Results 1 to 2 of 2

Thread: Jquery Tabs

  1. Jun 9th, 2010, 06:04 PM #1
    tselliot
    tselliot is offline Junior Member
    Join Date
    Dec 2005
    Posts
    5

    Default Jquery Tabs

    Hi,

    I am having an issue with spring security and jquery tabs. All of my tabs are loading their content via ajax. At the top of each of the pages being loaded by the tabs I have the following piece of code:

    Code:
    <sec:authorize access="isAuthenticated()">
    <% response.setHeader("REQUIRES_AUTH", "1"); %>
</sec:authorize>
    Then in my tabs javascript code I have the following option:

    Code:
    complete: function(xhr, status) {
    if (status != "error" && xhr.getResponseHeader("REQUIRES_AUTH") != "1")
        window.location.replace("../../login.jsp");
}
    The issue happens when I am already logged in and I create a new tab. If I close the new tab I just created, an already existing tab is selected, but I get thrown out of my app and back to my login.jsp page even though I'm already authenticated and logged in.

    Here is the appsecurity.xml file

    Code:
    <?xml version="1.0" encoding="UTF-8"?>

<beans:beans xmlns="http://www.springframework.org/schema/security" 
             xmlns:beans="http://www.springframework.org/schema/beans" 
             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xsi:schemaLocation="http://www.springframework.org/schema/beans
                                 http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                                 http://www.springframework.org/schema/security
                                 http://www.springframework.org/schema/security/spring-security-3.0.xsd">
    
    <http use-expressions="true" lowercase-comparisons="false">
        <intercept-url pattern="/css/**" filters="none" />
        <intercept-url pattern="/img/**" filters="none" />
        <intercept-url pattern="/js/**" filters="none" />
        <intercept-url pattern="/secure/**" access="isAuthenticated()" />
        <intercept-url pattern="/**" access="permitAll" />
        <form-login login-page="/login.jsp" authentication-failure-url="/login.jsp?login_error=1" default-target-url="/secure/index.jsp" always-use-default-target="true" />
        <logout invalidate-session="true"  logout-success-url="/login.jsp" />
        <remember-me data-source-ref="inMemDataSource" user-service-ref="myUserDetails" token-validity-seconds="1800" />
        <access-denied-handler error-page="/login.jsp?login_error=1" />
        <session-management session-authentication-error-url="/login.jsp?login_error=1" session-fixation-protection="migrateSession" invalid-session-url="/login.jsp">
            <concurrency-control max-sessions="1" error-if-maximum-exceeded="true" expired-url="/timeout.jsp" />
        </session-management>
    </http>
    
    <global-method-security secured-annotations="enabled" jsr250-annotations="enabled" pre-post-annotations="enabled" />
    
    <beans:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
        <beans:constructor-arg value=""/>
        <beans:property name="password" value="password"/>
    </beans:bean>
    
    <beans:bean id="authPopulator" class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
        <beans:constructor-arg ref="contextSource"/>
        <beans:constructor-arg value="" />
        <beans:property name="groupRoleAttribute" value="cn" />
        <beans:property name="searchSubtree" value="true" />
        <beans:property name="rolePrefix" value="ROLE_" />
    </beans:bean>
    
    <beans:bean id="myUserDetails" class="org.springframework.security.ldap.userdetails.LdapUserDetailsService">
        <beans:constructor-arg>
            <beans:bean class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
                <beans:constructor-arg value="" />
                <beans:constructor-arg value="" />
                <beans:constructor-arg ref="contextSource" />
            </beans:bean>
        </beans:constructor-arg>
        <beans:constructor-arg ref="authPopulator" />
    </beans:bean>

    <beans:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
        <beans:constructor-arg>
            <beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
                <beans:constructor-arg ref="contextSource"/>
                <beans:property name="userDnPatterns">
                    <beans:list><beans:value>cn={0},ou=provenirusers,o=bnk</beans:value></beans:list>
                </beans:property>
            </beans:bean>
        </beans:constructor-arg>
        <beans:constructor-arg ref="authPopulator" />
    </beans:bean>
    
    <authentication-manager>
        <authentication-provider ref="ldapAuthProvider" user-service-ref="myUserDetails">
            <password-encoder hash="md5" />
        </authentication-provider>
    </authentication-manager>

</beans:beans>
  2. Jun 9th, 2010, 06:06 PM #2
    tselliot
    tselliot is offline Junior Member
    Join Date
    Dec 2005
    Posts
    5

