>
>
> Does sending the POST request to j_acegi_security_check maybe cause it
> to match the /.* pattern?
>
I was looking through the code you posted and something and I found in your
Login.html:
<form action="/sipxconfig/j_acegi_security_check" method="post">
When you make a POST here, IMO it will go to the following acegi filter:
/.*=httpSessionContextIntegrationFilter,authenticationProcessingFilter,digestExceptionTranslationFilter
(in security.beans.xml, <bean id="filterChainProxy"
class="org.acegisecurity.util.FilterChainProxy">)
As George noticed, ,authenticationProcessingFilter will direct you to the
unwanted /Home.html
On the other hand I noticed that you created your own acegi filtering
entries:
/microsite/.*=httpSessionContextIntegrationFilter,micrositeAuthenticationProcessingFilter,digestExceptionTranslationFilter
If I highlight micrositeAuthenticationProcessingFilter, I see that you are
correctly defining your redirection when login fails:
<bean id="micrositeAuthenticationProcessingFilter"
class="org.sipfoundry.sipxconfig.security.SipxAuthenticationProcessingFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationFailureUrl"
value="/microsite/xhtml/Login.html?error=badCredentials" />
<property name="defaultTargetUrl" value="/microsite/xhtml/Home.html" />
</bean>
Did you try to make a POST to /microsite ? that will redirect you to
xhtml/Home.html when authentication fails
something like: <form action="/microsite/j_acegi_security_check"
method="post">
Also you should put:
/microsite/.*=ROLE_LOCATION (didn't find this entry in your
security.beans.xml)
Hope this helps,
Mircea
_______________________________________________
> sipx-dev mailing list
> [email protected]
> List Archive: http://list.sipfoundry.org/archive/sipx-dev/
>
_______________________________________________
sipx-dev mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-dev/
