Problem with jvmRoute
Hi, I'm using Spring Security for a web application using Glassfish v2.1.
Every things works fine, but when I set -DjvmRoute=webapps1 for the server the form login stop to work, except when I set the the remember me option, its like the httpSessionContextIntegrationFilter stop to work.
Here my Spring Security configuration:
Thanks for any help,Code:<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"> <bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy"> <security:filter-chain-map path-type="ant"> <security:filter-chain pattern="/**" filters="httpSessionContextIntegrationFilter, logoutFilter, formAuthenticationProcessingFilter, rememberMeProcessingFilter, anonymousProcessingFilter, exceptionTranslationFilter, filterSecurityInterceptor, channelProcessingFilter" /> </security:filter-chain-map> </bean> <bean id="formAuthenticationProcessingFilter" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter"> <property name="rememberMeServices" ref="rememberMeServices"/> <property name="filterProcessesUrl" value="/j_spring_security_check"/> <property name="authenticationFailureUrl" value="/error.htm?t=login"/> <property name="defaultTargetUrl" value="/mainredirect.htm"/> <property name="authenticationManager" ref="authenticationManager"/> </bean> <bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter"> <property name="filterProcessesUrl" value="/logout.htm" /> <!-- URL redirected to after logout --> <constructor-arg value="/login.htm" /> <constructor-arg> <list> <ref bean="rememberMeServices"/> <bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler" /> </list> </constructor-arg> </bean> <bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager"> <property name="providers"> <list> <ref bean="daoAuthenticationProvider" /> <ref bean="rememberMeAuthenticationProvider" /> </list> </property> </bean> <bean id="daoAuthenticationProvider" class="org.springframework.security.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="userDetailManager"/> </bean> <bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter"/> <bean id="exceptionTranslationFilter" class="br.com.pst.rastreador.security.filter.CustomExceptionTranslationFilter"> <property name="authenticationEntryPoint" ref="formLoginAuthenticationEntryPoint"/> <property name="ignoreMap"> <list> <value>json</value> <value>html</value> </list> </property> <property name="accessDeniedHandler"> <bean class="org.springframework.security.ui.AccessDeniedHandlerImpl"/> </property> </bean> <bean id="formLoginAuthenticationEntryPoint" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <property name="loginFormUrl" value="/login.htm"/> <property name="forceHttps" value="true"/> </bean> <bean id="anonymousProcessingFilter" class="org.springframework.security.providers.anonymous.AnonymousProcessingFilter"> <property name="key" value="foobar"/> <property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS"/> </bean> <bean id="anonymousAuthenticationProvider" class="org.springframework.security.providers.anonymous.AnonymousAuthenticationProvider"> <property name="key" value="foobar"/> </bean> <bean id="filterSecurityInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor"> <property name="authenticationManager" ref="authenticationManager"/> <property name="accessDecisionManager" ref="httpRequestAccessDecisionManager"/> <property name="objectDefinitionSource"> <security:filter-invocation-definition-source lowercase-comparisons="true" path-type="ant"> <security:intercept-url pattern="/login.*htm*" access="ROLE_ANONYMOUS,ROLE_AUTH"/> <security:intercept-url pattern="/error.*htm*" access="ROLE_ANONYMOUS,ROLE_AUTH"/> <security:intercept-url pattern="/images/**" access="ROLE_ANONYMOUS,ROLE_AUTH"/> <security:intercept-url pattern="/scripts/**" access="ROLE_ANONYMOUS,ROLE_AUTH"/> <security:intercept-url pattern="/styles/**" access="ROLE_ANONYMOUS,ROLE_AUTH"/> <security:intercept-url pattern="/j_spring_security_check" access="ROLE_ANONYMOUS,ROLE_AUTH"/> <security:intercept-url pattern="/**" access="ROLE_AUTH"/> </security:filter-invocation-definition-source> </property> </bean> <bean id="httpRequestAccessDecisionManager" class="org.springframework.security.vote.AffirmativeBased"> <property name="allowIfAllAbstainDecisions" value="false"/> <property name="decisionVoters"> <list> <ref bean="roleVoter" /> </list> </property> </bean> <bean id="roleVoter" class="org.springframework.security.vote.RoleVoter"> <property name="rolePrefix" value="ROLE_"/> </bean> <bean id="channelProcessingFilter" class="org.springframework.security.securechannel.ChannelProcessingFilter"> <property name="channelDecisionManager" ref="channelDecisionManager"/> <property name="filterInvocationDefinitionSource"> <security:filter-invocation-definition-source lowercase-comparisons="true" path-type="ant"> <security:intercept-url pattern="/login.*htm*" access="REQUIRES_SECURE_CHANNEL"/> <security:intercept-url pattern="/j_spring_security_check" access="REQUIRES_SECURE_CHANNEL"/> <security:intercept-url pattern="/images/**" access="ANY_CHANNEL"/> <security:intercept-url pattern="/styles/**" access="ANY_CHANNEL"/> <security:intercept-url pattern="/scripts/**" access="ANY_CHANNEL"/> <security:intercept-url pattern="/**" access="REQUIRES_INSECURE_CHANNEL"/> </security:filter-invocation-definition-source> </property> </bean> <bean id="channelDecisionManager" class="org.springframework.security.securechannel.ChannelDecisionManagerImpl"> <property name="channelProcessors"> <list> <ref bean="secureChannelProcessor"/> <ref bean="insecureChannelProcessor"/> </list> </property> </bean> <bean id="secureChannelProcessor" class="org.springframework.security.securechannel.SecureChannelProcessor"/> <bean id="insecureChannelProcessor" class="org.springframework.security.securechannel.InsecureChannelProcessor"/> <bean id="userDetailManager" class="br.com.pst.rastreador.security.userdetail.UserDetailManagerImpl"> <property name="userManager"> <bean class="br.com.pst.rastreador.services.manager.impl.UserManagerImpl"> <constructor-arg> <bean class="br.com.pst.rastreador.services.dao.jdbc.UserDAOJDBC"> <constructor-arg ref="dataSource"/> </bean> </constructor-arg> </bean> </property> </bean> <bean id="rememberMeProcessingFilter" class="org.springframework.security.ui.rememberme.RememberMeProcessingFilter"> <property name="rememberMeServices" ref="rememberMeServices" /> <property name="authenticationManager" ref="authenticationManager" /> </bean> <bean id="rememberMeServices" class="org.springframework.security.ui.rememberme.TokenBasedRememberMeServices"> <property name="userDetailsService" ref="userDetailManager" /> <property name="key" value="sdsideng" /> </bean> <bean id="rememberMeAuthenticationProvider" class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider"> <property name="key" value="sdsideng"/> </bean> <bean id="loginListener" class="br.com.pst.rastreador.security.listener.LoginListener"> <constructor-arg> <bean class="br.com.pst.rastreador.services.manager.impl.LogManagerImpl"> <property name="logDAO"> <bean class="br.com.pst.rastreador.services.dao.jdbc.LogDAOJDBC"> <constructor-arg ref="dataSource"/> </bean> </property> </bean> </constructor-arg> </bean> <bean id="dataSource" class="org.springframework.jndi.JndiObjectFactoryBean"> <property name="jndiName" value="jdbc/rastreador2"/> </bean> </beans>
Leandro Borges
