intercept-url configuration
Hello,
I'm hoping someone can help me. My config is set up below. I'm trying to secure down my app. I want it to have to be authenticated (logged in) everywhere you go, thus the /**. The problem is the Login page is being treated as protected area and I get stuck in an infinite loop in the browser, like it is just ignoring the permitAll. The "Login" form is a spring mvc form in site of MySite. Any suggestions?
Code:<http auto-config="true" use-expressions="true" create-session="never"> <intercept-url pattern="http://localhost:8080/MySite/Login" access="permitAll" /> <intercept-url pattern="http://localhost:8080/MySite/Login/**" access="permitAll" /> <intercept-url pattern="/**" access="isAuthenticated()" /> <form-login login-page="${myWoodmen.security.form.login}" /> <logout logout-success-url="http://localhost:8080/MyWoodmen/Login" /> <remember-me key="AppKey123456" services-ref="mySiteRememberMeService" /> </http>
Reply With Quote