Spring Security with GWT
634 views
Skip to first unread message
Sven
Jul 8, 2011, 5:27:19 PM7/8/11
to Google Web Toolkit
Hi people,
I am using GWT 2.3 and Spring Security 3. To explain my application
structure a little bit. My WebContent folder contains:
WebContent/
---------WEB-INF/
---------login.html
---------logout.html
---------secure/
-------------------index.html
Starting my application and trying to access http://127.0.0.1.:8888/secure/index.html
redirects me to http://127.0.0.1.:8888/login.html... That's the way it
should be. After entering my credentials I get taken to my secured
index.html. There I have a navigation bar containing a FormPanel which
fires a POST j_spring_security_logout.
My configuration says that in this case I should get taken to
http://127.0.0.1.:8888/logout.html.
The security log shows that the security chain is processing a
redirect to this page. But the strange behaviour I stay on the secured
index page in FF or IE.
Obviously something blocks the redirect or do I have a general
missunderstanding?
Here some parts of my security file:
<security:http auto-config="true">
<security:intercept-url pattern="/secure/index.html"
requires-channel="http" access="IS_AUTHENTICATED_FULLY" />
<security:form-login login-processing-url="/j_spring_security_check"
login-page="/login.html" default-target-url="/secure/index.html"
authentication-failure-url="/logout.html" />
<security:access-denied-handler
error-page="/login.html" />
<security:logout logout-success-url="/logout.html"/>
</security:http>
The log file after pressing logout button:
org.springframework.security.web.FilterChainProxy - Converted URL to
lowercase, from: '/j_spring_security_logout'; to: '/
j_spring_security_logout'
DEBUG 23:25:06,632 [btpool0-1]
org.springframework.security.web.FilterChainProxy - Candidate is: '/
j_spring_security_logout'; pattern is /**; matched=true
DEBUG 23:25:06,632 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /
j_spring_security_logout at position 1 of 11 in additional filter
chain; firing Filter: 'ChannelProcessingFilter'
DEBUG 23:25:06,632 [btpool0-1]
security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
- Converted URL to lowercase, from: '/j_spring_security_logout'; to: '/
j_spring_security_logout'
DEBUG 23:25:06,633 [btpool0-1]
security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
- Candidate is: '/j_spring_security_logout'; pattern is /secure/
index.html; matched=false
DEBUG 23:25:06,633 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /
j_spring_security_logout at position 2 of 11 in additional filter
chain; firing Filter: 'SecurityContextPersistenceFilter'
DEBUG 23:25:06,633 [btpool0-1]
springframework.security.web.context.HttpSessionSecurityContextRepository
- Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT:
'org.springframework.security.core.context.SecurityContextImpl@441d0230:
Authentication:
org.springframework.security.authentication.UsernamePasswordAuthenticationToken@441d0230:
Principal: org.springframework.security.core.userdetails.User@36ebcb:
Username: user; Password: [PROTECTED]; Enabled: true;
AccountNonExpired: true; credentialsNonExpired: true;
AccountNonLocked: true; Granted Authorities: ROLE_USER; Credentials:
[PROTECTED]; Authenticated: true; Details:
org.springframework.security.web.authentication.WebAuthenticationDetails@0:
RemoteIpAddress: 127.0.0.1; SessionId: 1mkhid3rhfysw; Granted
Authorities: ROLE_USER'
DEBUG 23:25:06,633 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /
j_spring_security_logout at position 3 of 11 in additional filter
chain; firing Filter: 'LogoutFilter'
DEBUG 23:25:06,633 [btpool0-1]
security.web.authentication.logout.LogoutFilter - Logging out user
'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@441d0230:
Principal: org.springframework.security.core.userdetails.User@36ebcb:
Username: user; Password: [PROTECTED]; Enabled: true;
AccountNonExpired: true; credentialsNonExpired: true;
AccountNonLocked: true; Granted Authorities: ROLE_USER; Credentials:
[PROTECTED]; Authenticated: true; Details:
org.springframework.security.web.authentication.WebAuthenticationDetails@0:
RemoteIpAddress: 127.0.0.1; SessionId: 1mkhid3rhfysw; Granted
Authorities: ROLE_USER' and transferring to logout destination
DEBUG 23:25:06,633 [btpool0-1]
security.web.authentication.logout.SimpleUrlLogoutSuccessHandler -
Using default Url: /logout.html
DEBUG 23:25:06,633 [btpool0-1]
org.springframework.security.web.DefaultRedirectStrategy - Redirecting
to '/logout.html'
DEBUG 23:25:06,633 [btpool0-1]
springframework.security.web.context.HttpSessionSecurityContextRepository
- SecurityContext is empty or anonymous - context will not be stored
in HttpSession.
