You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by Petri Turunen <pe...@flexinvesting.fi> on 2013/03/14 02:17:08 UTC
shiro not redirecting to successUrl
Hi,
For some reason shiro is not redirecting to successUrl but the login is
successful.
If i go to the successUrl after login everything works fine.
Can someone please help?
My config:
web.xml:
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext.xml
</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<filter>
<filter-name>shiroFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>targetFilterLifecycle</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>shiroFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
applicationContext.xml
<bean id="securityManager"
class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="jdbcRealm" />
</bean>
<bean id="passwordService"
class="org.apache.shiro.authc.credential.DefaultPasswordService">
<property name="hashService.hashAlgorithmName"
value="SHA-512"/>
<property name="hashService.hashIterations" value="500000"/>
</bean>
<bean id="sessionManager"
class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
</bean>
<bean id="jdbcRealm" class="org.apache.shiro.realm.jdbc.JdbcRealm">
<property name="credentialsMatcher">
<bean class="org.apache.shiro.authc.credential.PasswordMatcher">
<property name="passwordService" ref="passwordService"/>
</bean>
</property>
<property name="name" value="jdbcRealm" />
<property name="dataSource" ref="dataSource" />
<property name="authenticationQuery"
value="SELECT sus_password FROM sec_users WHERE sus_username=?
AND sus_enabled=1" />
</bean>
<bean id="lifecycleBeanPostProcessor"
class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
<bean id="annotationProxy"
class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
depends-on="lifecycleBeanPostProcessor" />
<bean id="annotationProxy"
class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
depends-on="lifecycleBeanPostProcessor" />
<bean
class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager" />
</bean>
<bean id="shiroFilter"
class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"/>
<property name="loginUrl" value="/login.jsp"/>
<property name="successUrl" value="/app"/>
<property name="unauthorizedUrl" value="/login.jsp?login_error=1"/>
<property name="filterChainDefinitions">
<value>
/assets/** = anon
/login.jsp = authc
/** = authc
</value>
</property>
</bean>
--
Ystävällisin terveisin / Best Regards,
Petri Turunen
Re: shiro not redirecting to successUrl
Posted by Petri Turunen <pe...@flexinvesting.fi>.
Hi,
Forget this :D
Pete
>
> Just tryed to go to my /app that should be protected but it isnt.
> Its like shiro shiro thinks every thins is anon and doesnt execute authc.
>
> --
> Ystävällisin terveisin / Best Regards,
> Petri Turunen
> Flex Investing Oy
>
>
>
> Lainaus Petri Turunen <pe...@flexinvesting.fi>:
>
>> Hi,
>>
>> Ill try to get sample application done.
>> Here is some log entries maybe these could give some clue to
>> what is wrong.
>>
>> TRACE 2013-03-22 17:17:39,971 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.web.filter.PathMatchingFilter - Attempting to
>> match pattern '/login.jsp' with current requestURI '/login.jsp'...
>> TRACE 2013-03-22 17:17:39,971 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.web.filter.authc.FormAuthenticationFilter - Login
>> submission detected. Attempting to execute login.
>> TRACE 2013-03-22 17:17:39,972 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.util.ThreadContext - get() - in thread
>> [ajp-bio-8009-exec-6]
>> TRACE 2013-03-22 17:17:39,972 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.util.ThreadContext - Retrieved value of type
>> [org.apache.shiro.web.subject.support.WebDelegatingSubject] for key
>> [org.apache.shiro.util.ThreadContext_SUBJECT_KEY] bound to thread
>> [ajp-bio-8009-exec-6]
>> TRACE 2013-03-22 17:17:39,972 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.subject.support.DelegatingSubject - attempting to
>> get session; create = false; session is null = false; session has
>> id = true
>> TRACE 2013-03-22 17:17:39,972 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.authc.AbstractAuthenticator - Authentication
>> attempt received for token
>> [org.apache.shiro.authc.UsernamePasswordToken - admin,
>> rememberMe=false (77.95.151.165)]
>> DEBUG 2013-03-22 17:17:40,126 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.realm.AuthenticatingRealm - Looked up
>> AuthenticationInfo [admin] from doGetAuthenticationInfo
>> DEBUG 2013-03-22 17:17:40,126 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.realm.AuthenticatingRealm - AuthenticationInfo
>> caching is disabled for info [admin]. Submitted token:
>> [org.apache.shiro.authc.UsernamePasswordToken - admin,
>> rememberMe=false (77.95.151.165)].
>> DEBUG 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.authc.AbstractAuthenticator - Authentication
>> successful for token [org.apache.shiro.authc.UsernamePasswordToken
>> - admin, rememberMe=false (77.95.151.165)]. Returned account [admin]
>> DEBUG 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.subject.support.DefaultSubjectContext - No
>> SecurityManager available in subject context map. Falling back to
>> SecurityUtils.getSecurityManager() lookup.
>> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.util.ThreadContext - get() - in thread
>> [ajp-bio-8009-exec-6]
>> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.util.ThreadContext - Retrieved value of type
>> [org.apache.shiro.web.mgt.DefaultWebSecurityManager] for key
>> [org.apache.shiro.util.ThreadContext_SECURITY_MANAGER_KEY] bound to
>> thread [ajp-bio-8009-exec-6]
>> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.mgt.DefaultSecurityManager - Context already
>> contains a SecurityManager instance. Returning.
>> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.subject.support.DelegatingSubject - attempting to
>> get session; create = false; session is null = false; session has
>> id = true
>> DEBUG 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.mgt.DefaultSecurityManager - Context already
>> contains a session. Returning.
>> DEBUG 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.subject.support.DefaultSubjectContext - No
>> SecurityManager available in subject context map. Falling back to
>> SecurityUtils.getSecurityManager() lookup.
>> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.util.ThreadContext - get() - in thread
>> [ajp-bio-8009-exec-6]
>> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.util.ThreadContext - Retrieved value of type
>> [org.apache.shiro.web.mgt.DefaultWebSecurityManager] for key
>> [org.apache.shiro.util.ThreadContext_SECURITY_MANAGER_KEY] bound to
>> thread [ajp-bio-8009-exec-6]
>> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.subject.support.DelegatingSubject - attempting to
>> get session; create = false; session is null = false; session has
>> id = true
>> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.subject.support.DelegatingSubject - attempting to
>> get session; create = false; session is null = false; session has
>> id = true
>> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.subject.support.DelegatingSubject - attempting to
>> get session; create = false; session is null = false; session has
>> id = true
>> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.subject.support.DelegatingSubject - attempting to
>> get session; create = false; session is null = false; session has
>> id = true
>> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.subject.support.DelegatingSubject - attempting to
>> get session; create = false; session is null = false; session has
>> id = true
>> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.web.servlet.SimpleCookie - calculated path: /cApp
>> DEBUG 2013-03-22 17:17:40,542 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.web.servlet.SimpleCookie - Added
>> HttpServletResponse Cookie [rememberMe=deleteMe; Path=/cApp;
>> Max-Age=0; Expires=Thu, 21-Mar-2013 15:17:40 GMT]
>> TRACE 2013-03-22 17:17:40,542 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.web.servlet.SimpleCookie - Removed 'rememberMe'
>> cookie by setting maxAge=0
>> DEBUG 2013-03-22 17:17:40,542 [ajp-bio-8009-exec-6][]
>> org.apache.shiro.mgt.AbstractRememberMeManager -
>> AuthenticationToken did not indicate RememberMe is requested.
>> RememberMe functionality will not be executed for corresponding
>> account.
>>
>> --
>> Ystävällisin terveisin / Best Regards,
>> Petri Turunen
>> Flex Investing Oy
>>
>>
>>
>> Lainaus Les Hazlewood <lh...@apache.org>:
>>
>>> The ShiroFilter config looks fine - I'm not sure why this wouldn't
>>> work for you. Can you supply a mini sample test app that we can use
>>> to test?
>>>
>>> Also, for Vaadin apps, you'll probably want to add this to your filter
>>> chain definitions:
>>>
>>> /VAADIN/themes/** = anon
>>>
>>> We found that certain web browsers do not send any cookies (i.e.
>>> session id cookie) when requesting a favicon file. Because of this,
>>> no identity is associated with the request and Shiro will reject the
>>> favicon request (since everything else is /** = authc). This caused
>>> errors in our Vaadin application. By adding the line above for themes
>>> (which of course can include favicon files), those errors went away.
>>>
>>> HTH,
>>>
>>> Les
>>>
>>> On Thu, Mar 14, 2013 at 2:47 AM, Petri Turunen
>>> <pe...@flexinvesting.fi> wrote:
>>>> Hi,
>>>>
>>>> And thanks for the fast reply.
>>>> Here is the rest of the web.xml
>>>>
>>>> <!-- Vaadin servlet -->
>>>> <context-param>
>>>> <description>Vaadin production mode</description>
>>>> <param-name>productionMode</param-name>
>>>> <param-value>false</param-value>
>>>> </context-param>
>>>> <servlet>
>>>> <servlet-name>MWebUI</servlet-name>
>>>> <!--
>>>> <servlet-class>com.vaadin.terminal.gwt.server.ApplicationServlet</servlet-class>
>>>> -->
>>>>
>>>> <servlet-class>com.my.app.webui.SpringVaadinServlet</servlet-class>
>>>> <init-param>
>>>> <description>Vaadin application class to
>>>> start</description>
>>>> <param-name>application</param-name>
>>>>
>>>> <param-value>com.my.app.webui.MftwebuiApplication</param-value>
>>>> </init-param>
>>>> <init-param>
>>>> <description>Application widgetset</description>
>>>> <param-name>widgetset</param-name>
>>>>
>>>> <param-value>com.my.app.webui.widgetset.MftwebuiWidgetset</param-value>
>>>> </init-param>
>>>> </servlet>
>>>> <servlet-mapping>
>>>> <servlet-name>MWebUI</servlet-name>
>>>> <url-pattern>/app/*</url-pattern>
>>>> </servlet-mapping>
>>>> <servlet-mapping>
>>>> <servlet-name>MWebUI</servlet-name>
>>>> <url-pattern>/VAADIN/*</url-pattern>
>>>> </servlet-mapping>
>>>>
>>>> <welcome-file-list>
>>>> <welcome-file>login.jsp</welcome-file>
>>>> </welcome-file-list>
>>>>
>>>> This is in applicationContext.xml:
>>>> <!-- Vaadin application (com.my.app.webui.MftwebuiApplication) -->
>>>> <bean scope="session" class="com.my.app.webui.MftwebuiApplication"/>
>>>>
>>>>
>>>> --
>>>> Ystävällisin terveisin / Best Regards,
>>>> Petri Turunen
>>>> Flex Investing Oy
>>>>
>>>>
>>>>
>>>> Lainaus NabbleReallySucks <bi...@yahoo.com>:
>>>>
>>>>
>>>>> First a comment.
