Am 18.02.2011 10:56, schrieb Mircea Carasel:
On Fri, Feb 18, 2011 at 11:35 AM, David Becker <[email protected]
<mailto:[email protected]>> wrote:
Am 18.02.2011 01:29, schrieb Mircea Carasel:
Does sending the POST request to j_acegi_security_check maybe
cause it
to match the /.* pattern?
I was looking through the code you posted and something and I
found in your Login.html:
<form action="/sipxconfig/j_acegi_security_check" method="post">
When you make a POST here, IMO it will go to the following acegi
filter:
/.*=httpSessionContextIntegrationFilter,authenticationProcessingFilter,digestExceptionTranslationFilter
(in security.beans.xml, <bean id="filterChainProxy"
class="org.acegisecurity.util.FilterChainProxy">)
As George noticed, ,authenticationProcessingFilter will direct
you to the unwanted /Home.html
On the other hand I noticed that you created your own acegi
filtering entries:
/microsite/.*=httpSessionContextIntegrationFilter,micrositeAuthenticationProcessingFilter,digestExceptionTranslationFilter
If I highlight micrositeAuthenticationProcessingFilter, I see
that you are correctly defining your redirection when login fails:
<bean id="micrositeAuthenticationProcessingFilter"
class="org.sipfoundry.sipxconfig.security.SipxAuthenticationProcessingFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationFailureUrl"
value="/microsite/xhtml/Login.html?error=badCredentials" />
<property name="defaultTargetUrl"
value="/microsite/xhtml/Home.html" />
</bean>
Did you try to make a POST to /microsite ? that will redirect you
to xhtml/Home.html when authentication fails
something like: <form action="/microsite/j_acegi_security_check"
method="post">
Also you should put:
/microsite/.*=ROLE_LOCATION (didn't find this entry in your
security.beans.xml)
Hope this helps,
Mircea
_______________________________________________
sipx-dev mailing list
[email protected]
<mailto:[email protected]>
List Archive: http://list.sipfoundry.org/archive/sipx-dev/
Sorry, all that does is return a 404. Doesn't look like
j_acegi_security_check exists anywhere but /sipxconfig/
I think you should put something in web.xml that should address your
context path (microsite) There is there a context path:
/initial-config, that looks like that:
<servlet-mapping>
<servlet-name>sipXconfig-web</servlet-name>
<url-pattern>/initial-config/*</url-pattern>
</servlet-mapping>
you should put:
<servlet-mapping>
<servlet-name>sipXconfig-web</servlet-name>
<url-pattern>/microsite</url-pattern>
</servlet-mapping>
I don't know if this solves your problem, but at least you won't get a
404 I think :)
Mircea
That makes it show the regular SipXconfig login page when trying to
access the microsite which the phones cannot parse.
_______________________________________________
sipx-dev mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-dev/
