I posted yesterday about problems I'm having with IE
against a webapp that uses Acegi.
I didn't think it had anything to do with Acegi
because my app works in several instances... It's just
this once case of IE against a Win2003 server that is
causing me problems.
However, I just thought on install the
acegi-security-sample war to see how it worked.
It's fine. The JSESSION get's appended to the URL and
never changes.. So the session continues to be
authenticated.
This is the problem with my app. My session get's
appended to the url, but changes everytime I change
web pages... It only happens in IE; but I think
that's because of my cookie settings.
Is there anything in the Acegi configuration related
to URL rewriting or session handling that might cause
this type of problem?
My acegi xml files are attached.
Any help would be greatly appreciated.
-greg
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
"http://www.springframework.org/dtd/spring-beans.dtd";>
<!-- = = = = = = = = = = = = = = = = = = = =
= SECURING AT THE HTTP REQUEST LEVEL =
= = = = = = = = = = = = = = = = = = = = -->
<beans>
<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName">
<value>oracle.jdbc.driver.OracleDriver</value>
</property>
<property name="url">
<value>jdbc:oracle:thin:@odb_tar1:1522:par1</value>
</property>
<property name="username">
<value>ehold</value>
</property>
<property name="password">
<value>test</value>
</property>
</bean>
<!-- ======================== FILTER CHAIN ======================= -->
<!-- if you wish to use channel security, add "channelProcessingFilter," in front
of "httpSessionContextIntegrationFilter" in the list below -->
<bean id="filterChainProxy" class="net.sf.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,securityEnforcementFilter
</value>
</property>
</bean>
<bean id="httpSessionContextIntegrationFilter" class="net.sf.acegisecurity.context.HttpSessionContextIntegrationFilter">
<property name="context"><value>net.sf.acegisecurity.context.security.SecureContextImpl</value></property>
</bean>
<!-- = = = = = = = SECURITY FILTERS = = = = = = = -->
<bean id="securityEnforcementFilter"
class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter">
<property name="filterSecurityInterceptor">
<ref bean="filterInvocationInterceptor"/>
</property>
<property name="authenticationEntryPoint">
<ref bean="authenticationEntryPoint"/>
</property>
</bean>
<bean id="baseAuthenticationProcessingFilter"
class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter"
lazy-init="true">
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="filterProcessesUrl">
<value>/j_acegi_security_check</value>
</property>
<property name="authenticationFailureUrl">
<value>/jsp/loginfailed.jsp</value>
</property>
<property name="defaultTargetUrl">
<value>/index.do</value>
</property>
</bean>
<bean id="baseAuthenticationEntryPoint" class=
"net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"
lazy-init="true">
<property name="loginFormUrl"><value>/acegilogin.jsp</value></property>
<property name="forceHttps"><value>false</value></property>
</bean>
<!-- = = = = = = = = SECURITY INTERCEPTOR = = = = = = = = -->
<bean id="baseFilterInvocationInterceptor"
class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor"
lazy-init="true">
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="accessDecisionManager">
<ref bean="accessDecisionManager"/>
</property>
</bean>
<!-- = = = = = = = = AUTHENTICATION = = = = = = = -->
<bean id="authenticationManager"
class="net.sf.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref bean="daoAuthenticationProvider"/>
</list>
</property>
</bean>
<bean id="daoAuthenticationProvider"
class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider">
<property name="authenticationDao"><ref bean="jdbcDaoImpl"/></property>
</bean>
<!-- = = = = = = = = ACCESS CONTROL = = = = = = = -->
<bean id="accessDecisionManager"
class="net.sf.acegisecurity.vote.UnanimousBased">
<property name="allowIfAllAbstainDecisions"><value>false</value></property>
<property name="decisionVoters">
<list>
<ref bean="roleVoter"/>
</list>
</property>
</bean>
<bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/>
<!-- = = = = = = = = CHANNEL SECURITY = = = = = = = -->
<bean id="baseChannelProcessingFilter"
class="net.sf.acegisecurity.securechannel.ChannelProcessingFilter"
lazy-init="true">
<property name="channelDecisionManager">
<ref bean="channelDecisionManager"/>
</property>
</bean>
<bean id="channelDecisionManager"
class="net.sf.acegisecurity.securechannel.ChannelDecisionManagerImpl">
<property name="channelProcessors">
<list>
<ref bean="secureChannelProcessor"/>
<ref bean="insecureChannelProcessor"/>
</list>
</property>
</bean>
<bean id="secureChannelProcessor"
class="net.sf.acegisecurity.securechannel.SecureChannelProcessor"/>
<bean id="insecureChannelProcessor"
class="net.sf.acegisecurity.securechannel.InsecureChannelProcessor"/>
</beans>
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
"http://www.springframework.org/dtd/spring-beans.dtd";>
<beans>
<bean id="authenticationProcessingFilter"
parent="baseAuthenticationProcessingFilter">
<property name="authenticationFailureUrl">
<value>/acegilogin.jsp</value>
</property>
</bean>
<bean id="authenticationEntryPoint"
parent="baseAuthenticationEntryPoint">
<property name="loginFormUrl"><value>/acegilogin.jsp</value></property>
</bean>
<bean id="filterInvocationInterceptor"
parent="baseFilterInvocationInterceptor">
<property name="objectDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/index.do=ROLE_QA <!-- Everyone -->
/reinspect.do=ROLE_QA <!-- Everyone -->
/getocr.do=ROLE_QA <!-- Everyone -->
/newhold.do=ROLE_QA <!-- Everyone -->
/confirm.do=ROLE_LEAD <!-- Release from Contain -->
</value>
</property>
</bean>
<bean id="jdbcDaoImpl" class="net.sf.acegisecurity.providers.dao.jdbc.JdbcDaoImpl">
<property name="dataSource"><ref bean="dataSource"/></property>
</bean>
</beans><?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE web-app
PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd";>
<web-app>
<display-name>eHold Application </display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<!-- <param-value>/WEB-INF/applicationContext-acegi-security.xml,/WEB-INF/applicationContext-common-authorization.xml,/WEB-INF/applicationContext-common-business.xml</param-value> -->
<param-value>/WEB-INF/applicationContext.xml,/WEB-INF/eHold_Acegi.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>action</servlet-name>
<servlet-class>org.apache.struts.action.ActionServlet</servlet-class>
<init-param>
<param-name>application</param-name>
<param-value>ApplicationResources</param-value>
</init-param>
<init-param>
<param-name>config</param-name>
<param-value>/WEB-INF/struts-config.xml</param-value>
</init-param>
<init-param>
<param-name>debug</param-name>
<param-value>3</param-value>
</init-param>
<init-param>
<param-name>detail</param-name>
<param-value>3</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- Action Servlet Mapping -->
<servlet-mapping>
<servlet-name>action</servlet-name>
<url-pattern>*.do</url-pattern>
</servlet-mapping>
<!-- The Welcome File List -->
<welcome-file-list>
<welcome-file>index.do</welcome-file>
</welcome-file-list>
<filter>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.util.FilterChainProxy</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<resource-ref>
<description>Oracle Datasource </description>
<res-ref-name>jdbc/LocalOracle</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
</web-app>
<!DOCTYPE struts-config PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 1.1//EN"
"http://jakarta.apache.org/struts/dtds/struts-config_1_1.dtd"; >
<struts-config>
<!-- Form Bean Definitions -->
<form-beans>
<form-bean name="AuditForm" type="com.amervideo.ehold.forms.AuditForm"/>
<form-bean name="HoldForm" type="com.amervideo.ehold.forms.HoldForm" />
<form-bean name="SearchForm" type="com.amervideo.ehold.forms.SearchForm" />
<form-bean name="ReinspectForm" type="com.amervideo.ehold.forms.ReinspectForm" />
<form-bean name="ConfirmForm" type="com.amervideo.ehold.forms.ConfirmForm" />
</form-beans>
<!-- Global Forwards -->
<global-forwards>
<forward name="sortError" path="/WEB-INF/jsp/error.jsp" />
<forward name="error" path="/WEB-INF/jsp/error.jsp" />
</global-forwards>
<!-- Action Mapping Definitions -->
<action-mappings>
<action path="/sortError" forward="/WEB-INF/jsp/error.jsp" />
<action
path="/sort"
type="fr.improve.struts.taglib.layout.sort.SortAction"
scope="request"
validate="false">
</action>
<action path="/index"
type="com.amervideo.ehold.actions.SearchAction"
name="SearchForm"
input="/WEB-INF/jsp/index.jsp"
scope="request"
validate="true">
<forward name="success"
path="/WEB-INF/jsp/index.jsp" />
</action>
<action path="/newarc"
type="com.amervideo.ehold.actions.AuditAction"
name="AuditForm"
input="/WEB-INF/jsp/newarc.jsp"
scope="request"
validate="true">
<forward name="success"
path="/WEB-INF/jsp/newarc.jsp" />
</action>
<action path="/getocr"
type="com.amervideo.ehold.actions.GetOcrAction"
name="AuditForm"
scope="request">
<forward name="success"
path="/WEB-INF/jsp/newarc.jsp" />
</action>
<action path="/newhold"
type="com.amervideo.ehold.actions.HoldAction"
name="HoldForm"
input="/WEB-INF/jsp/newhold.jsp"
scope="request"
validate="true">
<forward name="success"
path="/WEB-INF/jsp/newhold.jsp" />
</action>
<action path="/reinspect"
type="com.amervideo.ehold.actions.ReinspectAction"
name="ReinspectForm"
scope="request"
validate="true">
<forward name="success" path="/WEB-INF/jsp/reinspect.jsp"/>
</action>
<action path="/confirm"
type="com.amervideo.ehold.actions.ConfirmAction"
name="ConfirmForm"
scope="request"
validate="true">
<forward name="success" path="/WEB-INF/jsp/confirm.jsp"/>
</action>
</action-mappings>
<!-- message resources -->
<message-resources
parameter="ApplicationResources"
null="false" />
</struts-config>
