Re: SecuritySymbols.UNAUTHORIZED_URL isn't working in 0.6.1

Sun, 19 Oct 2014 22:37:11 -0700 

Awesome, I got it. I had

<filter-mapping>
        <filter-name>app</filter-name>
        <url-pattern>/*</url-pattern>
        <dispatcher>REQUEST</
dispatcher>
        <dispatcher>ERROR</dispatcher>
</filter-mapping>

but was missing

<error-page>
        <error-code>401</error-code>
        <location>/error/unauthorized</location>
</error-page>


On Sun, Oct 19, 2014 at 10:59 PM, Kalle Korhonen <kalle.o.korho...@gmail.com
> wrote:

> By the spec, application filters don't handle error requests by default
> (Jetty, at least the old versions, didn't conform). You need to have:
>
>     <filter-mapping>
>         <filter-name>app</filter-name>
>         <url-pattern>/*</url-pattern>
>         <dispatcher>REQUEST</dispatcher>
>         <dispatcher>ERROR</dispatcher>
>     </filter-mapping>
>
> as noted in http://tapestry.apache.org/error-page-recipe.html. I suspect
> you don't.
>
> Kalle
>
>
> On Sun, Oct 19, 2014 at 7:30 PM, George Christman <gchrist...@cardaddy.com
> >
> wrote:
>
> > Hi,
> >
> > I have the following configuration
> >
> > configuration.add(SecuritySymbols.LOGIN_URL, "/signin");
> >         configuration.add(SecuritySymbols.UNAUTHORIZED_URL,
> > "/error/unauthorized");
> >         configuration.add(SecuritySymbols.SUCCESS_URL, "/account");
> >         configuration.add(SecuritySymbols.REDIRECT_TO_SAVED_URL, "true");
> >
> >     public static void
> > contributeSecurityConfiguration(Configuration<SecurityFilterChain>
> > configuration,
> >             SecurityFilterChainFactory factory) {
> >         // /authc/** rule covers /authc , /authc?q=name /authc#anchor
> urls
> > as well
> >
> >
> >
> configuration.add(factory.createChain("/account").add(factory.authc()).build());
> >
> >
> >
> configuration.add(factory.createChain("/account/user/**").add(factory.user()).build());
> >
> >
> >
> configuration.add(factory.createChain("/account/dealer/**").add(factory.roles(),
> > "dealer").build());
> >
> >
> >
> configuration.add(factory.createChain("/account/admin/**").add(factory.roles(),
> > "admin").build());
> >
> >
> >
> configuration.add(factory.createChain("/sell/uploadphotos/**").add(factory.authc()).build());
> >     }
> >
> > Unauthorized Page
> >
> > pages.error
> >
> > public class Unauthorized.class {
> > }
> >
> > /error/unauthorized.tml
> >
> > When ever a user attempts to access a page with an without the correct
> > role, rather than redirect them to the Unauthorized page, they get the
> > following error.
> >
> > HTTP Status 401 -
> > ------------------------------
> >
> > *type* Status report
> >
> > *message*
> >
> > *description* *This request requires HTTP authentication.*
> > ------------------------------
> > Apache Tomcat/7.0.47
> >
> >
> > Anybody know why this isn't working?
> >
>



-- 
George Christman
www.CarDaddy.com
P.O. Box 735
Johnstown, New York

Reply via email to