Two different login form
Hello, All!
I'm using Spring Security 3.1.2-RELEASE
I have two different resources - /account/ and /backend/, and I need to implement two different login form for them.
I try to reach that by the follows config:
But it does't work.Code:<http pattern="/account/**" auto-config="true" use-expressions="true"> <intercept-url pattern="/account/**" access="isAuthenticated()" /> <form-login login-page="/login.html" default-target-url="/account/history.html" authentication-failure-url="/login.html"/> <logout delete-cookies="JSESSIONID" /> </http> <http pattern="/backend/**" use-expressions="true"> <intercept-url pattern="/backend/login.html" access="permitAll" /> <intercept-url pattern="/backend/**" access="isAuthenticated()" /> <form-login login-page="/backend/login.html" default-target-url="/backend/accounts.html" authentication-failure-url="/backend/login.html"/> <logout delete-cookies="JSESSIONID" /> </http>
I alway get exception:
What I'm doing wrong? Where is my mistake?Code:Caused by: java.lang.IllegalArgumentException: A universal match pattern ('/**') is defined before other patterns in the filter chain, causing them to be ignored. Please check the ordering in your <security:http> namespace or FilterChainProxy bean configuration
Reply With Quote