DEBUG 23:25:06,633 [btpool0-1]
springframework.security.web.context.SecurityContextPersistenceFilter
- SecurityContextHolder now cleared, as request processing completed
DEBUG 23:25:06,634 [btpool0-1]
org.springframework.security.web.FilterChainProxy - Converted URL to
lowercase, from: '/logout.html'; to: '/logout.html'
DEBUG 23:25:06,634 [btpool0-1]
org.springframework.security.web.FilterChainProxy - Candidate is: '/
logout.html'; pattern is /**; matched=true
DEBUG 23:25:06,634 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 1 of 11 in additional filter chain; firing Filter:
'ChannelProcessingFilter'
DEBUG 23:25:06,634 [btpool0-1]
security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
- Converted URL to lowercase, from: '/logout.html'; to: '/logout.html'
DEBUG 23:25:06,634 [btpool0-1]
security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
- Candidate is: '/logout.html'; pattern is /secure/index.html;
matched=false
DEBUG 23:25:06,634 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 2 of 11 in additional filter chain; firing Filter:
'SecurityContextPersistenceFilter'
DEBUG 23:25:06,634 [btpool0-1]
springframework.security.web.context.HttpSessionSecurityContextRepository
- No HttpSession currently exists
DEBUG 23:25:06,634 [btpool0-1]
springframework.security.web.context.HttpSessionSecurityContextRepository
- No SecurityContext was available from the HttpSession: null. A new
one will be created.
DEBUG 23:25:06,634 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 3 of 11 in additional filter chain; firing Filter:
'LogoutFilter'
DEBUG 23:25:06,634 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 4 of 11 in additional filter chain; firing Filter:
'UsernamePasswordAuthenticationFilter'
DEBUG 23:25:06,634 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 5 of 11 in additional filter chain; firing Filter:
'BasicAuthenticationFilter'
DEBUG 23:25:06,635 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 6 of 11 in additional filter chain; firing Filter:
'RequestCacheAwareFilter'
DEBUG 23:25:06,635 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 7 of 11 in additional filter chain; firing Filter:
'SecurityContextHolderAwareRequestFilter'
DEBUG 23:25:06,635 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 8 of 11 in additional filter chain; firing Filter:
'AnonymousAuthenticationFilter'
DEBUG 23:25:06,635 [btpool0-1]
springframework.security.web.authentication.AnonymousAuthenticationFilter
- Populated SecurityContextHolder with anonymous token:
'org.springframework.security.authentication.AnonymousAuthenticationToken@9055e4a6:
Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated:
true; Details:
org.springframework.security.web.authentication.WebAuthenticationDetails@957e:
RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities:
ROLE_ANONYMOUS'
DEBUG 23:25:06,635 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 9 of 11 in additional filter chain; firing Filter:
'SessionManagementFilter'
DEBUG 23:25:06,635 [btpool0-1]
springframework.security.web.session.SessionManagementFilter -
Requested session IDeczk3f3upmyn is invalid.
DEBUG 23:25:06,635 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 10 of 11 in additional filter chain; firing Filter:
'ExceptionTranslationFilter'
DEBUG 23:25:06,635 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 11 of 11 in additional filter chain; firing Filter:
'FilterSecurityInterceptor'
DEBUG 23:25:06,635 [btpool0-1]
security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
- Converted URL to lowercase, from: '/logout.html'; to: '/logout.html'
DEBUG 23:25:06,635 [btpool0-1]
security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
- Candidate is: '/logout.html'; pattern is /secure/index.html;
matched=false
DEBUG 23:25:06,635 [btpool0-1]
security.web.access.intercept.FilterSecurityInterceptor - Public
object - authentication not attempted
DEBUG 23:25:06,635 [btpool0-1]
springframework.web.context.support.XmlWebApplicationContext -
Publishing event in Root WebApplicationContext:
org.springframework.security.access.event.PublicInvocationEvent[source=FilterInvocation:
URL: /logout.html]
DEBUG 23:25:06,635 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html
reached end of additional filter chain; proceeding with original chain
DEBUG 23:25:06,636 [btpool0-1]
springframework.security.web.access.ExceptionTranslationFilter - Chain
processed normally
DEBUG 23:25:06,636 [btpool0-1]
springframework.security.web.context.HttpSessionSecurityContextRepository
- SecurityContext is empty or anonymous - context will not be stored
in HttpSession.
DEBUG 23:25:06,636 [btpool0-1]
springframework.security.web.context.SecurityContextPersistenceFilter
- SecurityContextHolder now cleared, as request processing completed
In general my problem is why the browser stays in my application?
Shouldn't it get redirected to /logout.html?
Thanks for help :)
I am using GWT 2.3 and Spring Security 3. To explain my application
structure a little bit. My WebContent folder contains:
WebContent/
---------WEB-INF/
---------login.html
---------logout.html
---------secure/
-------------------index.html
Starting my application and trying to access http://127.0.0.1.:8888/secure/index.html
redirects me to http://127.0.0.1.:8888/login.html... That's the way it
should be. After entering my credentials I get taken to my secured
index.html. There I have a navigation bar containing a FormPanel which
fires a POST j_spring_security_logout.
My configuration says that in this case I should get taken to
http://127.0.0.1.:8888/logout.html.
The security log shows that the security chain is processing a
redirect to this page. But the strange behaviour I stay on the secured
index page in FF or IE.
Obviously something blocks the redirect or do I have a general
missunderstanding?
Here some parts of my security file:
<security:http auto-config="true">
<security:intercept-url pattern="/secure/index.html"
requires-channel="http" access="IS_AUTHENTICATED_FULLY" />
<security:form-login login-processing-url="/j_spring_security_check"
login-page="/login.html" default-target-url="/secure/index.html"
authentication-failure-url="/logout.html" />
<security:access-denied-handler
error-page="/login.html" />
<security:logout logout-success-url="/logout.html"/>
</security:http>
The log file after pressing logout button:
org.springframework.security.web.FilterChainProxy - Converted URL to
lowercase, from: '/j_spring_security_logout'; to: '/
j_spring_security_logout'
DEBUG 23:25:06,632 [btpool0-1]
org.springframework.security.web.FilterChainProxy - Candidate is: '/
j_spring_security_logout'; pattern is /**; matched=true
DEBUG 23:25:06,632 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /
j_spring_security_logout at position 1 of 11 in additional filter
chain; firing Filter: 'ChannelProcessingFilter'
DEBUG 23:25:06,632 [btpool0-1]
security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
- Converted URL to lowercase, from: '/j_spring_security_logout'; to: '/
j_spring_security_logout'
DEBUG 23:25:06,633 [btpool0-1]
security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
- Candidate is: '/j_spring_security_logout'; pattern is /secure/
index.html; matched=false
DEBUG 23:25:06,633 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /
j_spring_security_logout at position 2 of 11 in additional filter
chain; firing Filter: 'SecurityContextPersistenceFilter'
DEBUG 23:25:06,633 [btpool0-1]
springframework.security.web.context.HttpSessionSecurityContextRepository
- Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT:
'org.springframework.security.core.context.SecurityContextImpl@441d0230:
Authentication:
org.springframework.security.authentication.UsernamePasswordAuthenticationToken@441d0230:
Principal: org.springframework.security.core.userdetails.User@36ebcb:
Username: user; Password: [PROTECTED]; Enabled: true;
AccountNonExpired: true; credentialsNonExpired: true;
AccountNonLocked: true; Granted Authorities: ROLE_USER; Credentials:
[PROTECTED]; Authenticated: true; Details:
org.springframework.security.web.authentication.WebAuthenticationDetails@0:
RemoteIpAddress: 127.0.0.1; SessionId: 1mkhid3rhfysw; Granted
Authorities: ROLE_USER'
DEBUG 23:25:06,633 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /
j_spring_security_logout at position 3 of 11 in additional filter
chain; firing Filter: 'LogoutFilter'
DEBUG 23:25:06,633 [btpool0-1]
security.web.authentication.logout.LogoutFilter - Logging out user
'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@441d0230:
Principal: org.springframework.security.core.userdetails.User@36ebcb:
Username: user; Password: [PROTECTED]; Enabled: true;
AccountNonExpired: true; credentialsNonExpired: true;
AccountNonLocked: true; Granted Authorities: ROLE_USER; Credentials:
[PROTECTED]; Authenticated: true; Details:
org.springframework.security.web.authentication.WebAuthenticationDetails@0:
RemoteIpAddress: 127.0.0.1; SessionId: 1mkhid3rhfysw; Granted
Authorities: ROLE_USER' and transferring to logout destination
DEBUG 23:25:06,633 [btpool0-1]
security.web.authentication.logout.SimpleUrlLogoutSuccessHandler -
Using default Url: /logout.html
DEBUG 23:25:06,633 [btpool0-1]
org.springframework.security.web.DefaultRedirectStrategy - Redirecting
to '/logout.html'
DEBUG 23:25:06,633 [btpool0-1]
springframework.security.web.context.HttpSessionSecurityContextRepository
- SecurityContext is empty or anonymous - context will not be stored
in HttpSession.
DEBUG 23:25:06,633 [btpool0-1]
springframework.security.web.context.SecurityContextPersistenceFilter
- SecurityContextHolder now cleared, as request processing completed
DEBUG 23:25:06,634 [btpool0-1]
org.springframework.security.web.FilterChainProxy - Converted URL to
lowercase, from: '/logout.html'; to: '/logout.html'
DEBUG 23:25:06,634 [btpool0-1]
org.springframework.security.web.FilterChainProxy - Candidate is: '/
logout.html'; pattern is /**; matched=true
DEBUG 23:25:06,634 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 1 of 11 in additional filter chain; firing Filter:
'ChannelProcessingFilter'
DEBUG 23:25:06,634 [btpool0-1]
security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
- Converted URL to lowercase, from: '/logout.html'; to: '/logout.html'
DEBUG 23:25:06,634 [btpool0-1]
security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
- Candidate is: '/logout.html'; pattern is /secure/index.html;
matched=false
DEBUG 23:25:06,634 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 2 of 11 in additional filter chain; firing Filter:
'SecurityContextPersistenceFilter'
DEBUG 23:25:06,634 [btpool0-1]
springframework.security.web.context.HttpSessionSecurityContextRepository
- No HttpSession currently exists
DEBUG 23:25:06,634 [btpool0-1]
springframework.security.web.context.HttpSessionSecurityContextRepository
- No SecurityContext was available from the HttpSession: null. A new
one will be created.
DEBUG 23:25:06,634 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 3 of 11 in additional filter chain; firing Filter:
'LogoutFilter'
DEBUG 23:25:06,634 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 4 of 11 in additional filter chain; firing Filter:
'UsernamePasswordAuthenticationFilter'
DEBUG 23:25:06,634 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 5 of 11 in additional filter chain; firing Filter:
'BasicAuthenticationFilter'
DEBUG 23:25:06,635 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 6 of 11 in additional filter chain; firing Filter:
'RequestCacheAwareFilter'
DEBUG 23:25:06,635 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 7 of 11 in additional filter chain; firing Filter:
'SecurityContextHolderAwareRequestFilter'
DEBUG 23:25:06,635 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 8 of 11 in additional filter chain; firing Filter:
'AnonymousAuthenticationFilter'
DEBUG 23:25:06,635 [btpool0-1]
springframework.security.web.authentication.AnonymousAuthenticationFilter
- Populated SecurityContextHolder with anonymous token:
'org.springframework.security.authentication.AnonymousAuthenticationToken@9055e4a6:
Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated:
true; Details:
org.springframework.security.web.authentication.WebAuthenticationDetails@957e:
RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities:
ROLE_ANONYMOUS'
DEBUG 23:25:06,635 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 9 of 11 in additional filter chain; firing Filter:
'SessionManagementFilter'
DEBUG 23:25:06,635 [btpool0-1]
springframework.security.web.session.SessionManagementFilter -
Requested session IDeczk3f3upmyn is invalid.
DEBUG 23:25:06,635 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 10 of 11 in additional filter chain; firing Filter:
'ExceptionTranslationFilter'
DEBUG 23:25:06,635 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html at
position 11 of 11 in additional filter chain; firing Filter:
'FilterSecurityInterceptor'
DEBUG 23:25:06,635 [btpool0-1]
security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
- Converted URL to lowercase, from: '/logout.html'; to: '/logout.html'
DEBUG 23:25:06,635 [btpool0-1]
security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
- Candidate is: '/logout.html'; pattern is /secure/index.html;
matched=false
DEBUG 23:25:06,635 [btpool0-1]
security.web.access.intercept.FilterSecurityInterceptor - Public
object - authentication not attempted
DEBUG 23:25:06,635 [btpool0-1]
springframework.web.context.support.XmlWebApplicationContext -
Publishing event in Root WebApplicationContext:
org.springframework.security.access.event.PublicInvocationEvent[source=FilterInvocation:
URL: /logout.html]
DEBUG 23:25:06,635 [btpool0-1]
org.springframework.security.web.FilterChainProxy - /logout.html
reached end of additional filter chain; proceeding with original chain
DEBUG 23:25:06,636 [btpool0-1]
springframework.security.web.access.ExceptionTranslationFilter - Chain
processed normally
DEBUG 23:25:06,636 [btpool0-1]
springframework.security.web.context.HttpSessionSecurityContextRepository
- SecurityContext is empty or anonymous - context will not be stored
in HttpSession.
DEBUG 23:25:06,636 [btpool0-1]
springframework.security.web.context.SecurityContextPersistenceFilter
- SecurityContextHolder now cleared, as request processing completed
In general my problem is why the browser stays in my application?
Shouldn't it get redirected to /logout.html?
Thanks for help :)
kellizer
Jul 9, 2011, 3:43:42 PM7/9/11
to google-we...@googlegroups.com
I am using an anchor and a redirect to a logout url ; that is how I do it and it works & the below line from my security context..
Ian.
<logout invalidate-session="true" logout-success-url="/auth/login.jsp" logout-url="/logmeoutplease"/>
Regards,
Ian.
Kevin Jordan
Jul 10, 2011, 12:32:34 AM7/10/11
to Google Web Toolkit
This is because GWT uses an IFRAME to submit by default. There's no
reason it has to be a form to submit to your logout URL, so I'd just
do an anchor link as kellizer suggests or just do a
Window.Location.replace("/j_spring_security_logout") when your button
is pressed. That will redirect the whole application to your logout
URL.
On Jul 8, 4:27 pm, Sven <sven.reinhard...@googlemail.com> wrote:
> Hi people,
>
> I am using GWT 2.3 and Spring Security 3. To explain my application
> structure a little bit. My WebContent folder contains:
>
> WebContent/
> ---------WEB-INF/
> ---------login.html
> ---------logout.html
> ---------secure/
> -------------------index.html
>
> Starting my application and trying to accesshttp://127.0.0.1.:8888/secure/index.html
> redirects me tohttp://127.0.0.1.:8888/login.html... That's the way it
reason it has to be a form to submit to your logout URL, so I'd just
do an anchor link as kellizer suggests or just do a
Window.Location.replace("/j_spring_security_logout") when your button
is pressed. That will redirect the whole application to your logout
URL.
On Jul 8, 4:27 pm, Sven <sven.reinhard...@googlemail.com> wrote:
> Hi people,
>
> I am using GWT 2.3 and Spring Security 3. To explain my application
> structure a little bit. My WebContent folder contains:
>
> WebContent/
> ---------WEB-INF/
> ---------login.html
> ---------logout.html
> ---------secure/
> -------------------index.html
>
> Starting my application and trying to accesshttp://127.0.0.1.:8888/secure/index.html
> should be. After entering my credentials I get taken to my secured
> index.html. There I have a navigation bar containing a FormPanel which
> fires a POST j_spring_security_logout.
>
> My configuration says that in this case I should get taken tohttp://127.0.0.1.:8888/logout.html.
> index.html. There I have a navigation bar containing a FormPanel which
> fires a POST j_spring_security_logout.
>
Mattias
Aug 9, 2011, 8:38:37 AM8/9/11
to Google Web Toolkit
Hi,
last year I did some digging around on how to integrate GWT and Spring
Security - see if my write-up at http://technowobble.blogspot.com/2010/05/gwt-and-spring-security.html
and http://technowobble.blogspot.com/2010/07/gwt-and-open-id-using-spring-security.html
can help you find a good solution.
/Mattias
On Jul 10, 6:32 am, Kevin Jordan <ke...@kjordan.net> wrote:
> This is because GWT uses an IFRAME to submit by default. There's no
> reason it has to be a form to submit to your logout URL, so I'd just
> do an anchor link as kellizer suggests or just do a
> Window.Location.replace("/j_spring_security_logout") when your button
> is pressed. That will redirect the whole application to your logout
> URL.
>
> On Jul 8, 4:27 pm, Sven <sven.reinhard...@googlemail.com> wrote:
>
>
>
>
>
>
>
> > Hi people,
>
> > I am using GWT 2.3 and SpringSecurity3. To explain my application
last year I did some digging around on how to integrate GWT and Spring
Security - see if my write-up at http://technowobble.blogspot.com/2010/05/gwt-and-spring-security.html
and http://technowobble.blogspot.com/2010/07/gwt-and-open-id-using-spring-security.html
can help you find a good solution.
/Mattias
On Jul 10, 6:32 am, Kevin Jordan <ke...@kjordan.net> wrote:
> This is because GWT uses an IFRAME to submit by default. There's no
> reason it has to be a form to submit to your logout URL, so I'd just
> do an anchor link as kellizer suggests or just do a
> Window.Location.replace("/j_spring_security_logout") when your button
> is pressed. That will redirect the whole application to your logout
> URL.
>
> On Jul 8, 4:27 pm, Sven <sven.reinhard...@googlemail.com> wrote:
>
>
>
>
>
>
>
> > Hi people,
>
> > structure a little bit. My WebContent folder contains:
>
> > WebContent/
> > ---------WEB-INF/
> > ---------login.html
> > ---------logout.html
> > ---------secure/
> > -------------------index.html
>
> > Starting my application and trying to accesshttp://127.0.0.1.:8888/secure/index.html
> > redirects me tohttp://127.0.0.1.:8888/login.html... That's the way it
> > should be. After entering my credentials I get taken to my secured
> > index.html. There I have a navigation bar containing a FormPanel which
> > fires a POST j_spring_security_logout.
>
> > My configuration says that in this case I should get taken tohttp://127.0.0.1.:8888/logout.html.
> > Thesecuritylog shows that thesecuritychain is processing a
>
> > WebContent/
> > ---------WEB-INF/
> > ---------login.html
> > ---------logout.html
> > ---------secure/
> > -------------------index.html
>
> > Starting my application and trying to accesshttp://127.0.0.1.:8888/secure/index.html
> > redirects me tohttp://127.0.0.1.:8888/login.html... That's the way it
> > should be. After entering my credentials I get taken to my secured
> > index.html. There I have a navigation bar containing a FormPanel which
> > fires a POST j_spring_security_logout.
>
> > My configuration says that in this case I should get taken tohttp://127.0.0.1.:8888/logout.html.
Navindian
Aug 13, 2011, 7:29:58 AM8/13/11
to google-we...@googlegroups.com
any sample of gwt 2.3+spring security 3+captcha.
--
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To post to this group, send email to google-we...@googlegroups.com.
To unsubscribe from this group, send email to google-web-tool...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
Reply all
Reply to author
Forward
0 new messages