It figures that after I sent the email I would find a way to fix it. :-) I saw that the url that was getting requested had the word 'unauthenticated <http://localhost:8080/etss/login/unauthenticated>' added to it, and the response, for some reason, was the first asset listed in the Layout. Re-reading some other threads on the subject, notably here:
http://markmail.org/message/y52ttlk63gcvirq2#query:+page:1+mid:vrzxrs4rpmqjx727+state:results ^^ that gave me the suggestion to remove a few instances of the @RequiresAuthentication annotations off some pages, and JUST use the modules' configuration: configuration.add(factory.createChain("/graphene/pub/**") .add(factory.anon()).build()); configuration.add(factory.createChain("/").add(factory.roles(), "user").build()); configuration.add(factory.createChain("/graphene/**").add(factory.authc()) .build()); configuration.add(factory.createChain("/assets/**").add(factory.anon()) .build()); configuration.add(factory.createChain("/core/**").add(factory.anon()) .build()); configuration.add(factory.createChain("/**").add(factory.authc()) .build()); Now it seems to work as it should. Crisis averted, until I add the federated login plugin. :-) On Tue, Jun 24, 2014 at 12:48 PM, Daniel Jue <teamp...@gmail.com> wrote: > Hi, I'm having trouble with the feature for redirecting to the previous > request after a successful form login. > > I've read the thread and poked around in the 5.1 and later source code for > the default Tynamo login component, and my login component is essentially > the same. It is mentioned that Tynamo now uses cookies to store the > savedRequest (for good reason), however the code for dealing with cookies > in the Tynamo LoginForm component is commented out. > > Here is my situation: > > I have a protected page called event viewer at > http://localhost:8080/graphene-enron-web/eventviewer > This page uses a layout component common to all authenticated pages, which > should be fine. > > (The login and registration pages use a separate layout component, for > unauthenticated access.) > > > After successful login, howerever, I am sent to this URL: > > > http://localhost:8080/graphene-enron-web/graphene/pub/core/js/plugin/pace/pace.min.js > > The "core/js/plugin/pace/pace.min.js" is one of the assets loaded by the > common Layout component. > > Actually, what I've found is that the request is taking whatever first > asset is used in the Layout. > Previously to this, it would try to redirect to my favicon.ico, which was > being included in the Layout's header! > > Do I need to somehow make my components or certain assets anonymously > available? > > > > Here are some relevant snippets: > > public static void contributeApplicationDefaults( > MappedConfiguration<String, String> configuration) { > configuration.add(SecuritySymbols.LOGIN_URL, "/graphene/pub/login"); > > configuration.add(SecuritySymbols.UNAUTHORIZED_URL, > "/graphene/infrastructure/pagedenied"); > configuration.add(SecuritySymbols.SUCCESS_URL, "/graphene/index"); > configuration.add(SecuritySymbols.REDIRECT_TO_SAVED_URL, "true"); > } > > @Contribute(WebSecurityManager.class) public static void > contributeWebSecurityManager( Configuration<Realm> configuration, Realm > grapheneSecurityRealm) { configuration.add(grapheneSecurityRealm); } > > @Contribute(HttpServletRequestFilter.class) > @Marker(Security.class) > public static void setupSecurity( > Configuration<SecurityFilterChain> configuration, > SecurityFilterChainFactory factory, > WebSecurityManager securityManager) { > > // Allow access to the login and registration pages > configuration.add(factory.createChain("/graphene/pub/**") > .add(factory.anon()).build()); > > configuration.add(factory.createChain("/assets/**").add(factory.anon()) > .build()); > configuration.add(factory.createChain("/**").add(factory.user()) > .build()); > > } > > > > From my login form, which is nearly identical to the Tynamo one: > > > public Object onActionFromGrapheneLoginForm() throws IOException { > > Subject currentUser = securityService.getSubject(); > > if (currentUser == null) { > logger.error("Subject can`t be null"); > // throw new IllegalStateException("Subject can`t be null"); > loginMessage = messages.get("AuthenticationError"); > return null; > } > if (grapheneLogin.contains("@")) { > grapheneLogin = grapheneLogin.split("@")[0]; > } > > /** > * We store the password entered into this token. It will later be > * compared to the hashed version using whatever hashing routine is set > * in the Realm. > */ > UsernamePasswordToken token = new UsernamePasswordToken(grapheneLogin, > graphenePassword); > token.setRememberMe(grapheneRememberMe); > > try { > currentUser.login(token); > } catch (UnknownAccountException e) { > loginMessage = messages.get("AccountDoesNotExists"); > return null; > } catch (IncorrectCredentialsException e) { > loginMessage = messages.get("WrongPassword"); > return null; > } catch (LockedAccountException e) { > loginMessage = messages.get("AccountLocked"); > return null; > } catch (AuthenticationException e) { > loginMessage = messages.get("AuthenticationError"); > return null; > } > try { > //creates the SSO associated with the user > authenticatorHelper.login(grapheneLogin, graphenePassword); > } catch (BusinessException e) { > loginMessage = messages.get("InternalAuthenticationError"); > e.printStackTrace(); > return null; > } > > SavedRequest savedRequest = WebUtils > .getAndClearSavedRequest(requestGlobals.getHTTPServletRequest()); > > if (savedRequest != null > && savedRequest.getMethod().equalsIgnoreCase("GET")) { > try { > response.sendRedirect(savedRequest.getRequestUrl()); > return null; > } catch (IOException e) { > logger.warn("Can't redirect to saved request."); > return loginContextService.getSuccessPage(); > } > } else if (redirectToSavedUrl) { > String requestUri = loginContextService.getSuccessPage(); > if (!requestUri.startsWith("/")) { > requestUri = "/" + requestUri; > } > loginContextService.redirectToSavedRequest(requestUri); > return null; > } > // Cookie[] cookies = > // requestGlobals.getHTTPServletRequest().getCookies(); > // if (cookies != null) for (Cookie cookie : cookies) if > // (WebUtils.SAVED_REQUEST_KEY.equals(cookie.getName())) { > // String requestUri = cookie.getValue(); > // WebUtils.issueRedirect(requestGlobals.getHTTPServletRequest(), > // requestGlobals.getHTTPServletResponse(), requestUri); > // return null; > // } > return loginContextService.getSuccessPage(); > } > > > > >