Thanks Jérôme !
I try your solution, but I think I miss one other configuration :) ! Here are my logs. As you can see, " SecurityContext is empty or anonymous" so it's not working. I don't really know what it means :) ! I'm looking for a solution so if you have one ;) ! Thanks for your help ! [hotlinemyfoncia] 2012-04-16 10:33:52,410 DEBUG [org.springframework.security.web.savedrequest.HttpSessionRequestCache] - <DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8090/hotline-myfoncia/delegation/5/]> [hotlinemyfoncia] 2012-04-16 10:33:52,410 DEBUG [org.springframework.security.web.access.ExceptionTranslationFilter] - <Calling Authentication entry point.> [hotlinemyfoncia] 2012-04-16 10:33:52,411 DEBUG [org.springframework.security.web.context.HttpSessionSecurityContextRepository] - <SecurityContext is empty or anonymous - context will not be stored in HttpSession. > [hotlinemyfoncia] 2012-04-16 10:33:52,411 DEBUG [org.springframework.security.web.context.SecurityContextPersistenceFilter] - <SecurityContextHolder now cleared, as request processing completed> [hotlinemyfoncia] 2012-04-16 10:34:00,248 DEBUG [org.springframework.security.web.FilterChainProxy] - <Converted URL to lowercase, from: '/j_spring_cas_security_check'; to: '/j_spring_cas_security_check'> [hotlinemyfoncia] 2012-04-16 10:34:00,249 DEBUG [org.springframework.security.web.FilterChainProxy] - <Candidate is: '/j_spring_cas_security_check'; pattern is /**; matched=true> [hotlinemyfoncia] 2012-04-16 10:34:00,249 DEBUG [org.springframework.security.web.FilterChainProxy] - </j_spring_cas_security_check?ticket=ST-1093-12jxLj4OsDZgYdgGie6T-cas at position 1 of 9 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'> [hotlinemyfoncia] 2012-04-16 10:34:00,249 DEBUG [org.springframework.security.web.context.HttpSessionSecurityContextRepository] - <No HttpSession currently exists> [hotlinemyfoncia] 2012-04-16 10:34:00,249 DEBUG [org.springframework.security.web.context.HttpSessionSecurityContextRepository] - <No SecurityContext was available from the HttpSession: null. A new one will be created.> [hotlinemyfoncia] 2012-04-16 10:34:00,249 DEBUG [org.springframework.security.web.FilterChainProxy] - </j_spring_cas_security_check?ticket=ST-1093-12jxLj4OsDZgYdgGie6T-cas at position 2 of 9 in additional filter chain; firing Filter: 'LogoutFilter'> [hotlinemyfoncia] 2012-04-16 10:34:00,249 DEBUG [org.springframework.security.web.FilterChainProxy] - </j_spring_cas_security_check?ticket=ST-1093-12jxLj4OsDZgYdgGie6T-cas at position 3 of 9 in additional filter chain; firing Filter: 'CasAuthenticationFilter'> [hotlinemyfoncia] 2012-04-16 10:34:00,249 DEBUG [org.springframework.security.cas.web.CasAuthenticationFilter] - <Request is to process authentication> [hotlinemyfoncia] 2012-04-16 10:34:00,252 DEBUG [org.springframework.security.authentication.ProviderManager] - <Authentication attempt using org.springframework.security.cas.authentication.CasAuthenticationProvider> [hotlinemyfoncia] 2012-04-16 10:34:00,266 INFO [com.foncia.hotlinemyfoncia.security.ApplicationUserDetailService] - <loadUserByUsername userId=>fr111034> [hotlinemyfoncia] 2012-04-16 10:34:01,215 DEBUG [org.springframework.security.cas.web.CasAuthenticationFilter] - <Authentication success. Updating SecurityContextHolder to contain: org.springframework.security.cas.authentication.CasAuthenticationToken@4229fbc1: Principal: com.foncia.hotlinemyfoncia.entity.HotlineUser@48a53aac: Username: fr111034; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_USER; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@1de6: RemoteIpAddress: 172.25.3.18; SessionId: null; Granted Authorities: ROLE_USER Assertion: org.jasig.cas.client.validation.AssertionImpl@1015bf6 Credentials (Service/Proxy Ticket): ST-1093-12jxLj4OsDZgYdgGie6T-cas> [hotlinemyfoncia] 2012-04-16 10:34:01,215 DEBUG [org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler] - <Using default Url: /> ----- Mail original ----- De: "jleleu" <[email protected]> À: [email protected] Envoyé: Vendredi 13 Avril 2012 17:32:48 Objet: Re:[cas-user] CAS + SpringSecurity + orginal url Hi Vincent, In your logs, I see (line 66) : [hotlinemyfoncia] 2012-04-13 16:48:09,071 DEBUG [org.springframework.security.web.savedrequest.HttpSessionRequestCache] - <DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8090/hotline-myfoncia/delegation/5/]> which means your incoming request is saved. And (line 81) : [hotlinemyfoncia] 2012-04-13 16:49:12,690 DEBUG [org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler] - <Using default Url: /> which means a default url is restored after authentication. The problem is that the SimpleUrlAuthenticationSuccessHandler(1) class doesn't used the saved request. You should use the SavedRequestAwareAuthenticationSuccessHandler(2) class instead to restore the saved request (to be defined in your casAuthenticationFilter bean). Best regards, Jérôme (1) https://github.com/SpringSource/spring-security/blob/master/web/src/main/java/org/springframework/security/web/authentication/SimpleUrlAuthenticationSuccessHandler.java and https://github.com/SpringSource/spring-security/blob/master/web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java (2) https://github.com/SpringSource/spring-security/blob/master/web/src/main/java/org/springframework/security/web/authentication/SavedRequestAwareAuthenticationSuccessHandler.java -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- Vincent POUPET - FONCIA Groupe - DPM/DSI Architecte Développements Tel : 01 55 52 54 70 Email : [email protected] Ce message et toutes les pièces jointes sont confidentiels et établis à l'intention exclusive de ses destinataires. Si vous n'êtes pas destinataire de ce message, merci de le détruire et d'en avertir immédiatement l'expéditeur. Toute utilisation ou diffusion non autorisée est interdite. Tout message électronique est susceptible d'altération, FONCIA décline toute responsabilité au titre de ce message s'il a été altéré, déformé ou falsifié. Avant d'imprimer ce mail, pensez à l'environnement. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
