localhost redirected it too often

Asked

Viewed 256 times

2

Good afternoon, I am trying to direct a system user to an error page in case something goes wrong with the session or if the user is denied access to a particular page etc...

I’m using Spring Security for this.

in my applicationContext.xml class

<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
           http://www.springframework.org/schema/security
           http://www.springframework.org/schema/security/spring-security-3.1.xsd">

    <beans:bean id="appUserDetailsService" class="security.AppUserDetailsService" />

    <beans:bean id="exceptionTranslationFilter" class="org.springframework.security.web.access.ExceptionTranslationFilter">
        <beans:property name="accessDeniedHandler" ref="jsfAccessDeniedHandler"/>
        <beans:property name="authenticationEntryPoint" ref="authenticationEntryPoint"/>
    </beans:bean>

    <beans:bean id="jsfAccessDeniedHandler" class="security.JsfAccessDeniedHandler">
        <beans:property name="loginPath" value="/AcessoNegado.xhtml" />
        <beans:property name="contextRelative" value="true" />
    </beans:bean>

    <beans:bean id="authenticationEntryPoint" class="security.JsfLoginUrlAuthenticationEntryPoint">
        <beans:property name="loginFormUrl" value="/Login.xhtml"/>
        <beans:property name="redirectStrategy" ref="jsfRedirectStrategy" />
    </beans:bean>

    <beans:bean id="jsfRedirectStrategy" class="security.JsfRedirectStrategy"/>

    <http pattern="/Login.xhtml" security="none"/>
    <http pattern="/Erro.xhtml" security="none"/>
    <http pattern="/javax.faces.resource/**" security="none" />

    <http auto-config="false" use-expressions="true">
        <custom-filter ref="exceptionTranslationFilter" before="FILTER_SECURITY_INTERCEPTOR"/>

        <intercept-url pattern="/Home.xhtml" access="isAuthenticated()" />
        <intercept-url pattern="/marca/**" access="hasAnyRole('ADMINISTRADORES')" />
        <intercept-url pattern="/agenda/**" access="hasAnyRole('ADMINISTRADORES')" />
        <intercept-url pattern="/cliente/**" access="hasAnyRole('PADRAO','ADMINISTRADORES')" />
        <intercept-url pattern="/usuario/**" access="hasAnyRole('ADMINISTRADORES')" />
        <intercept-url pattern="/**" access="denyAll" />

        <form-login login-page="/Login.xhtml" authentication-failure-url="/Login.xhtml?invalid=true" default-target-url="/" always-use-default-target="true"/>

        <logout logout-url="/j_spring_security_logout" invalidate-session="true" />

    </http>

    <authentication-manager>
        <authentication-provider user-service-ref="appUserDetailsService">
            <!-- <password-encoder hash="md5"/> -->
        </authentication-provider>
    </authentication-manager>

And I used as a model these 3 classes presented in the course of algaworks.

https://github.com/algaworks/curso-javaee-primefaces/blob/master/ResolvendoProblemaRequisicaoAjax/src/main/java/com/algaworks/pedidovenda/security/JsfAccessDeniedHandler.java

https://github.com/algaworks/curso-javaee-primefaces/blob/master/ResolvendoProblemaRequisicaoAjax/src/main/java/com/algaworks/pedidovenda/security/JsfLoginUrlAuthenticationEntryPoint.java

https://github.com/algaworks/curso-javaee-primefaces/blob/master/ResolvendoProblemaRequisicaoAjax/src/main/java/com/algaworks/pedidovenda/security/JsfRedirectStrategy.java

Apparently the user is yes directed to the error page I created as shown in the url, but this page does not open.

inserir a descrição da imagem aqui

Note: this is the first time I use Spring, some idea of how to solve?

att;

Edd: Checking the Chrome island I realized the following situations. when I should be directed to the error page /Accessonegado.xhtml there are several requests and between one of them there is a fault:

inserir a descrição da imagem aqui

inserir a descrição da imagem aqui

No answers

Browser other questions tagged

You are not signed in. Login or sign up in order to post.