Results 1 to 3 of 3

Thread: "remember me" requires refresh? №2

  1. Sep 30th, 2008, 11:55 AM #1
    sentor
    sentor is offline Junior Member
    Join Date
    Sep 2008
    Posts
    2

    Default "remember me" requires refresh? №2

    Hi to all!
    have a problem like this:
    Only after page refreshing my RememberMe service , I automatic login to site. Sometimes site didn't load ActionScript3 content.

    I debug my class that extends RememberMeAuthenticationProvider. It's seems than authentication goes well

    I've read previous topic " remember me requires refresh? " but it doesn't help me



    I've try to use SecurityContextHolder.getContext().getAuthenticati on().getPrincipal();
    but it doesn't helped me too .


    I test diferent sequesnce of filters like this
    Code:
    httpSessionContextIntegrationFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,authenticationProcessingFilter,logoutFilter,exceptionTranslationFilter,filterInvocationInterceptor

    What I even didn't try

    my security xml file :
    Code:
    <?xml version="1.0" encoding="UTF-8"?>


	<!-- Filters -->
	<bean id="filterChainProxy"
		class="org.acegisecurity.util.FilterChainProxy">
		<property name="filterInvocationDefinitionSource">
			<value>
				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
				PATTERN_TYPE_APACHE_ANT
				/**=httpSessionContextIntegrationFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,authenticationProcessingFilter,logoutFilter,exceptionTranslationFilter,filterInvocationInterceptor

			</value>
		</property>
	</bean>


	<bean id="daoAuthenticationProvider"
		class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
		<property name="userDetailsService" ref="securityService" />
		<property name="passwordEncoder">
			<ref bean="passwordEncoder" />
		</property>
	</bean>

	<bean id="httpSessionContextIntegrationFilter"
		class="org.acegisecurity.context.HttpSessionContextIntegrationFilter" />

	<bean id="logoutFilter"
		class="org.acegisecurity.ui.logout.LogoutFilter">
		<constructor-arg value="/c/home" />
		<constructor-arg>
			<list>
				<ref bean="rememberMeService"/>
				<bean class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler" />
			</list>
		</constructor-arg>

		<property name="filterProcessesUrl" value="/c/logout" />
	</bean>

	<bean id="authenticationProcessingFilter"
		class="com.xxx.core.security.filters.xxxAuthentificationFilter">
		<property name="authenticationManager"
			ref="authenticationManager" />
		<property name="authenticationFailureUrl" value="/c/login" />
		<property name="defaultTargetUrl" value="/c/home" />
		<property name="alwaysUseDefaultTargetUrl" value="true" />
		<property name="filterProcessesUrl"
			value="/c/login/check_login" />
		<property name="rememberMeServices" ref="rememberMeService" />
	</bean>

	<bean id="securityContextHolderAwareRequestFilter"
		class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter" />

	<bean id="rememberMeProcessingFilter"
		class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">
		<property name="authenticationManager"
			ref="authenticationManager" />
		<property name="rememberMeServices" ref="rememberMeService" />
	</bean>

	<bean id="anonymousProcessingFilter"
		class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
		<property name="userAttribute"
			value="anonymousUser,ROLE_ANONYMOUS" />
		<property name="key" value="xxx" />
	</bean>

	<bean id="exceptionTranslationFilter"
		class="org.acegisecurity.ui.ExceptionTranslationFilter">
		<property name="authenticationEntryPoint">
			<bean
				class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
				<property name="loginFormUrl" value="/c/login" />
				<property name="forceHttps" value="false" />
			</bean>
		</property>
		<property name="accessDeniedHandler">
			<bean
				class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
				<property name="errorPage" value="/c/access_denied" />
			</bean>
		</property>
	</bean>

	<!-- Interceptor -->
	<bean id="filterInvocationInterceptor"
		class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
		<property name="authenticationManager"
			ref="authenticationManager" />
		<property name="accessDecisionManager">

			<bean class="org.acegisecurity.vote.AffirmativeBased">
				<property name="allowIfAllAbstainDecisions"
					value="false" />
				<property name="decisionVoters">
					<list>
						<bean class="org.acegisecurity.vote.RoleVoter" />
						<bean
							class="org.acegisecurity.vote.AuthenticatedVoter" />
					</list>
				</property>
			</bean>
		</property>
		<property name="objectDefinitionSource">
			<value>
				<![CDATA[
					CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
					PATTERN_TYPE_APACHE_ANT

					/c/login/**=ROLE_ANONYMOUS

					/c/profile/**=ROLE_USER

					/c/**=IS_AUTHENTICATED_ANONYMOUSLY

					/c/xmlrpc/**=ROLE_ANONYMOUS
	    		]]>
			</value>
		</property>
	</bean>
	<!-- /c/**=IS_AUTHENTICATED_REMEMBERED -->
	<!-- Services -->
	<bean id="rememberMeService"
		class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices">
		<property name="userDetailsService" ref="securityService" />
		<!-- refers to xxx security service -->
		<property name="tokenValiditySeconds" value="1209600" />
		<!-- equals to 14 days -->
		<property name="cookieName" value="xxx_member" />
		<property name="key" value="xxx" />
	</bean>

	<!-- Managers -->
	<bean id="authenticationManager"
		class="org.acegisecurity.providers.ProviderManager">
		<property name="providers">
			<list>
				<ref bean="xxxDAOAuthenticationProvider" />
				<ref bean="xxxRememberMeAuthenticationProvider" />
				<ref bean="anonymousAuthenticationProvider" />
			</list>
		</property>
	</bean>

	<!-- Providers -->
	<bean id="xxxDAOAuthenticationProvider"
		class="com.xxx.core.security.providers.xxxDAOAuthenticationProvider">
		<property name="securityService" ref="securityService" />
		<property name="passwordEncoder" ref="passwordEncoder" />
	</bean>
	<bean id="xxxRememberMeAuthenticationProvider"
		class="com.xxx.core.security.providers.xxxRememberMeAuthenticationProvider">
		<property name="key" value="xxx" />
	</bean>
	<bean id="anonymousAuthenticationProvider"
		class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
		<property name="key" value="xxx" />
	</bean>

	<bean id="passwordEncoder"
		class="org.acegisecurity.providers.encoding.Md5PasswordEncoder" />
</beans>




    getting AuthenticatedUserName using SecurityContext :
    Code:
     public String getAuthenticatedUserName(SecurityContext context) {
        if (context == null) {
            return null;
        }

        Authentication authentication = context.getAuthentication();
       if (authentication == null) {
            return null;
        }
      
        Object principal = authentication.getPrincipal();
        if ((principal == null) || !(principal instanceof User)) {
            return null;
        }
        return ((User) principal).getUsername();
       
    }

    Anyone have some idea how to fix this bug ?
    Last edited by sentor; Oct 22nd, 2008 at 06:45 AM.
  2. Oct 22nd, 2008, 06:47 AM #2
    sentor
    sentor is offline Junior Member
    Join Date
    Sep 2008
    Posts
    2

    Default

    Hi again


    Any your inputs will be welcome....

    Thanks
  3. Oct 30th, 2008, 11:06 PM #3
    guillermodl
    guillermodl is offline Member
    Join Date
    Jan 2008
    Posts
    79

    Default

    the configutation seems to be ok
    can you post the debug console in that section
    There are two ways of spreading the light ... Be the lamp that emits, or the mirror that reflects it
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules