java - Why would a Spring login form not reveal any error information for a failed login? -

-

my spring mvc app not allowing logins , can't figure out why.

i've added logging login controller nothing being outputted there.

the login page seems automatically redirect error page without going through login controller.

any ideas how debug problem?

<http auto-config="false" access-decision-manager-ref="accessdecisionmanager" use-expressions="true">     <intercept-url pattern="/login/**" access="hasrole('role_anonymous')" requires-channel="${application.securechannel}" />     <intercept-url pattern="/error/**" access="hasrole('role_anonymous')" requires-channel="http" />     <intercept-url pattern="/register/**" access="hasrole('role_anonymous')" requires-channel="${application.securechannel}" />     <intercept-url pattern="/" access="hasrole('role_anonymous')" requires-channel="http" />     <intercept-url pattern="/**" access="hasrole('role_user')" requires-channel="http" />     <form-login login-page="/login" login-processing-url="/login/submit" authentication-failure-url="/login/error" />     <logout logout-url="/logout" /> </http>  <authentication-manager alias="authenticationmanager">     <authentication-provider user-service-ref="userdetailsservice">         <password-encoder hash="sha-256" base64="true">             <salt-source user-property="salt" />         </password-encoder>     </authentication-provider> </authentication-manager>  <beans:bean id="userdetailsservice" class="com.my.userdetailsserviceimpl"> </beans:bean>  <beans:bean id="passwordencoder" class="org.springframework.security.authentication.encoding.shapasswordencoder">     <beans:constructor-arg value="256" />     <beans:property name="encodehashasbase64" value="true" /> </beans:bean>  <beans:bean id="rolehierarchy" class="org.springframework.security.access.hierarchicalroles.rolehierarchyimpl">     <beans:property name="hierarchy">         <beans:value>             role_admin > role_user             role_user > role_anonymous         </beans:value>     </beans:property> </beans:bean>  <beans:bean id="accessdecisionmanager" class="org.springframework.security.access.vote.affirmativebased">     <beans:property name="decisionvoters">         <beans:list>             <beans:bean class="org.springframework.security.web.access.expression.webexpressionvoter">                 <beans:property name="expressionhandler">                     <beans:bean class="org.springframework.security.web.access.expression.defaultwebsecurityexpressionhandler">                         <beans:property name="rolehierarchy" ref="rolehierarchy" />                     </beans:bean>                 </beans:property>             </beans:bean>         </beans:list>     </beans:property> </beans:bean>

my spring mvc app not allowing logins , can't figure out why.

ensure have added following line in log4j.properties logging security related exception.

log4j.logger.org.springframework.security = debug

if haven't added, it, after should able see like(shown below) in log file.

authentication request failed: org.springframework.security.authentication.badcredentialsexception: bad credentials

in case want debug, put debug pointer in exceptiontranslationfilter.java in following method:

private void handleexception(httpservletrequest request, httpservletresponse response, filterchain chain,             runtimeexception exception) throws ioexception, servletexception {         if (exception instanceof authenticationexception) {             if (logger.isdebugenabled()) {                 logger.debug("authentication exception occurred; redirecting authentication entry point", exception);             }              sendstartauthentication(request, response, chain, (authenticationexception) exception);         }          ....     }

i've added logging login controller nothing being outputted there.

your logincontroller not invoked till successful authentication.


Comments

Post a Comment

Popular posts from this blog

c++ - Convert big endian to little endian when reading from a binary file -

-
this question has answer here: how convert between big-endian , little-endian values in c++? 28 answers i've been looking around how convert big-endian little-endians. didn't find solve problem. seem there's many way can conversion. anyway following code works ok in big-endian system. how should write conversion function work on little-endian system well? this homework, since systems @ school running big-endian system. it's got curious , wanted make work on home computer also #include <iostream> #include <fstream> using namespace std; int main() { ifstream file; file.open("file.bin", ios::in | ios::binary); if(!file) cerr << "not able read" << endl; else { cout << "opened" << endl; int i_var; double d_var; while(!file.eof()) {...
Read more

C#: Application without a window or taskbar item (background app) that can still use Console.WriteLine() -

-
i'm trying create application adheres following: no taskbar no console or form window can utilize console.writeline() . (i.e. if executes app command prompt write console.) the problem if create windows form (or wpf) application can have there no taskbar, console or window show up, console.writeline() nothing. if create console app, writes console, can't figure out how hide (and if did hide it, write command prompt window?)... how do this? just create standard console application. callers responsibility hide window caused program (from how run c# console application console hidden ): system.diagnostics.processstartinfo start = new system.diagnostics.processstartinfo(); start.filename = dir + @"\myprocesstostart.exe"; start.windowstyle = system.diagnostics.processwindowstyle.hidden;
Read more

unicode - Are email addresses allowed to contain non-alphanumeric characters? -

-
i'm building website using `django. website have significant users non-english speaking countries. i want know if there technical restrictions on types of characters email address contain. are email addresses allowed contain english alphabets, numbers, "_", "@" , "."? are allowed contain non-english alphabets "é" or "ü"? are allowed contain chinese or japanese or other unicode characters? email address consists of 2 parts local before @ , domain goes after. rules these parts different: for local part can use ascii: latin letters - z - z digits 0 - 9 special characters !#$%&'*+-/=?^_`{|}~ dot ., not first or last, , not in sequence space , "(),:;<>@[] characters allowed restrictions (they allowed inside quoted string, backslash or double-quote must preceded backslash) plus since 2012 can use international characters above u+007f , encoded as utf-8 . domain part more res...
Read more