Results 1 to 2 of 2

Thread: Jsut a quick one

  1. Jan 27th, 2013, 09:53 PM #1
    mushashi
    mushashi is offline Junior Member
    Join Date
    Oct 2012
    Posts
    11

    Default Jsut a quick one

    Guys,

    I was wondering if someone could figure what am I doing wrong here:

    I am using Spring MVC and Spring Security (3.1.0.RELEASE) with multiple http tag definitions:

    Code:
    <security:http use-expressions="true" authentication-manager-ref="supervisorAuthenticationManager" pattern="/supervisor/**">
		<security:intercept-url pattern="/supervisor/maintenance/**" access="hasRole('supervisor')" />
		<security:form-login login-page="/supervisor/login" login-processing-url="/supervisor/j_spring_security_check" 
			default-target-url="/supervisor/maintenance" authentication-failure-url="/supervisor/login?authfailed=true"/>
		<security:logout logout-success-url="/supervisor/logout" />
	</security:http>

    <security:http use-expressions="true" authentication-manager-ref="clientAuthenticationManager">
		<security:intercept-url pattern="/maintenance/**" access="hasRole('client')" />
		<security:intercept-url pattern="/booking/**" access="hasRole('client')" />
		<security:form-login login-page="/login" authentication-failure-url="/login?authfailed=true" default-target-url="/maintenance" />
		<security:logout logout-success-url="/logout" />
	</security:http>

    the problem is with a logout

    Code:
    http://localhost:8080/servlet/supervisor/j_spring_security_logout
    returns 404, while the root one

    Code:
    http://localhost:8080/servlet/j_spring_security_logout
    (used by the second definition below the one on top) works fine.

    Now what makes me curious is that login for supervisor works as intended for example:

    Code:
    login-processing-url="/supervisor/j_spring_security_check
    works fine (I have left out authentication provider definitions to minimise the clutter) so the setup is aware of the 'supervisor' portion, yet when it comes to logout, it cannot find it.

    my web.xml only has one filter defined

    Code:
     <filter>
        <filter-name>springSecurityFilter</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
      <filter-name>springSecurityFilter</filter-name>
      <url-pattern>/*</url-pattern>
    </filter-mapping>
    Any ideas are welcome.

    Regards, M.
    Reply With Quote Reply With Quote
  2. Jan 27th, 2013, 10:24 PM #2
    mushashi
    mushashi is offline Junior Member
    Join Date
    Oct 2012
    Posts
    11

    Default

    Scratch that,

    I found the problem, it appears that I was missing logout-url tag with logout-url="/supervisor/j_spring_security_logout" which makes sense (everything that is 'nested' or in this case contained inside 'supervisor' has to be explicitly defined.
    Last edited by mushashi; Jan 27th, 2013 at 10:39 PM.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules