Problem with stylesheet in acegilogin.jsp page

**wolf** · Aug 24th, 2005, 09:13 AM

As soon as I insert a stylesheet in the header of my acegilogin.jsp page and attempt to login, the application downloads and shows the stylesheet file.

Following the used code snipped:

<html>
<head>
<title><spring:message code="window.title"/></title>
<link rel="stylesheet" href="<c:url value='style/default.css'/>" type="text/css" />
</head>
<body>
...

Has someone the same problem?

**Ben Alex** · Sep 8th, 2005, 04:55 AM

Could you describe what is happening a little more, and maybe show the HTML generated by the JSP?

**wolf** · Sep 10th, 2005, 11:47 AM

All I do is to insert a stylesheet link in the original acegilogin.jsp page as I described above. Without this I can login without any trouble and the application act well. I tried this also with the acegi-security-sample-contacts-filter example application with the same result. After I submit the login page with the correct username and password the application redirects me to the default.css stylesheet page, which is shown in the brwoser. There is only the css code and no HTML code shown...

**Ben Alex** · Sep 14th, 2005, 04:21 PM

Sounds like the style sheet is being protected. Have you made the path to the CSS ROLE_ANONYMOUS in your FilterSecurityInterceptor.objectDefinitionSource?

**feenixx** · Sep 22nd, 2005, 01:58 PM

I'm having same behaviour with 0.9 snapshot build.

FilterSecurityInterceptor looks something like

Code:

 CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
        PATTERN_TYPE_APACHE_ANT
        /admin/**=ROLE_ADMIN,ROLE_SUPERVISOR
        /index.jsp=ROLE_ANONYMOUS,ROLE_EMPLOYER,ROLE_ADMIN,ROLE_SUPERVISOR
        /login.do*=ROLE_ANONYMOUS,ROLE_EMPLOYER,ROLE_ADMIN,ROLE_SUPERVISOR
        /css/**=ROLE_ANONYMOUS,ROLE_EMPLOYER,ROLE_ADMIN,ROLE_SUPERVISOR
        /img/**=ROLE_ANONYMOUS,ROLE_EMPLOYER,ROLE_ADMIN,ROLE_SUPERVISOR
        /default.do*=ROLE_ANONYMOUS,ROLE_EMPLOYER,ROLE_ADMIN,ROLE_SUPERVISOR
		/**=ROLE_EMPLOYER,ROLE_ADMIN,ROLE_SUPERVISOR

Debug shows

Code:

DEBUG SecurityEnforcementFilter&#58;185 - Chain processed normally
DEBUG HttpSessionContextIntegrationFilter&#58;270 - SecurityContext stored to HttpSession&#58; 'net.sf.acegisecurity.context.SecurityContextImpl@1f0a2a0&#58; Null authentication'
DEBUG HttpSessionContextIntegrationFilter&#58;279 - SecurityContextHolder set to new context, as request processing completed
DEBUG TransactionSynchronizationManager&#58;184 - Removed value &#91;org.springframework.orm.hibernate3.SessionHolder@45f4ae&#93; for key &#91;org.hibernate.impl.SessionFactoryImpl@1154718&#93; from thread &#91;http-8080-Processor24&#93;
DEBUG TransactionSynchronizationManager&#58;161 - Bound value &#91;org.springframework.orm.hibernate3.SessionHolder@754384&#93; for key &#91;org.hibernate.impl.SessionFactoryImpl@1154718&#93; to thread &#91;http-8080-Processor25&#93;
DEBUG PathBasedFilterInvocationDefinitionMap&#58;110 - Converted URL to lowercase, from&#58; '/login.do'; to&#58; '/login.do'
DEBUG PathBasedFilterInvocationDefinitionMap&#58;121 - Candidate is&#58; '/login.do'; pattern is /**; matched=true
DEBUG FilterChainProxy&#58;297 - /login.do at position 1 of 5 in additional filter chain; firing Filter&#58; 'net.sf.acegisecurity.context.HttpSessionContextIntegrationFilter@cdc97b'
DEBUG HttpSessionContextIntegrationFilter&#58;176 - Obtained from ACEGI_SECURITY_CONTEXT a valid SecurityContext and set to SecurityContextHolder&#58; 'net.sf.acegisecurity.context.SecurityContextImpl@1f0a2a0&#58; Null authentication'
DEBUG FilterChainProxy&#58;297 - /login.do at position 2 of 5 in additional filter chain; firing Filter&#58; 'net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter@8bb9d1'
DEBUG FilterChainProxy&#58;297 - /login.do at position 3 of 5 in additional filter chain; firing Filter&#58; 'net.sf.acegisecurity.wrapper.ContextHolderAwareRequestFilter@fdf48d'
DEBUG FilterChainProxy&#58;297 - /login.do at position 4 of 5 in additional filter chain; firing Filter&#58; 'net.sf.acegisecurity.providers.anonymous.AnonymousProcessingFilter@fe8c4'
DEBUG AnonymousProcessingFilter&#58;95 - Replaced SecurityContextHolder with anonymous token&#58; 'net.sf.acegisecurity.providers.anonymous.AnonymousAuthenticationToken@a3c5b6&#58; Username&#58; anonymousUser; Password&#58; &#91;PROTECTED&#93;; Authenticated&#58; true; Details&#58; null; Granted Authorities&#58; ROLE_ANONYMOUS'
DEBUG FilterChainProxy&#58;297 - /login.do at position 5 of 5 in additional filter chain; firing Filter&#58; 'net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter@ee5a06'
DEBUG PathBasedFilterInvocationDefinitionMap&#58;110 - Converted URL to lowercase, from&#58; '/login.do'; to&#58; '/login.do'
DEBUG PathBasedFilterInvocationDefinitionMap&#58;121 - Candidate is&#58; '/login.do'; pattern is /admin/**; matched=false
DEBUG PathBasedFilterInvocationDefinitionMap&#58;121 - Candidate is&#58; '/login.do'; pattern is /index.jsp; matched=false
DEBUG PathBasedFilterInvocationDefinitionMap&#58;121 - Candidate is&#58; '/login.do'; pattern is /login.do*; matched=true
DEBUG AbstractSecurityInterceptor&#58;372 - Secure object&#58; FilterInvocation&#58; URL&#58; /login.do; ConfigAttributes&#58; &#91;ROLE_ANONYMOUS, ROLE_EMPLOYER, ROLE_ADMIN, ROLE_SUPERVISOR&#93;
DEBUG AbstractSecurityInterceptor&#58;415 - Previously Authenticated&#58; net.sf.acegisecurity.providers.anonymous.AnonymousAuthenticationToken@a3c5b6&#58; Username&#58; anonymousUser; Password&#58; &#91;PROTECTED&#93;; Authenticated&#58; true; Details&#58; null; Granted Authorities&#58; ROLE_ANONYMOUS
DEBUG AbstractSecurityInterceptor&#58;432 - Authorization successful
DEBUG AbstractSecurityInterceptor&#58;445 - RunAsManager did not change Authentication object
DEBUG FilterChainProxy&#58;288 - /login.do reached end of additional filter chain; proceeding with original chain
DEBUG ModuleUtils&#58;167 - Get module name for path /login.do
DEBUG ModuleUtils&#58;191 - Module name found&#58; default
DEBUG RequestProcessor&#58;172 - Processing a 'GET' for path '/login'
DEBUG TilesRequestProcessor&#58;233 - uri=/jsp/layoutBase.jsp doInclude=false
DEBUG InsertTag&#58;863 - insert page='/jsp/logon.jsp'.
DEBUG SecurityEnforcementFilter&#58;185 - Chain processed normally
DEBUG HttpSessionContextIntegrationFilter&#58;270 - SecurityContext stored to HttpSession&#58; 'net.sf.acegisecurity.context.SecurityContextImpl@1f0a2a0&#58; Null authentication'
DEBUG TransactionSynchronizationManager&#58;161 - Bound value &#91;org.springframework.orm.hibernate3.SessionHolder@94cc7&#93; for key &#91;org.hibernate.impl.SessionFactoryImpl@1154718&#93; to thread &#91;http-8080-Processor24&#93;
DEBUG PathBasedFilterInvocationDefinitionMap&#58;110 - Converted URL to lowercase, from&#58; '/css/markup.css'; to&#58; '/css/markup.css'
DEBUG PathBasedFilterInvocationDefinitionMap&#58;121 - Candidate is&#58; '/css/markup.css'; pattern is /**; matched=true
DEBUG FilterChainProxy&#58;297 - /css/markup.css at position 1 of 5 in additional filter chain; firing Filter&#58; 'net.sf.acegisecurity.context.HttpSessionContextIntegrationFilter@cdc97b'
DEBUG HttpSessionContextIntegrationFilter&#58;279 - SecurityContextHolder set to new context, as request processing completed
DEBUG HttpSessionContextIntegrationFilter&#58;176 - Obtained from ACEGI_SECURITY_CONTEXT a valid SecurityContext and set to SecurityContextHolder&#58; 'net.sf.acegisecurity.context.SecurityContextImpl@1f0a2a0&#58; Null authentication'
DEBUG TransactionSynchronizationManager&#58;184 - Removed value &#91;org.springframework.orm.hibernate3.SessionHolder@754384&#93; for key &#91;org.hibernate.impl.SessionFactoryImpl@1154718&#93; from thread &#91;http-8080-Processor25&#93;
DEBUG FilterChainProxy&#58;297 - /css/markup.css at position 2 of 5 in additional filter chain; firing Filter&#58; 'net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter@8bb9d1'
DEBUG FilterChainProxy&#58;297 - /css/markup.css at position 3 of 5 in additional filter chain; firing Filter&#58; 'net.sf.acegisecurity.wrapper.ContextHolderAwareRequestFilter@fdf48d'
DEBUG FilterChainProxy&#58;297 - /css/markup.css at position 4 of 5 in additional filter chain; firing Filter&#58; 'net.sf.acegisecurity.providers.anonymous.AnonymousProcessingFilter@fe8c4'
DEBUG AnonymousProcessingFilter&#58;95 - Replaced SecurityContextHolder with anonymous token&#58; 'net.sf.acegisecurity.providers.anonymous.AnonymousAuthenticationToken@8fa0f0&#58; Username&#58; anonymousUser; Password&#58; &#91;PROTECTED&#93;; Authenticated&#58; true; Details&#58; null; Granted Authorities&#58; ROLE_ANONYMOUS'
DEBUG FilterChainProxy&#58;297 - /css/markup.css at position 5 of 5 in additional filter chain; firing Filter&#58; 'net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter@ee5a06'
DEBUG PathBasedFilterInvocationDefinitionMap&#58;110 - Converted URL to lowercase, from&#58; '/css/markup.css'; to&#58; '/css/markup.css'
DEBUG PathBasedFilterInvocationDefinitionMap&#58;121 - Candidate is&#58; '/css/markup.css'; pattern is /admin/**; matched=false
DEBUG PathBasedFilterInvocationDefinitionMap&#58;121 - Candidate is&#58; '/css/markup.css'; pattern is /index.jsp; matched=false
DEBUG PathBasedFilterInvocationDefinitionMap&#58;121 - Candidate is&#58; '/css/markup.css'; pattern is /login.do*; matched=false
DEBUG PathBasedFilterInvocationDefinitionMap&#58;121 - Candidate is&#58; '/css/markup.css'; pattern is /css/**; matched=true
DEBUG AbstractSecurityInterceptor&#58;372 - Secure object&#58; FilterInvocation&#58; URL&#58; /css/markup.css; ConfigAttributes&#58; &#91;ROLE_ANONYMOUS, ROLE_EMPLOYER, ROLE_ADMIN, ROLE_SUPERVISOR&#93;
DEBUG AbstractSecurityInterceptor&#58;415 - Previously Authenticated&#58; net.sf.acegisecurity.providers.anonymous.AnonymousAuthenticationToken@8fa0f0&#58; Username&#58; anonymousUser; Password&#58; &#91;PROTECTED&#93;; Authenticated&#58; true; Details&#58; null; Granted Authorities&#58; ROLE_ANONYMOUS
DEBUG AbstractSecurityInterceptor&#58;432 - Authorization successful
DEBUG AbstractSecurityInterceptor&#58;445 - RunAsManager did not change Authentication object
DEBUG FilterChainProxy&#58;288 - /css/markup.css reached end of additional filter chain; proceeding with original chain

(Using Tomcat, Struts with Tiles)

somehow I get redirected to .css page instead of login.do action after authentication.

**Ben Alex** · Sep 23rd, 2005, 07:19 PM

I need more log unfortunately. Try earlier in the sequence, when the SecurityEnforcementFilter first detects an access denied exception. We need to see what URL it's storing in the HttpSession.

Also, I noticed the log refers to /css/markup.css whereas your earlier login page JSP referred to style/default.css. If your login page is still using style/default.css, /style/** is not defined in FilterSecurityInterceptor with ROLE_ANONYMOUS, and this may be contributing.

**wolf** · Oct 3rd, 2005, 01:12 AM

Hi Ben,

you was correct with your hint that the style sheet is protected. After I made the path to the CSS ROLE_ANONYMOUS, my application works fine.
Thanks for your help.

**feenixx** · Oct 12th, 2005, 02:29 AM

I haven't been able to solve this issue yet, I'll post a partial (huge!) event.log where user gets
redirected to stylesheet page instead of defined index page.

Should I post my security configuration and index.jsp aswell?

[code:1:7e78a0c474]
10:05:47,804 DEBUG FilterInvocationDefinitionSourceEditor:73 - Detected PATTERN_TYPE_APACHE_ANT directive; using Apache Ant style path expressions
10:05:47,808 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 1:
10:05:47,810 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 2: CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
10:05:47,812 DEBUG FilterInvocationDefinitionSourceEditor:106 - Line 2: Instructing mapper to convert URLs to lowercase before comparison
10:05:47,819 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 3: PATTERN_TYPE_APACHE_ANT
10:05:47,820 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 4: /**=httpSessionContextIntegrationFilter,authenticat ionProcessingFilter,contextHolderAwareRequestFilte r,anonymousProcessingFilter,securityEnforcementFil ter
10:05:47,850 DEBUG PathBasedFilterInvocationDefinitionMap:99 - Added Ant path: /**; attributes: [httpSessionContextIntegrationFilter, authenticationProcessingFilter, contextHolderAwareRequestFilter, anonymousProcessingFilter, securityEnforcementFilter]
10:05:47,853 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 5:
10:05:47,855 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 6:
10:05:48,011 INFO UserMap:88 - Adding user [net.sf.acegisecurity.providers.dao.User@17870 05: Username: super; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_USER, ROLE_SUPERVISOR]
10:05:48,014 INFO UserMap:88 - Adding user [net.sf.acegisecurity.providers.dao.User@29483 : Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_USER, ROLE_ADMIN]
10:05:48,020 INFO UserMap:88 - Adding user [net.sf.acegisecurity.providers.dao.User@b0351 2: Username: employer; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_USER, ROLE_EMPLOYER]
10:05:48,026 INFO UserMap:88 - Adding user [net.sf.acegisecurity.providers.dao.User@6c570 c: Username: timmy; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_WE_DONT_HAVE]
10:05:48,085 INFO EhCacheManagerFactoryBean:69 - Initializing EHCache CacheManager
10:05:48,096 INFO EhCacheFactoryBean:186 - Creating new EHCache cache region 'userCache'
10:05:48,342 DEBUG FilterInvocationDefinitionSourceEditor:73 - Detected PATTERN_TYPE_APACHE_ANT directive; using Apache Ant style path expressions
10:05:48,345 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 1:
10:05:48,353 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 2: CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
10:05:48,355 DEBUG FilterInvocationDefinitionSourceEditor:106 - Line 2: Instructing mapper to convert URLs to lowercase before comparison
10:05:48,356 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 3: PATTERN_TYPE_APACHE_ANT
10:05:48,359 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 4: /admin/**=ROLE_ADMIN,ROLE_SUPERVISOR
10:05:48,363 DEBUG PathBasedFilterInvocationDefinitionMap:99 - Added Ant path: /admin/**; attributes: [ROLE_ADMIN, ROLE_SUPERVISOR]
10:05:48,369 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 5: /index.jsp=ROLE_ANONYMOUS,ROLE_USER
10:05:48,372 DEBUG PathBasedFilterInvocationDefinitionMap:99 - Added Ant path: /index.jsp; attributes: [ROLE_ANONYMOUS, ROLE_USER]
10:05:48,375 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 6: /login.do*=ROLE_ANONYMOUS,ROLE_USER
10:05:48,376 DEBUG PathBasedFilterInvocationDefinitionMap:99 - Added Ant path: /login.do*; attributes: [ROLE_ANONYMOUS, ROLE_USER]
10:05:48,384 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 7: /logout.do*=ROLE_ANONYMOUS,ROLE_USER
10:05:48,389 DEBUG PathBasedFilterInvocationDefinitionMap:99 - Added Ant path: /logout.do*; attributes: [ROLE_ANONYMOUS, ROLE_USER]
10:05:48,391 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 8: /css/**=ROLE_ANONYMOUS,ROLE_USER
10:05:48,394 DEBUG PathBasedFilterInvocationDefinitionMap:99 - Added Ant path: /css/**; attributes: [ROLE_ANONYMOUS, ROLE_USER]
10:05:48,396 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 9: /img/**=ROLE_ANONYMOUS,ROLE_USER
10:05:48,398 DEBUG PathBasedFilterInvocationDefinitionMap:99 - Added Ant path: /img/**; attributes: [ROLE_ANONYMOUS, ROLE_USER]
10:05:48,402 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 10: /default.do*=ROLE_ANONYMOUS,ROLE_USER
10:05:48,404 DEBUG PathBasedFilterInvocationDefinitionMap:99 - Added Ant path: /default.do*; attributes: [ROLE_ANONYMOUS, ROLE_USER]
10:05:48,406 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 11: /**=ROLE_USER
10:05:48,422 DEBUG PathBasedFilterInvocationDefinitionMap:99 - Added Ant path: /**; attributes: [ROLE_USER]
10:05:48,424 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 12:
10:05:48,435 INFO AbstractSecurityInterceptor:311 - Validated configuration attributes
10:05:48,622 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 1:
10:05:48,625 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 2: CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
10:05:48,626 DEBUG FilterInvocationDefinitionSourceEditor:106 - Line 2: Instructing mapper to convert URLs to lowercase before comparison
10:05:48,628 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 3: \A/*.do\Z=REQUIRES_SECURE_CHANNEL
10:05:48,668 DEBUG RegExpBasedFilterInvocationDefinitionMap:114 - Added regular expression: \A/*.do\Z; attributes: [REQUIRES_SECURE_CHANNEL]
10:05:48,670 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 4: \A/login.jsp.*\Z=REQUIRES_SECURE_CHANNEL
10:05:48,674 DEBUG RegExpBasedFilterInvocationDefinitionMap:114 - Added regular expression: \A/login.jsp.*\Z; attributes: [REQUIRES_SECURE_CHANNEL]
10:05:48,677 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 5: \A/j_acegi_security_check.*\Z=REQUIRES_SECURE_CHANNEL
10:05:48,680 DEBUG RegExpBasedFilterInvocationDefinitionMap:114 - Added regular expression: \A/j_acegi_security_check.*\Z; attributes: [REQUIRES_SECURE_CHANNEL]
10:05:48,682 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 6: \A.*\Z=REQUIRES_INSECURE_CHANNEL
10:05:48,687 DEBUG RegExpBasedFilterInvocationDefinitionMap:114 - Added regular expression: \A.*\Z; attributes: [REQUIRES_INSECURE_CHANNEL]
10:05:48,691 DEBUG FilterInvocationDefinitionSourceEditor:97 - Line 7:
10:05:48,694 INFO ChannelProcessingFilter:132 - Validated configuration attributes
10:05:48,946 INFO AbstractSecurityInterceptor:311 - Validated configuration attributes
10:05:48,956 DEBUG LoginEventBean:43 - Recievent event :org.springframework.web.context.support.XmlWe bApplicationContext: display name [Root WebApplicationContext]; startup date [Wed Oct 12 10:05:35 EEST 2005]; root of context hierarchy; config locations [/WEB-INF/applicationContext.xml,/WEB-INF/andromeda-security.xml]
10:05:48,960 INFO ContextLoader:161 - Using context class [org.springframework.web.context.support.XmlWe bApplicationContext] for root WebApplicationContext
10:05:48,962 INFO ContextLoader:171 - Root WebApplicationContext: initialization completed in 13445 ms
10:05:48,989 INFO OpenSessionInViewFilter:118 - Initializing filter 'hibernateFilter'
10:05:49,026 INFO OpenSessionInViewFilter:143 - Filter 'hibernateFilter' configured successfully
10:05:49,153 DEBUG PropertyMessageResources:82 - Initializing, config='org.apache.struts.action.ActionResources', returnNull=true
10:05:49,252 DEBUG ActionServlet:1130 - Scanning web.xml for controller servlet mapping
10:05:49,457 DEBUG ActionServlet:450 - Process servletName=action, urlPattern=*.do
10:05:49,461 DEBUG ActionServlet:450 - Process servletName=jsp, urlPattern=*.jspf
10:05:49,464 DEBUG ActionServlet:1163 - Mapping for servlet 'action' = '*.do'
10:05:49,466 DEBUG ActionServlet:655 - Initializing module path '' configuration from '/WEB-INF/struts-config.xml'
10:05:50,921 DEBUG ActionServlet:906 - Initializing module path '' message resources from 'fi.foo.bar.struts.ApplicationResources'
10:05:50,923 DEBUG PropertyMessageResources:82 - Initializing, config='fi.foo.bar.struts.ApplicationResources', returnNull=true
10:05:50,925 DEBUG ActionServlet:786 - Initializing module path '' data sources
10:05:50,927 DEBUG ActionServlet:837 - Initializing module path '' plug ins
10:05:50,966 INFO ContextLoaderPlugIn:217 - ContextLoaderPlugIn for Struts ActionServlet 'action, module '': initialization started
10:05:50,970 INFO [/andromeda]:636 - Initializing WebApplicationContext for Struts ActionServlet 'action', module ''
10:05:50,985 INFO XmlBeanDefinitionReader:158 - Loading XML bean definitions from ServletContext resource [/WEB-INF/action-servlet.xml]
10:05:51,063 DEBUG PropertyMessageResources:82 - Initializing, config='org.apache.struts.actions.LocalStrings', returnNull=true
10:05:51,292 INFO XmlWebApplicationContext:92 - Bean factory for application context [WebApplicationContext for namespace 'action-servlet']: org.springframework.beans.factory.support.DefaultL istableBeanFactory defining beans [/logout,/admin/editUser,/listCustomers,/editCustomerCorporation,/editCustomerPerson,/editCustomerExtraInfo,/admin/editUserGroup,/admin/listOffices,/admin/listOccupations,/listBillingDetails,/listOrders,/selectOrderType,/listUserResources,/downloadUserResource]; parent: org.springframework.beans.factory.support.DefaultL istableBeanFactory defining beans [propertyConfigurer,baseDataSource,myDataSourc e1,myDataSource2,dataSource,hibernateProperties,se ssionFactory,transactionManager,billingDetailsDAO, customerDAO,domainObjectDAO,occupationDAO,officeDA O,orderDAO,referralSourceDAO,sessionDAO,sessionGro upDAO,orderTypeDAO,sessionTypeDAO,userAccountDAO,u serGroupDAO,userResourceDAO,baseTransactionProxy,b illingDetailsService,customerService,domainObjectS ervice,userAccountService,userGroupService,orderSe rvice,sessionService,userResourceService,filterCha inProxy,authenticationManager,authenticationDao,pa sswordEncoder,daoAuthenticationProvider,daoAuthent icationProvider2,cacheManager,userCacheBackend,use rCache,loggerListener,loginListener,anonymousProce ssingFilter,anonymousAuthenticationProvider,httpSe ssionContextIntegrationFilter,securityEnforcementF ilter,authenticationProcessingFilter,authenticatio nProcessingFilterEntryPoint,httpRequestAccessDecis ionManager,roleVoter,filterInvocationInterceptor,c ontextHolderAwareRequestFilter,channelProcessingFi lter,channelDecisionManager,secureChannelProcessor ,insecureChannelProcessor,net.sf.acegisecurity.acl .basic.SimpleAclEntry.ADMINISTRATION,net.sf.acegis ecurity.acl.basic.SimpleAclEntry.READ,net.sf.acegi security.acl.basic.SimpleAclEntry.DELETE,aclContac tReadVoter,aclContactDeleteVoter,aclContactAdminVo ter,businessAccessDecisionManager,aclManager,aclDA O,basicAclProvider,afterInvocationManager,afterAcl CollectionRead,afterAclRead,contactManagerSecurity ]; root of BeanFactory hierarchy
10:05:51,302 INFO XmlWebApplicationContext:295 - 14 beans defined in application context [WebApplicationContext for namespace 'action-servlet']
10:05:51,304 INFO XmlWebApplicationContext:437 - Unable to locate MessageSource with name 'messageSource': using default [org.springframework.context.support.Delegatin gMessageSource@16d4d81]
10:05:51,321 INFO XmlWebApplicationContext:459 - Unable to locate ApplicationEventMulticaster with name 'applicationEventMulticaster': using default [org.springframework.context.event.SimpleAppli cationEventMulticaster@fb53f6]
10:05:51,324 INFO UiApplicationContextUtils:84 - Unable to locate ThemeSource with name 'themeSource': using default [org.springframework.ui.context.support.Delega tingThemeSource@45484a]
10:05:51,332 INFO DefaultListableBeanFactory:260 - Pre-instantiating singletons in factory [org.springframework.beans.factory.support.Def aultListableBeanFactory defining beans [/logout,/admin/editUser,/listCustomers,/editCustomerCorporation,/editCustomerPerson,/editCustomerExtraInfo,/admin/editUserGroup,/admin/listOffices,/admin/listOccupations,/listBillingDetails,/listOrders,/selectOrderType,/listUserResources,/downloadUserResource]; parent: org.springframework.beans.factory.support.DefaultL istableBeanFactory defining beans [propertyConfigurer,baseDataSource,myDataSourc e1,myDataSource2,dataSource,hibernateProperties,se ssionFactory,transactionManager,billingDetailsDAO, customerDAO,domainObjectDAO,occupationDAO,officeDA O,orderDAO,referralSourceDAO,sessionDAO,sessionGro upDAO,orderTypeDAO,sessionTypeDAO,userAccountDAO,u serGroupDAO,userResourceDAO,baseTransactionProxy,b illingDetailsService,customerService,domainObjectS ervice,userAccountService,userGroupService,orderSe rvice,sessionService,userResourceService,filterCha inProxy,authenticationManager,authenticationDao,pa sswordEncoder,daoAuthenticationProvider,daoAuthent icationProvider2,cacheManager,userCacheBackend,use rCache,loggerListener,loginListener,anonymousProce ssingFilter,anonymousAuthenticationProvider,httpSe ssionContextIntegrationFilter,securityEnforcementF ilter,authenticationProcessingFilter,authenticatio nProcessingFilterEntryPoint,httpRequestAccessDecis ionManager,roleVoter,filterInvocationInterceptor,c ontextHolderAwareRequestFilter,channelProcessingFi lter,channelDecisionManager,secureChannelProcessor ,insecureChannelProcessor,net.sf.acegisecurity.acl .basic.SimpleAclEntry.ADMINISTRATION,net.sf.acegis ecurity.acl.basic.SimpleAclEntry.READ,net.sf.acegi security.acl.basic.SimpleAclEntry.DELETE,aclContac tReadVoter,aclContactDeleteVoter,aclContactAdminVo ter,businessAccessDecisionManager,aclManager,aclDA O,basicAclProvider,afterInvocationManager,afterAcl CollectionRead,afterAclRead,contactManagerSecurity ]; root of BeanFactory hierarchy]
10:05:51,337 DEBUG LoginEventBean:43 - Recievent event :org.springframework.web.context.support.XmlWe bApplicationContext: display name [WebApplicationContext for namespace 'action-servlet']; startup date [Wed Oct 12 10:05:50 EEST 2005]; child of [org.springframework.web.context.support.XmlWe bApplicationContext: display name [Root WebApplicationContext]; startup date [Wed Oct 12 10:05:35 EEST 2005]; root of context hierarchy; config locations [/WEB-INF/applicationContext.xml,/WEB-INF/andromeda-security.xml]]; config locations [/WEB-INF/action-servlet.xml]
10:05:51,341 INFO ContextLoaderPlugIn:297 - Using context class 'org.springframework.web.context.support.XmlWebApp licationContext' for servlet 'action'
10:05:51,343 INFO ContextLoaderPlugIn:234 - ContextLoaderPlugIn for Struts ActionServlet 'action', module '': initialization completed in 376 ms
10:05:51,364 INFO ValidatorPlugIn:211 - Loading validation rules file from '/WEB-INF/validator-rules.xml'
10:05:51,384 INFO ValidatorPlugIn:211 - Loading validation rules file from '/WEB-INF/validation.xml'
.
.
.
.
10:06:23,463 DEBUG TransactionSynchronizationManager:161 - Bound value [org.springframework.orm.hibernate3.SessionHol der@1c27402] for key [org.hibernate.impl.SessionFactoryImpl@14e5d57 ] to thread [http-8080-Processor5]
10:06:23,469 DEBUG PathBasedFilterInvocationDefinitionMap:110 - Converted URL to lowercase, from: '/index.jsp'; to: '/index.jsp'
10:06:23,470 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/index.jsp'; pattern is /**; matched=true
10:06:23,485 DEBUG FilterChainProxy:297 - /index.jsp at position 1 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.context.HttpSessionContextIn tegrationFilter@585f2a'
10:06:23,486 DEBUG HttpSessionContextIntegrationFilter:202 - No HttpSession currently exists - new SecurityContext instance associated with SecurityContextHolder
10:06:23,490 DEBUG FilterChainProxy:297 - /index.jsp at position 2 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.ui.webapp.AuthenticationProc essingFilter@1833c9c'
10:06:23,493 DEBUG FilterChainProxy:297 - /index.jsp at position 3 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.wrapper.ContextHolderAwareRe questFilter@71a97'
10:06:23,503 DEBUG FilterChainProxy:297 - /index.jsp at position 4 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.providers.anonymous.Anonymou sProcessingFilter@11dfe3'
10:06:23,507 DEBUG AnonymousProcessingFilter:95 - Replaced SecurityContextHolder with anonymous token: 'net.sf.acegisecurity.providers.anonymous.Anonymou sAuthenticationToken@181d405: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS'
10:06:23,509 DEBUG FilterChainProxy:297 - /index.jsp at position 5 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.intercept.web.SecurityEnforc ementFilter@86b4d5'
10:06:23,515 DEBUG PathBasedFilterInvocationDefinitionMap:110 - Converted URL to lowercase, from: '/index.jsp'; to: '/index.jsp'
10:06:23,518 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/index.jsp'; pattern is /admin/**; matched=false
10:06:23,520 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/index.jsp'; pattern is /index.jsp; matched=true
10:06:23,521 DEBUG AbstractSecurityInterceptor:372 - Secure object: FilterInvocation: URL: /index.jsp; ConfigAttributes: [ROLE_ANONYMOUS, ROLE_USER]
10:06:23,523 DEBUG AbstractSecurityInterceptor:415 - Previously Authenticated: net.sf.acegisecurity.providers.anonymous.Anonymous AuthenticationToken@181d405: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS
10:06:23,524 DEBUG AbstractSecurityInterceptor:432 - Authorization successful
10:06:23,535 DEBUG LoginEventBean:43 - Recievent event :FilterInvocation: URL: /index.jsp
10:06:23,536 DEBUG AbstractSecurityInterceptor:445 - RunAsManager did not change Authentication object
10:06:23,538 DEBUG FilterChainProxy:288 - /index.jsp reached end of additional filter chain; proceeding with original chain
10:06:23,760 DEBUG PropertyMessageResources:82 - Initializing, config='org.apache.struts.taglib.logic.LocalString s', returnNull=true
10:06:23,771 DEBUG PropertyMessageResources:82 - Initializing, config='org.apache.struts.taglib.LocalStrings', returnNull=true
10:06:23,801 DEBUG ModuleUtils:167 - Get module name for path /default.do
10:06:23,808 DEBUG ModuleUtils:191 - Module name found: default
10:06:23,821 INFO TilesRequestProcessor:103 - Tiles definition factory found for request processor ''.
10:06:23,833 DEBUG RequestProcessor:172 - Processing a 'GET' for path '/default'
10:06:23,840 DEBUG RequestProcessor:618 - Setting user locale 'en_US'
10:06:23,855 DEBUG I18nFactorySet:512 - Can't open file '/WEB-INF/tiles-defs_en_US.xml'
10:06:23,860 DEBUG I18nFactorySet:512 - Can't open file '/WEB-INF/tiles-defs_en.xml'
10:06:23,899 DEBUG TilesRequestProcessor:233 - uri=/jsp/layoutMain.jspf doInclude=false
10:06:24,092 INFO ExpressionEvaluationUtils:65 - Using JSP 2.0 ExpressionEvaluator
10:06:24,110 DEBUG PropertyMessageResources:82 - Initializing, config='org.apache.struts.taglib.logic.LocalString s', returnNull=true
10:06:24,349 DEBUG InsertTag:863 - insert page='/jsp/index.jspf'.
10:06:24,404 DEBUG InsertTag:863 - insert page='/jsp/layoutBase.jspf'.
.
.
.
.
10:06:25,653 DEBUG SecurityEnforcementFilter:185 - Chain processed normally
10:06:25,670 DEBUG HttpSessionContextIntegrationFilter:270 - SecurityContext stored to HttpSession: 'net.sf.acegisecurity.context.SecurityContextImpl@ 106bde8: Null authentication'
10:06:25,672 DEBUG HttpSessionContextIntegrationFilter:279 - SecurityContextHolder set to new context, as request processing completed
10:06:25,674 DEBUG TransactionSynchronizationManager:184 - Removed value [org.springframework.orm.hibernate3.SessionHol der@1c27402] for key [org.hibernate.impl.SessionFactoryImpl@14e5d57 ] from thread [http-8080-Processor5]
10:06:25,816 DEBUG TransactionSynchronizationManager:161 - Bound value [org.springframework.orm.hibernate3.SessionHol der@106870c] for key [org.hibernate.impl.SessionFactoryImpl@14e5d57 ] to thread [http-8080-Processor5]
10:06:25,825 DEBUG PathBasedFilterInvocationDefinitionMap:110 - Converted URL to lowercase, from: '/css/layout.css'; to: '/css/layout.css'
10:06:25,827 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/layout.css'; pattern is /**; matched=true
10:06:25,829 DEBUG FilterChainProxy:297 - /css/layout.css at position 1 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.context.HttpSessionContextIn tegrationFilter@585f2a'
10:06:25,831 DEBUG HttpSessionContextIntegrationFilter:176 - Obtained from ACEGI_SECURITY_CONTEXT a valid SecurityContext and set to SecurityContextHolder: 'net.sf.acegisecurity.context.SecurityContextImpl@ 106bde8: Null authentication'
10:06:25,833 DEBUG FilterChainProxy:297 - /css/layout.css at position 2 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.ui.webapp.AuthenticationProc essingFilter@1833c9c'
10:06:25,835 DEBUG FilterChainProxy:297 - /css/layout.css at position 3 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.wrapper.ContextHolderAwareRe questFilter@71a97'
10:06:25,837 DEBUG FilterChainProxy:297 - /css/layout.css at position 4 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.providers.anonymous.Anonymou sProcessingFilter@11dfe3'
10:06:25,839 DEBUG AnonymousProcessingFilter:95 - Replaced SecurityContextHolder with anonymous token: 'net.sf.acegisecurity.providers.anonymous.Anonymou sAuthenticationToken@2bbb7b: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS'
10:06:25,841 DEBUG FilterChainProxy:297 - /css/layout.css at position 5 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.intercept.web.SecurityEnforc ementFilter@86b4d5'
10:06:25,842 DEBUG PathBasedFilterInvocationDefinitionMap:110 - Converted URL to lowercase, from: '/css/layout.css'; to: '/css/layout.css'
10:06:25,846 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/layout.css'; pattern is /admin/**; matched=false
10:06:25,848 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/layout.css'; pattern is /index.jsp; matched=false
10:06:25,851 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/layout.css'; pattern is /login.do*; matched=false
10:06:25,853 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/layout.css'; pattern is /logout.do*; matched=false
10:06:25,854 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/layout.css'; pattern is /css/**; matched=true
10:06:25,855 DEBUG AbstractSecurityInterceptor:372 - Secure object: FilterInvocation: URL: /css/layout.css; ConfigAttributes: [ROLE_ANONYMOUS, ROLE_USER]
10:06:25,862 DEBUG AbstractSecurityInterceptor:415 - Previously Authenticated: net.sf.acegisecurity.providers.anonymous.Anonymous AuthenticationToken@2bbb7b: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS
10:06:25,863 DEBUG AbstractSecurityInterceptor:432 - Authorization successful
10:06:25,864 DEBUG LoginEventBean:43 - Recievent event :FilterInvocation: URL: /css/layout.css
10:06:25,866 DEBUG AbstractSecurityInterceptor:445 - RunAsManager did not change Authentication object
10:06:25,867 DEBUG FilterChainProxy:288 - /css/layout.css reached end of additional filter chain; proceeding with original chain
10:06:25,844 DEBUG TransactionSynchronizationManager:161 - Bound value [org.springframework.orm.hibernate3.SessionHol der@121c5df] for key [org.hibernate.impl.SessionFactoryImpl@14e5d57 ] to thread [http-8080-Processor4]
10:06:25,884 DEBUG PathBasedFilterInvocationDefinitionMap:110 - Converted URL to lowercase, from: '/css/markup.css'; to: '/css/markup.css'
10:06:25,886 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/markup.css'; pattern is /**; matched=true
10:06:25,888 DEBUG FilterChainProxy:297 - /css/markup.css at position 1 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.context.HttpSessionContextIn tegrationFilter@585f2a'
10:06:25,889 DEBUG HttpSessionContextIntegrationFilter:176 - Obtained from ACEGI_SECURITY_CONTEXT a valid SecurityContext and set to SecurityContextHolder: 'net.sf.acegisecurity.context.SecurityContextImpl@ 106bde8: Authentication: net.sf.acegisecurity.providers.anonymous.Anonymous AuthenticationToken@2bbb7b: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS'
10:06:25,891 DEBUG FilterChainProxy:297 - /css/markup.css at position 2 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.ui.webapp.AuthenticationProc essingFilter@1833c9c'
10:06:25,892 DEBUG FilterChainProxy:297 - /css/markup.css at position 3 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.wrapper.ContextHolderAwareRe questFilter@71a97'
10:06:25,893 DEBUG FilterChainProxy:297 - /css/markup.css at position 4 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.providers.anonymous.Anonymou sProcessingFilter@11dfe3'
10:06:25,897 DEBUG AnonymousProcessingFilter:102 - SecurityContextHolder not replaced with anonymous token, as ContextHolder already contained: 'net.sf.acegisecurity.providers.anonymous.Anonymou sAuthenticationToken@2bbb7b: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS'
10:06:25,898 DEBUG FilterChainProxy:297 - /css/markup.css at position 5 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.intercept.web.SecurityEnforc ementFilter@86b4d5'
10:06:25,936 DEBUG PathBasedFilterInvocationDefinitionMap:110 - Converted URL to lowercase, from: '/css/markup.css'; to: '/css/markup.css'
10:06:25,938 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/markup.css'; pattern is /admin/**; matched=false
10:06:25,963 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/markup.css'; pattern is /index.jsp; matched=false
10:06:25,966 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/markup.css'; pattern is /login.do*; matched=false
10:06:25,968 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/markup.css'; pattern is /logout.do*; matched=false
10:06:25,969 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/markup.css'; pattern is /css/**; matched=true
10:06:25,832 DEBUG TransactionSynchronizationManager:161 - Bound value [org.springframework.orm.hibernate3.SessionHol der@18c2661] for key [org.hibernate.impl.SessionFactoryImpl@14e5d57 ] to thread [http-8080-Processor3]
10:06:26,009 DEBUG PathBasedFilterInvocationDefinitionMap:110 - Converted URL to lowercase, from: '/css/forms.css'; to: '/css/forms.css'
10:06:26,010 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/forms.css'; pattern is /**; matched=true
10:06:26,011 DEBUG FilterChainProxy:297 - /css/forms.css at position 1 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.context.HttpSessionContextIn tegrationFilter@585f2a'
10:06:26,012 DEBUG HttpSessionContextIntegrationFilter:176 - Obtained from ACEGI_SECURITY_CONTEXT a valid SecurityContext and set to SecurityContextHolder: 'net.sf.acegisecurity.context.SecurityContextImpl@ 106bde8: Authentication: net.sf.acegisecurity.providers.anonymous.Anonymous AuthenticationToken@2bbb7b: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS'
10:06:26,013 DEBUG FilterChainProxy:297 - /css/forms.css at position 2 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.ui.webapp.AuthenticationProc essingFilter@1833c9c'
10:06:26,014 DEBUG FilterChainProxy:297 - /css/forms.css at position 3 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.wrapper.ContextHolderAwareRe questFilter@71a97'
10:06:26,015 DEBUG FilterChainProxy:297 - /css/forms.css at position 4 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.providers.anonymous.Anonymou sProcessingFilter@11dfe3'
10:06:26,016 DEBUG AnonymousProcessingFilter:102 - SecurityContextHolder not replaced with anonymous token, as ContextHolder already contained: 'net.sf.acegisecurity.providers.anonymous.Anonymou sAuthenticationToken@2bbb7b: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS'
10:06:26,016 DEBUG FilterChainProxy:297 - /css/forms.css at position 5 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.intercept.web.SecurityEnforc ementFilter@86b4d5'
10:06:26,017 DEBUG PathBasedFilterInvocationDefinitionMap:110 - Converted URL to lowercase, from: '/css/forms.css'; to: '/css/forms.css'
10:06:26,018 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/forms.css'; pattern is /admin/**; matched=false
10:06:26,061 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/forms.css'; pattern is /index.jsp; matched=false
10:06:26,062 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/forms.css'; pattern is /login.do*; matched=false
10:06:26,064 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/forms.css'; pattern is /logout.do*; matched=false
10:06:26,065 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/forms.css'; pattern is /css/**; matched=true
10:06:26,066 DEBUG AbstractSecurityInterceptor:372 - Secure object: FilterInvocation: URL: /css/forms.css; ConfigAttributes: [ROLE_ANONYMOUS, ROLE_USER]
10:06:26,067 DEBUG AbstractSecurityInterceptor:415 - Previously Authenticated: net.sf.acegisecurity.providers.anonymous.Anonymous AuthenticationToken@2bbb7b: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS
10:06:26,068 DEBUG AbstractSecurityInterceptor:432 - Authorization successful
10:06:26,069 DEBUG LoginEventBean:43 - Recievent event :FilterInvocation: URL: /css/forms.css
10:06:26,069 DEBUG AbstractSecurityInterceptor:445 - RunAsManager did not change Authentication object
10:06:26,070 DEBUG FilterChainProxy:288 - /css/forms.css reached end of additional filter chain; proceeding with original chain
10:06:26,074 DEBUG SecurityEnforcementFilter:185 - Chain processed normally
10:06:26,075 DEBUG HttpSessionContextIntegrationFilter:270 - SecurityContext stored to HttpSession: 'net.sf.acegisecurity.context.SecurityContextImpl@ 106bde8: Authentication: net.sf.acegisecurity.providers.anonymous.Anonymous AuthenticationToken@2bbb7b: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS'
10:06:26,075 DEBUG HttpSessionContextIntegrationFilter:279 - SecurityContextHolder set to new context, as request processing completed
10:06:26,076 DEBUG TransactionSynchronizationManager:184 - Removed value [org.springframework.orm.hibernate3.SessionHol der@18c2661] for key [org.hibernate.impl.SessionFactoryImpl@14e5d57 ] from thread [http-8080-Processor3]
10:06:25,904 DEBUG SecurityEnforcementFilter:185 - Chain processed normally
10:06:26,100 DEBUG HttpSessionContextIntegrationFilter:270 - SecurityContext stored to HttpSession: 'net.sf.acegisecurity.context.SecurityContextImpl@ 106bde8: Null authentication'
10:06:26,101 DEBUG HttpSessionContextIntegrationFilter:279 - SecurityContextHolder set to new context, as request processing completed
10:06:26,101 DEBUG TransactionSynchronizationManager:184 - Removed value [org.springframework.orm.hibernate3.SessionHol der@106870c] for key [org.hibernate.impl.SessionFactoryImpl@14e5d57 ] from thread [http-8080-Processor5]
10:06:26,110 DEBUG AbstractSecurityInterceptor:372 - Secure object: FilterInvocation: URL: /css/markup.css; ConfigAttributes: [ROLE_ANONYMOUS, ROLE_USER]
10:06:26,148 DEBUG LoginEventBean:43 - Recievent event :FilterInvocation: URL: /css/markup.css
10:06:26,178 DEBUG SecurityEnforcementFilter:189 - Authentication exception occurred; redirecting to authentication entry point
net.sf.acegisecurity.AuthenticationCredentialsNotF oundException: Authentication credentials were not found in the SecurityContext
at net.sf.acegisecurity.intercept.AbstractSecurityInt erceptor.credentialsNotFound(AbstractSecurityI nterceptor.java:487)
at net.sf.acegisecurity.intercept.AbstractSecurityInt erceptor.beforeInvocation(AbstractSecurityInte rceptor.java:379)
at net.sf.acegisecurity.intercept.web.FilterSecurityI nterceptor.invoke(FilterSecurityInterceptor.ja va:105)
at net.sf.acegisecurity.intercept.web.SecurityEnforce mentFilter.doFilter(SecurityEnforcementFilter. java:182)
at net.sf.acegisecurity.util.FilterChainProxy$Virtual FilterChain.doFilter(FilterChainProxy.java&#58 ;303)
at net.sf.acegisecurity.providers.anonymous.Anonymous ProcessingFilter.doFilter(AnonymousProcessingF ilter.java:111)
at net.sf.acegisecurity.util.FilterChainProxy$Virtual FilterChain.doFilter(FilterChainProxy.java&#58 ;303)
at net.sf.acegisecurity.wrapper.ContextHolderAwareReq uestFilter.doFilter(ContextHolderAwareRequestF ilter.java:50)
at net.sf.acegisecurity.util.FilterChainProxy$Virtual FilterChain.doFilter(FilterChainProxy.java&#58 ;303)
at net.sf.acegisecurity.ui.AbstractProcessingFilter.d oFilter(AbstractProcessingFilter.java:327& #41;
at net.sf.acegisecurity.util.FilterChainProxy$Virtual FilterChain.doFilter(FilterChainProxy.java&#58 ;303)
at net.sf.acegisecurity.context.HttpSessionContextInt egrationFilter.doFilter(HttpSessionContextInte grationFilter.java:216)
at net.sf.acegisecurity.util.FilterChainProxy$Virtual FilterChain.doFilter(FilterChainProxy.java&#58 ;303)
at net.sf.acegisecurity.util.FilterChainProxy.doFilte r(FilterChainProxy.java:173)
at net.sf.acegisecurity.util.FilterToBeanProxy.doFilt er(FilterToBeanProxy.java:120)
at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java&#58 ;202)
at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:173&#41 ;
at org.springframework.orm.hibernate3.support.OpenSes sionInViewFilter.doFilterInternal(OpenSessionI nViewFilter.java:174)
at org.springframework.web.filter.OncePerRequestFilte r.doFilter(OncePerRequestFilter.java:76&#4 1;
at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java&#58 ;202)
at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:173&#41 ;
at org.apache.catalina.core.StandardWrapperValve.invo ke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invo ke(StandardContextValve.java:178)
at org.apache.catalina.core.StandardHostValve.invoke& #40;StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invok e(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.servic e(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process&# 40;Http11Processor.java:856)
at org.apache.coyote.http11.Http11Protocol$Http11Conn ectionHandler.processConnection(Http11Protocol .java:744)
at org.apache.tomcat.util.net.PoolTcpEndpoint.process Socket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThr ead.runIt(LeaderFollowerWorkerThread.java: 80)
at org.apache.tomcat.util.threads.ThreadPool$ControlR unnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
10:06:26,201 DEBUG SecurityEnforcementFilter:253 - Authentication entry point being called; target URL added to Session: http://localhost:8080/andromeda/css/markup.css
10:06:26,203 DEBUG AuthenticationProcessingFilterEntryPoint:171 - Redirecting to: http://localhost:8080/andromeda/login.do
10:06:26,206 DEBUG HttpSessionContextIntegrationFilter:270 - SecurityContext stored to HttpSession: 'net.sf.acegisecurity.context.SecurityContextImpl@ 106bde8: Null authentication'
10:06:26,208 DEBUG HttpSessionContextIntegrationFilter:279 - SecurityContextHolder set to new context, as request processing completed
10:06:26,209 DEBUG TransactionSynchronizationManager:184 - Removed value [org.springframework.orm.hibernate3.SessionHol der@121c5df] for key [org.hibernate.impl.SessionFactoryImpl@14e5d57 ] from thread [http-8080-Processor4]
10:06:26,324 DEBUG TransactionSynchronizationManager:161 - Bound value [org.springframework.orm.hibernate3.SessionHol der@f04d94] for key [org.hibernate.impl.SessionFactoryImpl@14e5d57 ] to thread [http-8080-Processor3]
10:06:26,325 DEBUG PathBasedFilterInvocationDefinitionMap:110 - Converted URL to lowercase, from: '/login.do'; to: '/login.do'
10:06:26,326 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/login.do'; pattern is /**; matched=true
10:06:26,328 DEBUG FilterChainProxy:297 - /login.do at position 1 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.context.HttpSessionContextIn tegrationFilter@585f2a'
10:06:26,329 DEBUG HttpSessionContextIntegrationFilter:176 - Obtained from ACEGI_SECURITY_CONTEXT a valid SecurityContext and set to SecurityContextHolder: 'net.sf.acegisecurity.context.SecurityContextImpl@ 106bde8: Null authentication'
10:06:26,335 DEBUG FilterChainProxy:297 - /login.do at position 2 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.ui.webapp.AuthenticationProc essingFilter@1833c9c'
10:06:26,343 DEBUG FilterChainProxy:297 - /login.do at position 3 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.wrapper.ContextHolderAwareRe questFilter@71a97'
10:06:26,346 DEBUG FilterChainProxy:297 - /login.do at position 4 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.providers.anonymous.Anonymou sProcessingFilter@11dfe3'
10:06:26,347 DEBUG AnonymousProcessingFilter:95 - Replaced SecurityContextHolder with anonymous token: 'net.sf.acegisecurity.providers.anonymous.Anonymou sAuthenticationToken@754384: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS'
10:06:26,348 DEBUG FilterChainProxy:297 - /login.do at position 5 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.intercept.web.SecurityEnforc ementFilter@86b4d5'
10:06:26,349 DEBUG PathBasedFilterInvocationDefinitionMap:110 - Converted URL to lowercase, from: '/login.do'; to: '/login.do'
10:06:26,350 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/login.do'; pattern is /admin/**; matched=false
10:06:26,351 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/login.do'; pattern is /index.jsp; matched=false
10:06:26,352 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/login.do'; pattern is /login.do*; matched=true
10:06:26,353 DEBUG AbstractSecurityInterceptor:372 - Secure object: FilterInvocation: URL: /login.do; ConfigAttributes: [ROLE_ANONYMOUS, ROLE_USER]
10:06:26,354 DEBUG AbstractSecurityInterceptor:415 - Previously Authenticated: net.sf.acegisecurity.providers.anonymous.Anonymous AuthenticationToken@754384: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS
10:06:26,357 DEBUG AbstractSecurityInterceptor:432 - Authorization successful
10:06:26,358 DEBUG LoginEventBean:43 - Recievent event :FilterInvocation: URL: /login.do
10:06:26,359 DEBUG AbstractSecurityInterceptor:445 - RunAsManager did not change Authentication object
10:06:26,360 DEBUG FilterChainProxy:288 - /login.do reached end of additional filter chain; proceeding with original chain
10:06:26,365 DEBUG ModuleUtils:167 - Get module name for path /login.do
10:06:26,366 DEBUG ModuleUtils:191 - Module name found: default
10:06:26,368 DEBUG RequestProcessor:172 - Processing a 'GET' for path '/login'
10:06:26,369 DEBUG TilesRequestProcessor:233 - uri=/jsp/layoutBase.jspf doInclude=false
10:06:26,372 DEBUG InsertTag:863 - insert page='/jsp/logon.jspf'.
10:06:26,469 DEBUG PropertyMessageResources:132 - getMessage(en_US,label.username)
10:06:26,472 DEBUG PropertyMessageResources:224 - loadLocale(en_US)
10:06:26,477 DEBUG PropertyMessageResources:224 - loadLocale(en)
10:06:26,487 DEBUG PropertyMessageResources:224 - loadLocale()
10:06:26,496 DEBUG PropertyMessageResources:132 - getMessage(en_US,label.password)
10:06:26,503 DEBUG PropertyMessageResources:224 - loadLocale(en_US)
10:06:26,505 DEBUG PropertyMessageResources:224 - loadLocale(en)
10:06:26,507 DEBUG PropertyMessageResources:224 - loadLocale()
10:06:26,508 DEBUG PropertyMessageResources:132 - getMessage(en_US,button.logon)
10:06:26,510 DEBUG PropertyMessageResources:224 - loadLocale(en_US)
10:06:26,512 DEBUG PropertyMessageResources:224 - loadLocale(en)
10:06:26,519 DEBUG PropertyMessageResources:224 - loadLocale()
10:06:26,521 DEBUG SecurityEnforcementFilter:185 - Chain processed normally
10:06:26,522 DEBUG HttpSessionContextIntegrationFilter:270 - SecurityContext stored to HttpSession: 'net.sf.acegisecurity.context.SecurityContextImpl@ 106bde8: Null authentication'
10:06:26,523 DEBUG HttpSessionContextIntegrationFilter:279 - SecurityContextHolder set to new context, as request processing completed
10:06:26,524 DEBUG TransactionSynchronizationManager:184 - Removed value [org.springframework.orm.hibernate3.SessionHol der@f04d94] for key [org.hibernate.impl.SessionFactoryImpl@14e5d57 ] from thread [http-8080-Processor3]
10:10:39,355 DEBUG TransactionSynchronizationManager:161 - Bound value [org.springframework.orm.hibernate3.SessionHol der@14fcc96] for key [org.hibernate.impl.SessionFactoryImpl@14e5d57 ] to thread [http-8080-Processor2]
10:10:39,356 DEBUG PathBasedFilterInvocationDefinitionMap:110 - Converted URL to lowercase, from: '/index.jsp'; to: '/index.jsp'
10:10:39,357 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/index.jsp'; pattern is /**; matched=true
10:10:39,358 DEBUG FilterChainProxy:297 - /index.jsp at position 1 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.context.HttpSessionContextIn tegrationFilter@585f2a'
10:10:39,359 DEBUG HttpSessionContextIntegrationFilter:176 - Obtained from ACEGI_SECURITY_CONTEXT a valid SecurityContext and set to SecurityContextHolder: 'net.sf.acegisecurity.context.SecurityContextImpl@ 106bde8: Null authentication'
10:10:39,360 DEBUG FilterChainProxy:297 - /index.jsp at position 2 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.ui.webapp.AuthenticationProc essingFilter@1833c9c'
10:10:39,361 DEBUG FilterChainProxy:297 - /index.jsp at position 3 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.wrapper.ContextHolderAwareRe questFilter@71a97'
10:10:39,362 DEBUG FilterChainProxy:297 - /index.jsp at position 4 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.providers.anonymous.Anonymou sProcessingFilter@11dfe3'
10:10:39,363 DEBUG AnonymousProcessingFilter:95 - Replaced SecurityContextHolder with anonymous token: 'net.sf.acegisecurity.providers.anonymous.Anonymou sAuthenticationToken@bcbc: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS'
10:10:39,364 DEBUG FilterChainProxy:297 - /index.jsp at position 5 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.intercept.web.SecurityEnforc ementFilter@86b4d5'
10:10:39,365 DEBUG PathBasedFilterInvocationDefinitionMap:110 - Converted URL to lowercase, from: '/index.jsp'; to: '/index.jsp'
10:10:39,366 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/index.jsp'; pattern is /admin/**; matched=false
10:10:39,367 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/index.jsp'; pattern is /index.jsp; matched=true
10:10:39,368 DEBUG AbstractSecurityInterceptor:372 - Secure object: FilterInvocation: URL: /index.jsp; ConfigAttributes: [ROLE_ANONYMOUS, ROLE_USER]
10:10:39,374 DEBUG AbstractSecurityInterceptor:415 - Previously Authenticated: net.sf.acegisecurity.providers.anonymous.Anonymous AuthenticationToken@bcbc: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS
10:10:39,375 DEBUG AbstractSecurityInterceptor:432 - Authorization successful
10:10:39,391 DEBUG LoginEventBean:43 - Recievent event :FilterInvocation: URL: /index.jsp
10:10:39,392 DEBUG AbstractSecurityInterceptor:445 - RunAsManager did not change Authentication object
10:10:39,393 DEBUG FilterChainProxy:288 - /index.jsp reached end of additional filter chain; proceeding with original chain
10:10:39,395 DEBUG ModuleUtils:167 - Get module name for path /default.do
10:10:39,396 DEBUG ModuleUtils:191 - Module name found: default
10:10:39,402 DEBUG RequestProcessor:172 - Processing a 'GET' for path '/default'
10:10:39,408 DEBUG TilesRequestProcessor:233 - uri=/jsp/layoutMain.jspf doInclude=false
10:10:39,411 DEBUG InsertTag:863 - insert page='/jsp/index.jspf'.
10:10:39,419 DEBUG InsertTag:863 - insert page='/jsp/layoutBase.jspf'.
10:10:45,625 DEBUG SecurityEnforcementFilter:185 - Chain processed normally
10:10:45,626 DEBUG HttpSessionContextIntegrationFilter:270 - SecurityContext stored to HttpSession: 'net.sf.acegisecurity.context.SecurityContextImpl@ 106bde8: Null authentication'
10:10:45,627 DEBUG HttpSessionContextIntegrationFilter:279 - SecurityContextHolder set to new context, as request processing completed
10:10:45,634 DEBUG TransactionSynchronizationManager:184 - Removed value [org.springframework.orm.hibernate3.SessionHol der@14fcc96] for key [org.hibernate.impl.SessionFactoryImpl@14e5d57 ] from thread [http-8080-Processor2]
10:10:45,709 DEBUG TransactionSynchronizationManager:161 - Bound value [org.springframework.orm.hibernate3.SessionHol der@1f88953] for key [org.hibernate.impl.SessionFactoryImpl@14e5d57 ] to thread [http-8080-Processor2]
10:10:45,710 DEBUG PathBasedFilterInvocationDefinitionMap:110 - Converted URL to lowercase, from: '/css/layout.css'; to: '/css/layout.css'
10:10:45,712 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/layout.css'; pattern is /**; matched=true
10:10:45,713 DEBUG FilterChainProxy:297 - /css/layout.css at position 1 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.context.HttpSessionContextIn tegrationFilter@585f2a'
10:10:45,721 DEBUG HttpSessionContextIntegrationFilter:176 - Obtained from ACEGI_SECURITY_CONTEXT a valid SecurityContext and set to SecurityContextHolder: 'net.sf.acegisecurity.context.SecurityContextImpl@ 106bde8: Null authentication'
10:10:45,734 DEBUG FilterChainProxy:297 - /css/layout.css at position 2 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.ui.webapp.AuthenticationProc essingFilter@1833c9c'
10:10:45,735 DEBUG FilterChainProxy:297 - /css/layout.css at position 3 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.wrapper.ContextHolderAwareRe questFilter@71a97'
10:10:45,737 DEBUG FilterChainProxy:297 - /css/layout.css at position 4 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.providers.anonymous.Anonymou sProcessingFilter@11dfe3'
10:10:45,738 DEBUG AnonymousProcessingFilter:95 - Replaced SecurityContextHolder with anonymous token: 'net.sf.acegisecurity.providers.anonymous.Anonymou sAuthenticationToken@1ffdf86: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS'
10:10:45,739 DEBUG FilterChainProxy:297 - /css/layout.css at position 5 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.intercept.web.SecurityEnforc ementFilter@86b4d5'
10:10:45,740 DEBUG PathBasedFilterInvocationDefinitionMap:110 - Converted URL to lowercase, from: '/css/layout.css'; to: '/css/layout.css'
10:10:45,746 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/layout.css'; pattern is /admin/**; matched=false
10:10:45,747 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/layout.css'; pattern is /index.jsp; matched=false
10:10:45,748 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/layout.css'; pattern is /login.do*; matched=false
10:10:45,749 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/layout.css'; pattern is /logout.do*; matched=false
10:10:45,750 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/layout.css'; pattern is /css/**; matched=true
10:10:45,751 DEBUG AbstractSecurityInterceptor:372 - Secure object: FilterInvocation: URL: /css/layout.css; ConfigAttributes: [ROLE_ANONYMOUS, ROLE_USER]
10:10:45,751 DEBUG AbstractSecurityInterceptor:415 - Previously Authenticated: net.sf.acegisecurity.providers.anonymous.Anonymous AuthenticationToken@1ffdf86: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS
10:10:45,753 DEBUG AbstractSecurityInterceptor:432 - Authorization successful
10:10:45,754 DEBUG LoginEventBean:43 - Recievent event :FilterInvocation: URL: /css/layout.css
10:10:45,755 DEBUG AbstractSecurityInterceptor:445 - RunAsManager did not change Authentication object
10:10:45,756 DEBUG FilterChainProxy:288 - /css/layout.css reached end of additional filter chain; proceeding with original chain
10:10:45,757 DEBUG SecurityEnforcementFilter:185 - Chain processed normally
10:10:45,766 DEBUG HttpSessionContextIntegrationFilter:270 - SecurityContext stored to HttpSession: 'net.sf.acegisecurity.context.SecurityContextImpl@ 106bde8: Null authentication'
10:10:45,767 DEBUG HttpSessionContextIntegrationFilter:279 - SecurityContextHolder set to new context, as request processing completed
10:10:45,767 DEBUG TransactionSynchronizationManager:184 - Removed value [org.springframework.orm.hibernate3.SessionHol der@1f88953] for key [org.hibernate.impl.SessionFactoryImpl@14e5d57 ] from thread [http-8080-Processor2]
10:10:45,973 DEBUG TransactionSynchronizationManager:161 - Bound value [org.springframework.orm.hibernate3.SessionHol der@1abdb8a] for key [org.hibernate.impl.SessionFactoryImpl@14e5d57 ] to thread [http-8080-Processor2]
10:10:45,974 DEBUG PathBasedFilterInvocationDefinitionMap:110 - Converted URL to lowercase, from: '/css/forms.css'; to: '/css/forms.css'
10:10:45,981 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/forms.css'; pattern is /**; matched=true
10:10:45,982 DEBUG FilterChainProxy:297 - /css/forms.css at position 1 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.context.HttpSessionContextIn tegrationFilter@585f2a'
10:10:45,982 DEBUG HttpSessionContextIntegrationFilter:176 - Obtained from ACEGI_SECURITY_CONTEXT a valid SecurityContext and set to SecurityContextHolder: 'net.sf.acegisecurity.context.SecurityContextImpl@ 106bde8: Null authentication'
10:10:45,983 DEBUG FilterChainProxy:297 - /css/forms.css at position 2 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.ui.webapp.AuthenticationProc essingFilter@1833c9c'
10:10:45,984 DEBUG FilterChainProxy:297 - /css/forms.css at position 3 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.wrapper.ContextHolderAwareRe questFilter@71a97'
10:10:45,985 DEBUG FilterChainProxy:297 - /css/forms.css at position 4 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.providers.anonymous.Anonymou sProcessingFilter@11dfe3'
10:10:45,986 DEBUG AnonymousProcessingFilter:95 - Replaced SecurityContextHolder with anonymous token: 'net.sf.acegisecurity.providers.anonymous.Anonymou sAuthenticationToken@1da817b: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS'
10:10:45,986 DEBUG FilterChainProxy:297 - /css/forms.css at position 5 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.intercept.web.SecurityEnforc ementFilter@86b4d5'
10:10:45,987 DEBUG PathBasedFilterInvocationDefinitionMap:110 - Converted URL to lowercase, from: '/css/forms.css'; to: '/css/forms.css'
10:10:45,989 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/forms.css'; pattern is /admin/**; matched=false
10:10:45,990 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/forms.css'; pattern is /index.jsp; matched=false
10:10:45,991 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/forms.css'; pattern is /login.do*; matched=false
10:10:45,992 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/forms.css'; pattern is /logout.do*; matched=false
10:10:45,993 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/css/forms.css'; pattern is /css/**; matched=true
10:10:45,994 DEBUG AbstractSecurityInterceptor:372 - Secure object: FilterInvocation: URL: /css/forms.css; ConfigAttributes: [ROLE_ANONYMOUS, ROLE_USER]
10:10:45,995 DEBUG AbstractSecurityInterceptor:415 - Previously Authenticated: net.sf.acegisecurity.providers.anonymous.Anonymous AuthenticationToken@1da817b: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS
10:10:45,996 DEBUG AbstractSecurityInterceptor:432 - Authorization successful
10:10:46,003 DEBUG LoginEventBean:43 - Recievent event :FilterInvocation: URL: /css/forms.css
10:10:46,004 DEBUG AbstractSecurityInterceptor:445 - RunAsManager did not change Authentication object
10:10:46,005 DEBUG FilterChainProxy:288 - /css/forms.css reached end of additional filter chain; proceeding with original chain
10:10:46,031 DEBUG SecurityEnforcementFilter:185 - Chain processed normally
10:10:46,032 DEBUG HttpSessionContextIntegrationFilter:270 - SecurityContext stored to HttpSession: 'net.sf.acegisecurity.context.SecurityContextImpl@ 106bde8: Null authentication'
10:10:46,033 DEBUG HttpSessionContextIntegrationFilter:279 - SecurityContextHolder set to new context, as request processing completed
10:10:46,047 DEBUG TransactionSynchronizationManager:184 - Removed value [org.springframework.orm.hibernate3.SessionHol der@1abdb8a] for key [org.hibernate.impl.SessionFactoryImpl@14e5d57 ] from thread [http-8080-Processor2]
10:10:46,159 DEBUG TransactionSynchronizationManager:161 - Bound value [org.springframework.orm.hibernate3.SessionHol der@1933eab] for key [org.hibernate.impl.SessionFactoryImpl@14e5d57 ] to thread [http-8080-Processor2]
10:10:46,160 DEBUG PathBasedFilterInvocationDefinitionMap:110 - Converted URL to lowercase, from: '/img/logo.png'; to: '/img/logo.png'
10:10:46,161 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/img/logo.png'; pattern is /**; matched=true
10:10:46,162 DEBUG FilterChainProxy:297 - /img/logo.png at position 1 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.context.HttpSessionContextIn tegrationFilter@585f2a'
10:10:46,163 DEBUG HttpSessionContextIntegrationFilter:176 - Obtained from ACEGI_SECURITY_CONTEXT a valid SecurityContext and set to SecurityContextHolder: 'net.sf.acegisecurity.context.SecurityContextImpl@ 106bde8: Null authentication'
10:10:46,164 DEBUG FilterChainProxy:297 - /img/logo.png at position 2 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.ui.webapp.AuthenticationProc essingFilter@1833c9c'
10:10:46,165 DEBUG FilterChainProxy:297 - /img/logo.png at position 3 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.wrapper.ContextHolderAwareRe questFilter@71a97'
10:10:46,166 DEBUG FilterChainProxy:297 - /img/logo.png at position 4 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.providers.anonymous.Anonymou sProcessingFilter@11dfe3'
10:10:46,167 DEBUG AnonymousProcessingFilter:95 - Replaced SecurityContextHolder with anonymous token: 'net.sf.acegisecurity.providers.anonymous.Anonymou sAuthenticationToken@1f75ab1: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS'
10:10:46,169 DEBUG FilterChainProxy:297 - /img/logo.png at position 5 of 5 in additional filter chain; firing Filter: 'net.sf.acegisecurity.intercept.web.SecurityEnforc ementFilter@86b4d5'
10:10:46,171 DEBUG PathBasedFilterInvocationDefinitionMap:110 - Converted URL to lowercase, from: '/img/logo.png'; to: '/img/logo.png'
10:10:46,177 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/img/logo.png'; pattern is /admin/**; matched=false
10:10:46,180 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/img/logo.png'; pattern is /index.jsp; matched=false
10:10:46,184 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/img/logo.png'; pattern is /login.do*; matched=false
10:10:46,185 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/img/logo.png'; pattern is /logout.do*; matched=false
10:10:46,186 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/img/logo.png'; pattern is /css/**; matched=false
10:10:46,187 DEBUG PathBasedFilterInvocationDefinitionMap:121 - Candidate is: '/img/logo.png'; pattern is /img/**; matched=true
10:10:46,189 DEBUG AbstractSecurityInterceptor:372 - Secure object: FilterInvocation: URL: /img/logo.png; ConfigAttributes: [ROLE_ANONYMOUS, ROLE_USER]
10:10:46,190 DEBUG AbstractSecurityInterceptor:415 - Previously Authenticated: net.sf.acegisecurity.providers.anonymous.Anonymous AuthenticationToken@1f75ab1: Username: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ANONYMOUS
10:10:46,190 DEBUG AbstractSecurityInterceptor:432 - Authorization successful
10:10:46,191 DEBUG LoginEventBean:43 - Recievent event :FilterInvocation[/c