    Default

    Here is the log output I see:

    Code:
    [#|2010-06-09T19:02:44.179-0400|INFO|glassfishv3.0|javax.enterprise.system.std.com.sun.enterprise.v3.services.impl|_ThreadID=39;_ThreadName=http-thread-pool-8080-(8);|[DEBUG,FilterChainProxy,http-thread-pool-8080-(8)] Candidate is: '/secure/air/airGuarantors.jsp'; pattern is /css/**; matched=false
|#]

[#|2010-06-09T19:02:44.179-0400|INFO|glassfishv3.0|javax.enterprise.system.std.com.sun.enterprise.v3.services.impl|_ThreadID=39;_ThreadName=http-thread-pool-8080-(8);|[DEBUG,FilterChainProxy,http-thread-pool-8080-(8)] Candidate is: '/secure/air/airGuarantors.jsp'; pattern is /img/**; matched=false
|#]

[#|2010-06-09T19:02:44.179-0400|INFO|glassfishv3.0|javax.enterprise.system.std.com.sun.enterprise.v3.services.impl|_ThreadID=39;_ThreadName=http-thread-pool-8080-(8);|[DEBUG,FilterChainProxy,http-thread-pool-8080-(8)] Candidate is: '/secure/air/airGuarantors.jsp'; pattern is /js/**; matched=false
|#]

[#|2010-06-09T19:02:44.179-0400|INFO|glassfishv3.0|javax.enterprise.system.std.com.sun.enterprise.v3.services.impl|_ThreadID=39;_ThreadName=http-thread-pool-8080-(8);|[DEBUG,FilterChainProxy,http-thread-pool-8080-(8)] Candidate is: '/secure/air/airGuarantors.jsp'; pattern is /**; matched=true
|#]

[#|2010-06-09T19:02:44.179-0400|INFO|glassfishv3.0|javax.enterprise.system.std.com.sun.enterprise.v3.services.impl|_ThreadID=39;_ThreadName=http-thread-pool-8080-(8);|[DEBUG,FilterChainProxy,http-thread-pool-8080-(8)] /secure/air/airGuarantors.jsp?_=1276124564179 at position 1 of 11 in additional filter chain; firing Filter: 'org.springframework.security.web.session.ConcurrentSessionFilter@c9fc25'
|#]

[#|2010-06-09T19:02:44.179-0400|INFO|glassfishv3.0|javax.enterprise.system.std.com.sun.enterprise.v3.services.impl|_ThreadID=39;_ThreadName=http-thread-pool-8080-(8);|[DEBUG,FilterChainProxy,http-thread-pool-8080-(8)] /secure/air/airGuarantors.jsp?_=1276124564179 at position 2 of 11 in additional filter chain; firing Filter: 'org.springframework.security.web.context.SecurityContextPersistenceFilter@841423'
|#]

