Hi, Ill try to get sample application done. Here is some log entries maybe these could give some clue to what is wrong.
TRACE 2013-03-22 17:17:39,971 [ajp-bio-8009-exec-6][] org.apache.shiro.web.filter.PathMatchingFilter - Attempting to match pattern '/login.jsp' with current requestURI '/login.jsp'... TRACE 2013-03-22 17:17:39,971 [ajp-bio-8009-exec-6][] org.apache.shiro.web.filter.authc.FormAuthenticationFilter - Login submission detected. Attempting to execute login. TRACE 2013-03-22 17:17:39,972 [ajp-bio-8009-exec-6][] org.apache.shiro.util.ThreadContext - get() - in thread [ajp-bio-8009-exec-6] TRACE 2013-03-22 17:17:39,972 [ajp-bio-8009-exec-6][] org.apache.shiro.util.ThreadContext - Retrieved value of type [org.apache.shiro.web.subject.support.WebDelegatingSubject] for key [org.apache.shiro.util.ThreadContext_SUBJECT_KEY] bound to thread [ajp-bio-8009-exec-6] TRACE 2013-03-22 17:17:39,972 [ajp-bio-8009-exec-6][] org.apache.shiro.subject.support.DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true TRACE 2013-03-22 17:17:39,972 [ajp-bio-8009-exec-6][] org.apache.shiro.authc.AbstractAuthenticator - Authentication attempt received for token [org.apache.shiro.authc.UsernamePasswordToken - admin, rememberMe=false (77.95.151.165)] DEBUG 2013-03-22 17:17:40,126 [ajp-bio-8009-exec-6][] org.apache.shiro.realm.AuthenticatingRealm - Looked up AuthenticationInfo [admin] from doGetAuthenticationInfo DEBUG 2013-03-22 17:17:40,126 [ajp-bio-8009-exec-6][] org.apache.shiro.realm.AuthenticatingRealm - AuthenticationInfo caching is disabled for info [admin]. Submitted token: [org.apache.shiro.authc.UsernamePasswordToken - admin, rememberMe=false (77.95.151.165)]. DEBUG 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][] org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - admin, rememberMe=false (77.95.151.165)]. Returned account [admin] DEBUG 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][] org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][] org.apache.shiro.util.ThreadContext - get() - in thread [ajp-bio-8009-exec-6] TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][] org.apache.shiro.util.ThreadContext - Retrieved value of type [org.apache.shiro.web.mgt.DefaultWebSecurityManager] for key [org.apache.shiro.util.ThreadContext_SECURITY_MANAGER_KEY] bound to thread [ajp-bio-8009-exec-6] TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][] org.apache.shiro.mgt.DefaultSecurityManager - Context already contains a SecurityManager instance. Returning. TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][] org.apache.shiro.subject.support.DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true DEBUG 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][] org.apache.shiro.mgt.DefaultSecurityManager - Context already contains a session. Returning. DEBUG 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][] org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][] org.apache.shiro.util.ThreadContext - get() - in thread [ajp-bio-8009-exec-6] TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][] org.apache.shiro.util.ThreadContext - Retrieved value of type [org.apache.shiro.web.mgt.DefaultWebSecurityManager] for key [org.apache.shiro.util.ThreadContext_SECURITY_MANAGER_KEY] bound to thread [ajp-bio-8009-exec-6] TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][] org.apache.shiro.subject.support.DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][] org.apache.shiro.subject.support.DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][] org.apache.shiro.subject.support.DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][] org.apache.shiro.subject.support.DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][] org.apache.shiro.subject.support.DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true TRACE 2013-03-22 17:17:40,541 [ajp-bio-8009-exec-6][] org.apache.shiro.web.servlet.SimpleCookie - calculated path: /cApp DEBUG 2013-03-22 17:17:40,542 [ajp-bio-8009-exec-6][] org.apache.shiro.web.servlet.SimpleCookie - Added HttpServletResponse Cookie [rememberMe=deleteMe; Path=/cApp; Max-Age=0; Expires=Thu, 21-Mar-2013 15:17:40 GMT] TRACE 2013-03-22 17:17:40,542 [ajp-bio-8009-exec-6][] org.apache.shiro.web.servlet.SimpleCookie - Removed 'rememberMe' cookie by setting maxAge=0 DEBUG 2013-03-22 17:17:40,542 [ajp-bio-8009-exec-6][] org.apache.shiro.mgt.AbstractRememberMeManager - AuthenticationToken did not indicate RememberMe is requested. RememberMe functionality will not be executed for corresponding account. -- Ystävällisin terveisin / Best Regards, Petri Turunen Flex Investing Oy Lainaus Les Hazlewood <[email protected]>:
The ShiroFilter config looks fine - I'm not sure why this wouldn't work for you. Can you supply a mini sample test app that we can use to test? Also, for Vaadin apps, you'll probably want to add this to your filter chain definitions: /VAADIN/themes/** = anon We found that certain web browsers do not send any cookies (i.e. session id cookie) when requesting a favicon file. Because of this, no identity is associated with the request and Shiro will reject the favicon request (since everything else is /** = authc). This caused errors in our Vaadin application. By adding the line above for themes (which of course can include favicon files), those errors went away. HTH, Les On Thu, Mar 14, 2013 at 2:47 AM, Petri Turunen <[email protected]> wrote:Hi, And thanks for the fast reply. Here is the rest of the web.xml <!-- Vaadin servlet --> <context-param> <description>Vaadin production mode</description> <param-name>productionMode</param-name> <param-value>false</param-value> </context-param> <servlet> <servlet-name>MWebUI</servlet-name> <!-- <servlet-class>com.vaadin.terminal.gwt.server.ApplicationServlet</servlet-class> --> <servlet-class>com.my.app.webui.SpringVaadinServlet</servlet-class> <init-param> <description>Vaadin application class to start</description> <param-name>application</param-name> <param-value>com.my.app.webui.MftwebuiApplication</param-value> </init-param> <init-param> <description>Application widgetset</description> <param-name>widgetset</param-name> <param-value>com.my.app.webui.widgetset.MftwebuiWidgetset</param-value> </init-param> </servlet> <servlet-mapping> <servlet-name>MWebUI</servlet-name> <url-pattern>/app/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>MWebUI</servlet-name> <url-pattern>/VAADIN/*</url-pattern> </servlet-mapping> <welcome-file-list> <welcome-file>login.jsp</welcome-file> </welcome-file-list> This is in applicationContext.xml: <!-- Vaadin application (com.my.app.webui.MftwebuiApplication) --> <bean scope="session" class="com.my.app.webui.MftwebuiApplication"/> -- Ystävällisin terveisin / Best Regards, Petri Turunen Flex Investing Oy Lainaus NabbleReallySucks <[email protected]>:First a comment. You do not need <context-param> in your web.xml because your config file is named applicationContext.xml and resides in the WEB-INF directory. That happens to be the default naming convention that the ContextLoaderListener automatically looks for. So adding the context-param is redundant. About your issue. In your mapping to URLs I notice the successUrl is the only one not having a ".jsp" ending. So if you have just "/app" you better or have to have a Controller method mapped to that URL. Which is a Spring thing and has nothing to do with Shiro. Now, this might not be the problem, and it still might be something Shiro specific. But my odds are more towards not having a mapping for "/app" What if you set it to "/app.jsp"? Or show the @RequestMapping in your @Controller. Thanks Mark -- View this message in context: http://shiro-user.582556.n2.nabble.com/shiro-not-redirecting-to-successUrl-tp7578381p7578382.html Sent from the Shiro User mailing list archive at Nabble.com.