**wolf** · Oct 18th, 2005, 02:13 AM

I have found another way to solve this problem. In general I think Acegi security filter should not be processing css, js, gif, jpeg, png, etc.
This solution is also discussed with the appfuse project (see http://issues.appfuse.org/browse/APF-30)

Solution:
The current configuration has all content (/*) mapped to the Acegi securityFilter in web.xml. This results in files such as /scripts/fade.js, /styles/print.css, etc. making it into the Acegi security filter chain.

Specifiy Acegi filter chain definitions in applicationContext-security.xml as follows:

Code:

<bean id="filterChainProxy" class="net.sf.acegisecurity.util.FilterChainProxy">
  <property name="filterInvocationDefinitionSource">
    <value>
      CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
      PATTERN_TYPE_APACHE_ANT
      /j_acegi_security_check*=httpSessionContextIntegrationFilter,authenticationProcessingFilter,
               anonymousProcessingFilter,securityEnforcementFilter
      /**/*.html*=httpSessionContextIntegrationFilter,authenticationProcessingFilter,
               anonymousProcessingFilter,securityEnforcementFilter
      /**/*.jsp*=httpSessionContextIntegrationFilter,authenticationProcessingFilter,
               anonymousProcessingFilter,securityEnforcementFilter
    </value>
  </property>
</bean>

This definition explicitely handels only URLs with the following endings:

Code:

/j_acegi_security_check
/**/*.html
/**/*.jsp

You can also have it for /**/*.do, etc.

Additional you must not include /css/**, /img/**, etc. in the FilterSecurityInterceptor

Code:

CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/index.jsp=ROLE_TELLER
/logout.jsp=ROLE_TELLER
/login.jsp*=ROLE_ANONYMOUS,ROLE_TELLER
/**=ROLE_TELLER

**feenixx** · Oct 18th, 2005, 04:01 AM

thanks wolf, I'll check if your suggestion solves my troubles aswell.

I've been avoiding this issue by specifying
<property name="alwaysUseDefaultTargetUrl"><value>true</value></property>

on AuthenticationProcessingFilter definition. This will always redirect to index.jsp after
succesfull authentication.

Thread: Problem with stylesheet in acegilogin.jsp page

Thread Tools

Display

Problem with stylesheet in acegilogin.jsp page

Similar Threads

Servlet writing byte[] image in jsp page

Pageable data list with Hibernate

Form bind breaks when loading page via non form controller

hbm2dddl=update causes exception in proxool,but fine without

problem view in a jsp page

Posting Permissions