>>>>>
>>>>> You do not need <context-param> in your web.xml because your config file
>>>>> is
>>>>> named applicationContext.xml and resides in the WEB-INF directory. That
>>>>> happens to be the default naming convention that the
>>>>> ContextLoaderListener
>>>>> automatically looks for. So adding the context-param is redundant.
>>>>>
>>>>> About your issue. In your mapping to URLs I notice the successUrl is the
>>>>> only one not having a ".jsp" ending. So if you have just "/app"
>>>>> you better
>>>>> or have to have a Controller method mapped to that URL. Which is a Spring
>>>>> thing and has nothing to do with Shiro. Now, this might not be the
>>>>> problem,
>>>>> and it still might be something Shiro specific. But my odds are more
>>>>> towards
>>>>> not having a mapping for "/app"
>>>>>
>>>>> What if you set it to "/app.jsp"?
>>>>>
>>>>> Or show the @RequestMapping in your @Controller.
>>>>>
>>>>> Thanks
>>>>>
>>>>> Mark
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> View this message in context:
>>>>> http://shiro-user.582556.n2.nabble.com/shiro-not-redirecting-to-successUrl-tp7578381p7578382.html
>>>>> Sent from the Shiro User mailing list archive at Nabble.com.
>>>>
>>>>
>>>>
Re: shiro not redirecting to successUrl
Posted by Petri Turunen <pe...@flexinvesting.fi>.
Hi,
Just tryed to go to my /app that should be protected but it isnt.
Its like shiro shiro thinks every thins is anon and doesnt execute authc.
--
Ystävällisin terveisin / Best Regards,
Petri Turunen
Flex Investing Oy
Lainaus Petri Turunen <pe...@flexinvesting.fi>:
> Hi,
>
> Ill try to get sample application done.
> Here is some log entries maybe these could give some clue to
> what is wrong.
>
> TRACE 2013-03-22 17:17:39,971 [ajp-bio-8009-exec-6][]
> org.apache.shiro.web.filter.PathMatchingFilter - Attempting to match
> pattern '/login.jsp' with current requestURI '/login.jsp'...
> TRACE 2013-03-22 17:17:39,971 [ajp-bio-8009-exec-6][]
> org.apache.shiro.web.filter.authc.FormAuthenticationFilter - Login
> submission detected. Attempting to execute login.
> TRACE 2013-03-22 17:17:39,972 [ajp-bio-8009-exec-6][]
> org.apache.shiro.util.ThreadContext - get() - in thread
> [ajp-bio-8009-exec-6]
> TRACE 2013-03-22 17:17:39,972 [ajp-bio-8009-exec-6][]
> org.apache.shiro.util.ThreadContext - Retrieved value of type
> [org.apache.shiro.web.subject.support.WebDelegatingSubject] for key
> [org.apache.shiro.util.ThreadContext_SUBJECT_KEY] bound to thread
> [ajp-bio-8009-exec-6]
> TRACE 2013-03-22 17:17:39,972 [ajp-bio-8009-exec-6][]
> org.apache.shiro.subject.support.DelegatingSubject - attempting to
> get session; create = false; session is null = false; session has id
> = true
> TRACE 2013-03-22 17:17:39,972 [ajp-bio-8009-exec-6][]
> org.apache.shiro.authc.AbstractAuthenticator - Authentication
> attempt received for token
> [org.apache.shiro.authc.UsernamePasswordToken - admin,
> rememberMe=false (77.95.151.165)]
> DEBUG 2013-03-22 17:17:40,126 [ajp-bio-8009-exec-6][]
> org.apache.shiro.realm.AuthenticatingRealm - Looked up
> AuthenticationInfo [admin] from doGetAuthenticationInfo
> DEBUG 2013-03-22 17:17:40,126 [ajp-bio-8009-exec-6][]
> org.apache.shiro.realm.AuthenticatingRealm - AuthenticationInfo
> caching is disabled for info [admin]. Submitted token:
> [org.apache.shiro.authc.UsernamePasswordToken - admin,
> rememberMe=false (77.95.151.165)].
> DEBUG 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
> org.apache.shiro.authc.AbstractAuthenticator - Authentication
> successful for token [org.apache.shiro.authc.UsernamePasswordToken -
> admin, rememberMe=false (77.95.151.165)]. Returned account [admin]
> DEBUG 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
> org.apache.shiro.subject.support.DefaultSubjectContext - No
> SecurityManager available in subject context map. Falling back to
> SecurityUtils.getSecurityManager() lookup.
> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
> org.apache.shiro.util.ThreadContext - get() - in thread
> [ajp-bio-8009-exec-6]
> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
> org.apache.shiro.util.ThreadContext - Retrieved value of type
> [org.apache.shiro.web.mgt.DefaultWebSecurityManager] for key
> [org.apache.shiro.util.ThreadContext_SECURITY_MANAGER_KEY] bound to
> thread [ajp-bio-8009-exec-6]
> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
> org.apache.shiro.mgt.DefaultSecurityManager - Context already
> contains a SecurityManager instance. Returning.
> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
> org.apache.shiro.subject.support.DelegatingSubject - attempting to
> get session; create = false; session is null = false; session has id
> = true
> DEBUG 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
> org.apache.shiro.mgt.DefaultSecurityManager - Context already
> contains a session. Returning.
> DEBUG 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
> org.apache.shiro.subject.support.DefaultSubjectContext - No
> SecurityManager available in subject context map. Falling back to
> SecurityUtils.getSecurityManager() lookup.
> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
> org.apache.shiro.util.ThreadContext - get() - in thread
> [ajp-bio-8009-exec-6]
> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
> org.apache.shiro.util.ThreadContext - Retrieved value of type
> [org.apache.shiro.web.mgt.DefaultWebSecurityManager] for key
> [org.apache.shiro.util.ThreadContext_SECURITY_MANAGER_KEY] bound to
> thread [ajp-bio-8009-exec-6]
> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
> org.apache.shiro.subject.support.DelegatingSubject - attempting to
> get session; create = false; session is null = false; session has id
> = true
> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
> org.apache.shiro.subject.support.DelegatingSubject - attempting to
> get session; create = false; session is null = false; session has id
> = true
> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
> org.apache.shiro.subject.support.DelegatingSubject - attempting to
> get session; create = false; session is null = false; session has id
> = true
> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
> org.apache.shiro.subject.support.DelegatingSubject - attempting to
> get session; create = false; session is null = false; session has id
> = true
> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
> org.apache.shiro.subject.support.DelegatingSubject - attempting to
> get session; create = false; session is null = false; session has id
> = true
> TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
> org.apache.shiro.web.servlet.SimpleCookie - calculated path: /cApp
> DEBUG 2013-03-22 17:17:40,542 [ajp-bio-8009-exec-6][]
> org.apache.shiro.web.servlet.SimpleCookie - Added
> HttpServletResponse Cookie [rememberMe=deleteMe; Path=/cApp;
> Max-Age=0; Expires=Thu, 21-Mar-2013 15:17:40 GMT]
> TRACE 2013-03-22 17:17:40,542 [ajp-bio-8009-exec-6][]
> org.apache.shiro.web.servlet.SimpleCookie - Removed 'rememberMe'
> cookie by setting maxAge=0
> DEBUG 2013-03-22 17:17:40,542 [ajp-bio-8009-exec-6][]
> org.apache.shiro.mgt.AbstractRememberMeManager - AuthenticationToken
> did not indicate RememberMe is requested. RememberMe functionality
> will not be executed for corresponding account.
>
> --
> Ystävällisin terveisin / Best Regards,
> Petri Turunen
> Flex Investing Oy
>
>
>
> Lainaus Les Hazlewood <lh...@apache.org>:
>
>> The ShiroFilter config looks fine - I'm not sure why this wouldn't
>> work for you. Can you supply a mini sample test app that we can use
>> to test?
>>
>> Also, for Vaadin apps, you'll probably want to add this to your filter
>> chain definitions:
>>
>> /VAADIN/themes/** = anon
>>
>> We found that certain web browsers do not send any cookies (i.e.
>> session id cookie) when requesting a favicon file. Because of this,
>> no identity is associated with the request and Shiro will reject the
>> favicon request (since everything else is /** = authc). This caused
>> errors in our Vaadin application. By adding the line above for themes
>> (which of course can include favicon files), those errors went away.
>>
>> HTH,
>>
>> Les
>>
>> On Thu, Mar 14, 2013 at 2:47 AM, Petri Turunen
>> <pe...@flexinvesting.fi> wrote:
>>> Hi,
>>>
>>> And thanks for the fast reply.
>>> Here is the rest of the web.xml
>>>
>>> <!-- Vaadin servlet -->
>>> <context-param>
>>> <description>Vaadin production mode</description>
>>> <param-name>productionMode</param-name>
>>> <param-value>false</param-value>
>>> </context-param>
>>> <servlet>
>>> <servlet-name>MWebUI</servlet-name>
>>> <!--
>>> <servlet-class>com.vaadin.terminal.gwt.server.ApplicationServlet</servlet-class>
>>> -->
>>>
>>> <servlet-class>com.my.app.webui.SpringVaadinServlet</servlet-class>
>>> <init-param>
>>> <description>Vaadin application class to
>>> start</description>
>>> <param-name>application</param-name>
>>>
>>> <param-value>com.my.app.webui.MftwebuiApplication</param-value>
>>> </init-param>
>>> <init-param>
>>> <description>Application widgetset</description>
>>> <param-name>widgetset</param-name>
>>>
>>> <param-value>com.my.app.webui.widgetset.MftwebuiWidgetset</param-value>
>>> </init-param>
>>> </servlet>
>>> <servlet-mapping>
>>> <servlet-name>MWebUI</servlet-name>
>>> <url-pattern>/app/*</url-pattern>
>>> </servlet-mapping>
>>> <servlet-mapping>
>>> <servlet-name>MWebUI</servlet-name>
>>> <url-pattern>/VAADIN/*</url-pattern>
>>> </servlet-mapping>
>>>
>>> <welcome-file-list>
>>> <welcome-file>login.jsp</welcome-file>
>>> </welcome-file-list>
>>>
>>> This is in applicationContext.xml:
>>> <!-- Vaadin application (com.my.app.webui.MftwebuiApplication) -->
>>> <bean scope="session" class="com.my.app.webui.MftwebuiApplication"/>
>>>
>>>
>>> --
>>> Ystävällisin terveisin / Best Regards,
>>> Petri Turunen
>>> Flex Investing Oy
>>>
>>>
>>>
>>> Lainaus NabbleReallySucks <bi...@yahoo.com>:
>>>
>>>
>>>> First a comment.
>>>>
>>>> You do not need <context-param> in your web.xml because your config file
>>>> is
>>>> named applicationContext.xml and resides in the WEB-INF directory. That
>>>> happens to be the default naming convention that the ContextLoaderListener
>>>> automatically looks for. So adding the context-param is redundant.
>>>>
>>>> About your issue. In your mapping to URLs I notice the successUrl is the
>>>> only one not having a ".jsp" ending. So if you have just "/app" you better
>>>> or have to have a Controller method mapped to that URL. Which is a Spring
>>>> thing and has nothing to do with Shiro. Now, this might not be the
>>>> problem,
>>>> and it still might be something Shiro specific. But my odds are more
>>>> towards
>>>> not having a mapping for "/app"
>>>>
>>>> What if you set it to "/app.jsp"?
>>>>
>>>> Or show the @RequestMapping in your @Controller.
>>>>
>>>> Thanks
>>>>
>>>> Mark
>>>>
>>>>
>>>>
>>>> --
>>>> View this message in context:
>>>> http://shiro-user.582556.n2.nabble.com/shiro-not-redirecting-to-successUrl-tp7578381p7578382.html
>>>> Sent from the Shiro User mailing list archive at Nabble.com.
>>>
>>>
>>>
Re: shiro not redirecting to successUrl
Posted by Petri Turunen <pe...@flexinvesting.fi>.
Hi,
Ill try to get sample application done.
Here is some log entries maybe these could give some clue to
what is wrong.
TRACE 2013-03-22 17:17:39,971 [ajp-bio-8009-exec-6][]
org.apache.shiro.web.filter.PathMatchingFilter - Attempting to match
pattern '/login.jsp' with current requestURI '/login.jsp'...
TRACE 2013-03-22 17:17:39,971 [ajp-bio-8009-exec-6][]
org.apache.shiro.web.filter.authc.FormAuthenticationFilter - Login
submission detected. Attempting to execute login.
TRACE 2013-03-22 17:17:39,972 [ajp-bio-8009-exec-6][]
org.apache.shiro.util.ThreadContext - get() - in thread
[ajp-bio-8009-exec-6]
TRACE 2013-03-22 17:17:39,972 [ajp-bio-8009-exec-6][]
org.apache.shiro.util.ThreadContext - Retrieved value of type
[org.apache.shiro.web.subject.support.WebDelegatingSubject] for key
[org.apache.shiro.util.ThreadContext_SUBJECT_KEY] bound to thread
[ajp-bio-8009-exec-6]
TRACE 2013-03-22 17:17:39,972 [ajp-bio-8009-exec-6][]
org.apache.shiro.subject.support.DelegatingSubject - attempting to get
session; create = false; session is null = false; session has id = true
TRACE 2013-03-22 17:17:39,972 [ajp-bio-8009-exec-6][]
org.apache.shiro.authc.AbstractAuthenticator - Authentication attempt
received for token [org.apache.shiro.authc.UsernamePasswordToken -
admin, rememberMe=false (77.95.151.165)]
DEBUG 2013-03-22 17:17:40,126 [ajp-bio-8009-exec-6][]
org.apache.shiro.realm.AuthenticatingRealm - Looked up
AuthenticationInfo [admin] from doGetAuthenticationInfo
DEBUG 2013-03-22 17:17:40,126 [ajp-bio-8009-exec-6][]
org.apache.shiro.realm.AuthenticatingRealm - AuthenticationInfo
caching is disabled for info [admin]. Submitted token:
[org.apache.shiro.authc.UsernamePasswordToken - admin,
rememberMe=false (77.95.151.165)].
DEBUG 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
org.apache.shiro.authc.AbstractAuthenticator - Authentication
successful for token [org.apache.shiro.authc.UsernamePasswordToken -
admin, rememberMe=false (77.95.151.165)]. Returned account [admin]
DEBUG 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
org.apache.shiro.subject.support.DefaultSubjectContext - No
SecurityManager available in subject context map. Falling back to
SecurityUtils.getSecurityManager() lookup.
TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
org.apache.shiro.util.ThreadContext - get() - in thread
[ajp-bio-8009-exec-6]
TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
org.apache.shiro.util.ThreadContext - Retrieved value of type
[org.apache.shiro.web.mgt.DefaultWebSecurityManager] for key
[org.apache.shiro.util.ThreadContext_SECURITY_MANAGER_KEY] bound to
thread [ajp-bio-8009-exec-6]
TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
org.apache.shiro.mgt.DefaultSecurityManager - Context already contains
a SecurityManager instance. Returning.
TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
org.apache.shiro.subject.support.DelegatingSubject - attempting to get
session; create = false; session is null = false; session has id = true
DEBUG 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
org.apache.shiro.mgt.DefaultSecurityManager - Context already contains
a session. Returning.
DEBUG 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
org.apache.shiro.subject.support.DefaultSubjectContext - No
SecurityManager available in subject context map. Falling back to
SecurityUtils.getSecurityManager() lookup.
TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
org.apache.shiro.util.ThreadContext - get() - in thread
[ajp-bio-8009-exec-6]
TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
org.apache.shiro.util.ThreadContext - Retrieved value of type
[org.apache.shiro.web.mgt.DefaultWebSecurityManager] for key
[org.apache.shiro.util.ThreadContext_SECURITY_MANAGER_KEY] bound to
thread [ajp-bio-8009-exec-6]
TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
org.apache.shiro.subject.support.DelegatingSubject - attempting to get
session; create = false; session is null = false; session has id = true
TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
org.apache.shiro.subject.support.DelegatingSubject - attempting to get
session; create = false; session is null = false; session has id = true
TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
org.apache.shiro.subject.support.DelegatingSubject - attempting to get
session; create = false; session is null = false; session has id = true
TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
org.apache.shiro.subject.support.DelegatingSubject - attempting to get
session; create = false; session is null = false; session has id = true
TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
org.apache.shiro.subject.support.DelegatingSubject - attempting to get
session; create = false; session is null = false; session has id = true
TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][]
org.apache.shiro.web.servlet.SimpleCookie - calculated path: /cApp
DEBUG 2013-03-22 17:17:40,542 [ajp-bio-8009-exec-6][]
org.apache.shiro.web.servlet.SimpleCookie - Added HttpServletResponse
Cookie [rememberMe=deleteMe; Path=/cApp; Max-Age=0; Expires=Thu,
21-Mar-2013 15:17:40 GMT]
TRACE 2013-03-22 17:17:40,542 [ajp-bio-8009-exec-6][]
org.apache.shiro.web.servlet.SimpleCookie - Removed 'rememberMe'
cookie by setting maxAge=0
DEBUG 2013-03-22 17:17:40,542 [ajp-bio-8009-exec-6][]
org.apache.shiro.mgt.AbstractRememberMeManager - AuthenticationToken
did not indicate RememberMe is requested. RememberMe functionality
will not be executed for corresponding account.
--
Ystävällisin terveisin / Best Regards,
Petri Turunen
Flex Investing Oy
Lainaus Les Hazlewood <lh...@apache.org>:
> The ShiroFilter config looks fine - I'm not sure why this wouldn't
> work for you. Can you supply a mini sample test app that we can use
> to test?
>
> Also, for Vaadin apps, you'll probably want to add this to your filter
> chain definitions:
>
> /VAADIN/themes/** = anon
>
> We found that certain web browsers do not send any cookies (i.e.
> session id cookie) when requesting a favicon file. Because of this,
> no identity is associated with the request and Shiro will reject the
> favicon request (since everything else is /** = authc). This caused
> errors in our Vaadin application. By adding the line above for themes
> (which of course can include favicon files), those errors went away.
>
> HTH,
>
> Les
>
> On Thu, Mar 14, 2013 at 2:47 AM, Petri Turunen
> <pe...@flexinvesting.fi> wrote:
>> Hi,
>>
>> And thanks for the fast reply.
>> Here is the rest of the web.xml
>>
>> <!-- Vaadin servlet -->
>> <context-param>
>> <description>Vaadin production mode</description>
>> <param-name>productionMode</param-name>
>> <param-value>false</param-value>
>> </context-param>
>> <servlet>
>> <servlet-name>MWebUI</servlet-name>
>> <!--
>> <servlet-class>com.vaadin.terminal.gwt.server.ApplicationServlet</servlet-class>
>> -->
>>
>> <servlet-class>com.my.app.webui.SpringVaadinServlet</servlet-class>
>> <init-param>
>> <description>Vaadin application class to
>> start</description>
>> <param-name>application</param-name>
>>
>> <param-value>com.my.app.webui.MftwebuiApplication</param-value>
>> </init-param>
>> <init-param>
>> <description>Application widgetset</description>
>> <param-name>widgetset</param-name>
>>
>> <param-value>com.my.app.webui.widgetset.MftwebuiWidgetset</param-value>
>> </init-param>
>> </servlet>
>> <servlet-mapping>
>> <servlet-name>MWebUI</servlet-name>
>> <url-pattern>/app/*</url-pattern>
>> </servlet-mapping>
>> <servlet-mapping>
>> <servlet-name>MWebUI</servlet-name>
>> <url-pattern>/VAADIN/*</url-pattern>
>> </servlet-mapping>
>>
>> <welcome-file-list>
>> <welcome-file>login.jsp</welcome-file>
>> </welcome-file-list>
>>
>> This is in applicationContext.xml:
>> <!-- Vaadin application (com.my.app.webui.MftwebuiApplication) -->
>> <bean scope="session" class="com.my.app.webui.MftwebuiApplication"/>
>>
>>
>> --
>> Ystävällisin terveisin / Best Regards,
>> Petri Turunen
>> Flex Investing Oy
>>
>>
>>
>> Lainaus NabbleReallySucks <bi...@yahoo.com>:
>>
>>
>>> First a comment.
>>>
>>> You do not need <context-param> in your web.xml because your config file
>>> is
>>> named applicationContext.xml and resides in the WEB-INF directory. That
>>> happens to be the default naming convention that the ContextLoaderListener
>>> automatically looks for. So adding the context-param is redundant.
>>>
>>> About your issue. In your mapping to URLs I notice the successUrl is the
>>> only one not having a ".jsp" ending. So if you have just "/app" you better
>>> or have to have a Controller method mapped to that URL. Which is a Spring
>>> thing and has nothing to do with Shiro. Now, this might not be the
>>> problem,
>>> and it still might be something Shiro specific. But my odds are more
>>> towards
>>> not having a mapping for "/app"
>>>
>>> What if you set it to "/app.jsp"?
>>>
>>> Or show the @RequestMapping in your @Controller.
>>>
>>> Thanks
>>>
>>> Mark
>>>
>>>
>>>
>>> --
>>> View this message in context:
>>> http://shiro-user.582556.n2.nabble.com/shiro-not-redirecting-to-successUrl-tp7578381p7578382.html
>>> Sent from the Shiro User mailing list archive at Nabble.com.
>>
>>
>>
Re: shiro not redirecting to successUrl
Posted by Les Hazlewood <lh...@apache.org>.
The ShiroFilter config looks fine - I'm not sure why this wouldn't
work for you. Can you supply a mini sample test app that we can use
to test?
Also, for Vaadin apps, you'll probably want to add this to your filter
chain definitions:
/VAADIN/themes/** = anon
We found that certain web browsers do not send any cookies (i.e.
session id cookie) when requesting a favicon file. Because of this,
no identity is associated with the request and Shiro will reject the
favicon request (since everything else is /** = authc). This caused
errors in our Vaadin application. By adding the line above for themes
(which of course can include favicon files), those errors went away.
HTH,
Les
On Thu, Mar 14, 2013 at 2:47 AM, Petri Turunen
<pe...@flexinvesting.fi> wrote:
> Hi,
>
> And thanks for the fast reply.
> Here is the rest of the web.xml
>
> <!-- Vaadin servlet -->
> <context-param>
> <description>Vaadin production mode</description>
> <param-name>productionMode</param-name>
> <param-value>false</param-value>
> </context-param>
> <servlet>
> <servlet-name>MWebUI</servlet-name>
> <!--
> <servlet-class>com.vaadin.terminal.gwt.server.ApplicationServlet</servlet-class>
> -->
>
> <servlet-class>com.my.app.webui.SpringVaadinServlet</servlet-class>
> <init-param>
> <description>Vaadin application class to
> start</description>
> <param-name>application</param-name>
>
> <param-value>com.my.app.webui.MftwebuiApplication</param-value>
> </init-param>
> <init-param>
> <description>Application widgetset</description>
> <param-name>widgetset</param-name>
>
> <param-value>com.my.app.webui.widgetset.MftwebuiWidgetset</param-value>
> </init-param>
> </servlet>
> <servlet-mapping>
> <servlet-name>MWebUI</servlet-name>
> <url-pattern>/app/*</url-pattern>
> </servlet-mapping>
> <servlet-mapping>
> <servlet-name>MWebUI</servlet-name>
> <url-pattern>/VAADIN/*</url-pattern>
> </servlet-mapping>
>
> <welcome-file-list>
> <welcome-file>login.jsp</welcome-file>
> </welcome-file-list>
>
> This is in applicationContext.xml:
> <!-- Vaadin application (com.my.app.webui.MftwebuiApplication) -->
> <bean scope="session" class="com.my.app.webui.MftwebuiApplication"/>
>
>
> --
> Ystävällisin terveisin / Best Regards,
> Petri Turunen
> Flex Investing Oy
>
>
>
> Lainaus NabbleReallySucks <bi...@yahoo.com>:
>
>
>> First a comment.