[#|2010-06-09T19:02:44.179-0400|INFO|glassfishv3.0|javax.enterprise.system.std.com.sun.enterprise.v3.services.impl|_ThreadID=39;_ThreadName=http-thread-pool-8080-(8);|[DEBUG,HttpSessionSecurityContextRepository,http-thread-pool-8080-(8)] Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@359688f0: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@359688f0: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@1be7fb2: Username: tlaverriere; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_PRSB_TEST_PROVENIRADMIN, ROLE_PRSB_PROVENIRADMIN, ROLE_PROVENIR_DEV_ADMIN_REPO, ROLE_PRCL_QA_PROVENIRADMIN, ROLE_PRSB_ADMINRSB_ADMIN, ROLE_PRSB_QA_PROVENIRADMIN, ROLE_PRCL_DEV_PROVENIRADMIN, ROLE_PRSB_BAT_PROVENIRADMIN, ROLE_PROVENIR_DEV_ADMIN_JMX, ROLE_PRSB_PROVPAGEDEVTEST, ROLE_PROVROLE, ROLE_PRSB_ADMINDATAENTRY, ROLE_PROVENIR_DEV_ADMIN_DE, ROLE_PROVENIR_DEV_DEVELOPER, ROLE_PROVENIRADMIN, ROLE_PRSB_DEV_PROVENIRADMIN, ROLE_PRCL_TEST_PROVENIRADMIN, ROLE_ROLE1, ROLE_PRCL_PROVPAGEDEVTEST, ROLE_PRSB_SIT_PROVENIRADMIN, ROLE_PRSB_PAT_PROVENIRADMIN, ROLE_PRCL_ADMINRSB_ADMIN, ROLE_PROVPAGE, ROLE_PRCL_SIT_PROVENIRADMIN, ROLE_PROVENIR_DEV_ADMIN_TOMCAT, ROLE_NOWORKFOCEID DYNAMIC GROUP, ROLE_EVERYONE DYNAMIC USER, ROLE_PRCL_PROVENIRADMIN, ROLE_PRCL_BAT_PROVENIRADMIN, ROLE_PRCL_PAT_PROVENIRADMIN; Password: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@1c07a: RemoteIpAddress: 127.0.0.1; SessionId: ef30057a0fe1b06a3ba8df5705b1; Granted Authorities: ROLE_PRSB_TEST_PROVENIRADMIN, ROLE_PRSB_PROVENIRADMIN, ROLE_PROVENIR_DEV_ADMIN_REPO, ROLE_PRCL_QA_PROVENIRADMIN, ROLE_PRSB_ADMINRSB_ADMIN, ROLE_PRSB_QA_PROVENIRADMIN, ROLE_PRCL_DEV_PROVENIRADMIN, ROLE_PRSB_BAT_PROVENIRADMIN, ROLE_PROVENIR_DEV_ADMIN_JMX, ROLE_PRSB_PROVPAGEDEVTEST, ROLE_PROVROLE, ROLE_PRSB_ADMINDATAENTRY, ROLE_PROVENIR_DEV_ADMIN_DE, ROLE_PROVENIR_DEV_DEVELOPER, ROLE_PROVENIRADMIN, ROLE_PRSB_DEV_PROVENIRADMIN, ROLE_PRCL_TEST_PROVENIRADMIN, ROLE_ROLE1, ROLE_PRCL_PROVPAGEDEVTEST, ROLE_PRSB_SIT_PROVENIRADMIN, ROLE_PRSB_PAT_PROVENIRADMIN, ROLE_PRCL_ADMINRSB_ADMIN, ROLE_PROVPAGE, ROLE_PRCL_SIT_PROVENIRADMIN, ROLE_PROVENIR_DEV_ADMIN_TOMCAT, ROLE_NOWORKFOCEID DYNAMIC GROUP, ROLE_EVERYONE DYNAMIC USER, ROLE_PRCL_PROVENIRADMIN, ROLE_PRCL_BAT_PROVENIRADMIN, ROLE_PRCL_PAT_PROVENIRADMIN'
|#]

[#|2010-06-09T19:02:44.179-0400|INFO|glassfishv3.0|javax.enterprise.system.std.com.sun.enterprise.v3.services.impl|_ThreadID=39;_ThreadName=http-thread-pool-8080-(8);|[DEBUG,FilterChainProxy,http-thread-pool-8080-(8)] /secure/air/airGuarantors.jsp?_=1276124564179 at position 3 of 11 in additional filter chain; firing Filter: 'org.springframework.security.web.authentication.logout.LogoutFilter@1463027'
|#]

[#|2010-06-09T19:02:44.179-0400|INFO|glassfishv3.0|javax.enterprise.system.std.com.sun.enterprise.v3.services.impl|_ThreadID=39;_ThreadName=http-thread-pool-8080-(8);|[DEBUG,FilterChainProxy,http-thread-pool-8080-(8)] /secure/air/airGuarantors.jsp?_=1276124564179 at position 4 of 11 in additional filter chain; firing Filter: 'org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@1038048'
|#]

[#|2010-06-09T19:02:44.273-0400|INFO|glassfishv3.0|javax.enterprise.system.std.com.sun.enterprise.v3.services.impl|_ThreadID=41;_ThreadName=http-thread-pool-8080-(7);|[DEBUG,FilterChainProxy,http-thread-pool-8080-(7)] Candidate is: '/secure/air/airLoans.jsp'; pattern is /css/**; matched=false
|#]

[#|2010-06-09T19:02:44.273-0400|INFO|glassfishv3.0|javax.enterprise.system.std.com.sun.enterprise.v3.services.impl|_ThreadID=28;_ThreadName=http-thread-pool-8080-(1);|[DEBUG,FilterChainProxy,http-thread-pool-8080-(1)] Candidate is: '/login.jsp'; pattern is /css/**; matched=false
|#]
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules