java - Spring security really strange behaviour in IE -


i'm having weirdest problem have ever seen before.

the application working on uses spring security 3.1.3 provide authentication support. there custom login form have implemented custom authenticationmanager / successhandler , failurehandler.

for reason on internet explorer error message "please fill in mandatory fields". caused appending /login?error=1 end of url can accessed through following code (the redirectandadderror method):

public class tideusernamepasswordauthenticationfilter extends usernamepasswordauthenticationfilter {  public tideusernamepasswordauthenticationfilter() {     super(); }  @override public authentication attemptauthentication(httpservletrequest request, httpservletresponse response) {      string username = request.getparameter(spring_security_form_username_key);     string password = request.getparameter(spring_security_form_password_key);      if (stringutils.isblank(username) || stringutils.isblank(password)) {         redirectandadderror(response);         return null;     }      return super.attemptauthentication(request, response); }  private void redirectandadderror(httpservletresponse response) {     try {         response.sendredirect("/tide/login?error=1");     } catch (ioexception e) {         throw new authenticationserviceexception(e.getmessage(), e);     } }

so tried using fiddler2, web debugging proxy view if 1 of 2 parameters empty. strange thing when program running error not occur anymore , can log on successfully.

had had similar problem before? think it's not related code running tool "solves" problem.

this problem occurs in internet explorer makes more strange.

edit

i have used tool watch requests , happens in ie:

first post request sent uri /authenticate, have set myself this:

<beans:property name="filterprocessesurl" value="/authenticate"/>

the response of request has http status code 302, moved temporarily , returns new location @ /login?error=1 (my form mandatory fields required error).

after request occurs /login?error=1 status code 401: unauthorized. intercept-url set this:

 <intercept-url pattern="/login**" access="permitall"/>

the next request request /login?error=1 again, time status code showing: error_internet_connection_reset, looks problem.

in google chrome following request made:

post /authenticate, result 302: moved temporarily dashboard page (which display after logging on)

someone on team figured out problem after finding issue in chromium bugtracker:

https://code.google.com/p/chromium/issues/detail?id=62687

the problem has been resolved adding in our login controller

@requestmapping(value = "/login", method = requestmethod.post) public string dologin() throws servletexception, ioexception {     return "forward:/authenticate"; }

and changing url form posts to 1 instead of authentication url spring security provides (we redirecting manually now)


Comments

Post a Comment

Popular posts from this blog

php - cannot display multiple markers in google maps v3 from traceroute result -

i'm newbie in php mysql , google maps v3. have problems in google maps v3. made traceroute web based , map traceroute's result in google maps v3 final project of college education. have try many tutorials didn't work. have tried tutorials in forum nothing worked. problem cannot display multiple markers got location data database. maybe because i'm newbie , not know how do. confuse looping show markers. here code <?php error_reporting(e_all ^ (e_notice)); ini_set('max_execution_time', 360); $enable_log_user = false; global $ip, $host_name, $host_ip; $host = @$_post['host']; $trace = @$_post['trace']; $self = $_server['php_self']; include("phpsqlajax_dbinfo.php"); $connection = mysql_connect ('127.0.0.1', $username, $password); if (!$connection) { die('not connected : ' . mysql_error());} $db_selected = mysql_select_db($database, $connection); if (!$db_selected) { die ('can\'t use db : ...
Read more

c# - DetailsView in ASP.Net - How to add another column on the side/add a control in each row? -

i have detailsview control on page used edit various fields of record, works in respect. i looking way add 1 column (and if works, why not more) right, absolutely read-only, show same fields of record comparison purposes. i aware there no obvious way such thing out of box detailsview . have looked other controls (transposed gridview , recommended formview , listview ), nothing satisfies. have special data binding setup using detailsview , can't out of without losing features. anyone on how "hack in" additional columns (for display only) on detailsview ? the solution have now, use second detailsview , visible set false in aspx. in code, make sure databind hidden detailsview hosts data third column first, initial detailsview named itemdetails . and in item created event, pass third column html rendering of hidden controls (in last code block) : protected void itemdetails_itemcreated(object sender, eventargs e) { if (dataite...
Read more

javascript - firefox memory leak -

i have following script (i use raphaeljs also) draws circle, waits 1 second, draws circle again, etc (you can copy paste - functional, need include raphael raphaeljs.com): <div id="holder"> </div> <script src="raphael.js" type="text/javascript"></script> <script> var paper = raphael(10, 50, 320, 200); var rad = math.pi / 180; var finangle = 0; function sector(cx, cy, r, startangle, endangle, params) { var x1 = cx + r * math.cos(-startangle * rad), x2 = cx + r * math.cos(-endangle * rad), y1 = cy + r * math.sin(-startangle * rad), y2 = cy + r * math.sin(-endangle * rad); return ["m", cx, cy, "l", x1, y1, "a", r, r, 0, +(endangle - startangle > 180), 0, x2, y2]; } var path = sector(100,100,50,0,180); var arc = paper.path(path); function draw() { path = sector(100,100,50,0,finangle); ...
Read more