>>
>> You do not need <context-param> in your web.xml because your config file
>> is
>> named applicationContext.xml and resides in the WEB-INF directory. That
>> happens to be the default naming convention that the ContextLoaderListener
>> automatically looks for. So adding the context-param is redundant.
>>
>> About your issue. In your mapping to URLs I notice the successUrl is the
>> only one not having a ".jsp" ending. So if you have just "/app" you better
>> or have to have a Controller method mapped to that URL. Which is a Spring
>> thing and has nothing to do with Shiro. Now, this might not be the
>> problem,
>> and it still might be something Shiro specific. But my odds are more
>> towards
>> not having a mapping for "/app"
>>
>> What if you set it to "/app.jsp"?
>>
>> Or show the @RequestMapping in your @Controller.
>>
>> Thanks
>>
>> Mark
>>
>>
>>
>> --
>> View this message in context:
>> http://shiro-user.582556.n2.nabble.com/shiro-not-redirecting-to-successUrl-tp7578381p7578382.html
>> Sent from the Shiro User mailing list archive at Nabble.com.
>
>
>
Re: shiro not redirecting to successUrl
Posted by Petri Turunen <pe...@flexinvesting.fi>.
Hi,
And thanks for the fast reply.
Here is the rest of the web.xml
<!-- Vaadin servlet -->
<context-param>
<description>Vaadin production mode</description>
<param-name>productionMode</param-name>
<param-value>false</param-value>
</context-param>
<servlet>
<servlet-name>MWebUI</servlet-name>
<!--
<servlet-class>com.vaadin.terminal.gwt.server.ApplicationServlet</servlet-class>
-->
<servlet-class>com.my.app.webui.SpringVaadinServlet</servlet-class>
<init-param>
<description>Vaadin application class to
start</description>
<param-name>application</param-name>
<param-value>com.my.app.webui.MftwebuiApplication</param-value>
</init-param>
<init-param>
<description>Application widgetset</description>
<param-name>widgetset</param-name>
<param-value>com.my.app.webui.widgetset.MftwebuiWidgetset</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>MWebUI</servlet-name>
<url-pattern>/app/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>MWebUI</servlet-name>
<url-pattern>/VAADIN/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>login.jsp</welcome-file>
</welcome-file-list>
This is in applicationContext.xml:
<!-- Vaadin application (com.my.app.webui.MftwebuiApplication) -->
<bean scope="session" class="com.my.app.webui.MftwebuiApplication"/>
--
Ystävällisin terveisin / Best Regards,
Petri Turunen
Flex Investing Oy
Lainaus NabbleReallySucks <bi...@yahoo.com>:
> First a comment.
>
> You do not need <context-param> in your web.xml because your config file is
> named applicationContext.xml and resides in the WEB-INF directory. That
> happens to be the default naming convention that the ContextLoaderListener
> automatically looks for. So adding the context-param is redundant.
>
> About your issue. In your mapping to URLs I notice the successUrl is the
> only one not having a ".jsp" ending. So if you have just "/app" you better
> or have to have a Controller method mapped to that URL. Which is a Spring
> thing and has nothing to do with Shiro. Now, this might not be the problem,
> and it still might be something Shiro specific. But my odds are more towards
> not having a mapping for "/app"
>
> What if you set it to "/app.jsp"?
>
> Or show the @RequestMapping in your @Controller.
>
> Thanks
>
> Mark
>
>
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/shiro-not-redirecting-to-successUrl-tp7578381p7578382.html
> Sent from the Shiro User mailing list archive at Nabble.com.
Re: shiro not redirecting to successUrl
Posted by NabbleReallySucks <bi...@yahoo.com>.
First a comment.
You do not need <context-param> in your web.xml because your config file is
named applicationContext.xml and resides in the WEB-INF directory. That
happens to be the default naming convention that the ContextLoaderListener
automatically looks for. So adding the context-param is redundant.
About your issue. In your mapping to URLs I notice the successUrl is the
only one not having a ".jsp" ending. So if you have just "/app" you better
or have to have a Controller method mapped to that URL. Which is a Spring
thing and has nothing to do with Shiro. Now, this might not be the problem,
and it still might be something Shiro specific. But my odds are more towards
not having a mapping for "/app"
What if you set it to "/app.jsp"?
Or show the @RequestMapping in your @Controller.
Thanks
Mark
--
View this message in context: http://shiro-user.582556.n2.nabble.com/shiro-not-redirecting-to-successUrl-tp7578381p7578382.html
Sent from the Shiro User mailing list archive at Nabble.com.