Bonjour,
Je me permet de reposter ici un message resté sans réponse dans le forum JSF... J'espère que quelqu'un saura m'aider?
J'ai un soucis un peu bizarre avec le time-out dans mon application :
Quand une session se termine, et que l'utilisateur clique sur un lien, il est redirigé correctement sur la page de login. Par contre, une fois qu'il veut se reconnecter, paf, on obtient le crash suivant :
Je ne comprend pas à quoi c'est du, ni comment corriger ce soucis. Peut-être est-ce quelque chose que j'aurais mal configuré dans spring security? Voici ma config à tout hasard :
Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78 javax.servlet.ServletException javax.faces.webapp.FacesServlet.service(FacesServlet.java:256) org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:206) org.ajax4jsf.webapp.BaseFilter.handleRequest(BaseFilter.java:290) org.ajax4jsf.webapp.BaseFilter.processUploadsAndHandleRequest(BaseFilter.java:388) org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:515) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:378) org.springframework.security.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109) org.springframework.security.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.ui.SessionFixationProtectionFilter.doFilterHttp(SessionFixationProtectionFilter.java:67) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.ui.ExceptionTranslationFilter.doFilterHttp(ExceptionTranslationFilter.java:101) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.ui.rememberme.RememberMeProcessingFilter.doFilterHttp(RememberMeProcessingFilter.java:116) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter.doFilterHttp(SecurityContextHolderAwareRequestFilter.java:91) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.ui.basicauth.BasicProcessingFilter.doFilterHttp(BasicProcessingFilter.java:174) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:277) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.ui.logout.LogoutFilter.doFilterHttp(LogoutFilter.java:89) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:175) org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:236) org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167) cause mère java.lang.NullPointerException com.sun.faces.lifecycle.RestoreViewPhase.execute(RestoreViewPhase.java:191) com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:266) com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:132) javax.faces.webapp.FacesServlet.service(FacesServlet.java:244) org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:206) org.ajax4jsf.webapp.BaseFilter.handleRequest(BaseFilter.java:290) org.ajax4jsf.webapp.BaseFilter.processUploadsAndHandleRequest(BaseFilter.java:388) org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:515) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:378) org.springframework.security.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109) org.springframework.security.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.ui.SessionFixationProtectionFilter.doFilterHttp(SessionFixationProtectionFilter.java:67) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.ui.ExceptionTranslationFilter.doFilterHttp(ExceptionTranslationFilter.java:101) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.ui.rememberme.RememberMeProcessingFilter.doFilterHttp(RememberMeProcessingFilter.java:116) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter.doFilterHttp(SecurityContextHolderAwareRequestFilter.java:91) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.ui.basicauth.BasicProcessingFilter.doFilterHttp(BasicProcessingFilter.java:174) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:277) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.ui.logout.LogoutFilter.doFilterHttp(LogoutFilter.java:89) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:175) org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:236) org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
Merci pour votre aide!
Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93 <?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd"> <http entry-point-ref="authenticationProcessingFilterEntryPoint"> <intercept-url pattern="/css/**" filters="none" /> <intercept-url pattern="/img/**" filters="none" /> <intercept-url pattern="/upload/**" filters="none" /> <intercept-url pattern="/js/**" filters="none" /> <intercept-url pattern="/a4j/**" filters="none" /> <intercept-url pattern="/log*" filters="none" /> <!-- Login / logout --> <intercept-url pattern="/j_spring*" access="IS_AUTHENTICATED_ANONYMOUSLY" /> <intercept-url pattern="/pages/admin/**" access="ROLE_DEVELOPER,ROLE_ADMINISTRATOR" /> <intercept-url pattern="/pages/site/**" access="ROLE_DEVELOPER,ROLE_ADMINISTRATOR" /> <intercept-url pattern="/pages/**" access="ROLE_DEVELOPER,ROLE_ADMINISTRATOR,ROLE_MANAGER" /> <intercept-url pattern="/**" access="ROLE_DEVELOPER" /> <anonymous /> <http-basic /> </http> <!-- Authentication : user our own UserDetailsService implementation --> <authentication-manager alias="authenticationManager" /> <!-- Allow other beans to point to authentication manager --> <authentication-provider user-service-ref="userDetailsService"> <password-encoder hash="sha"> <salt-source user-property="salt"/> </password-encoder> </authentication-provider> <beans:bean id="userDetailsService" class="mypackage.security.UserDetailsServiceImpl" autowire="byName"/> <beans:bean id="passwordEncoder" class="org.springframework.security.providers.encoding.ShaPasswordEncoder"/> <beans:bean id="authenticationProcessingFilterEntryPoint" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <beans:property name="loginFormUrl" value="/login.html" /> <beans:property name="forceHttps" value="false" /> </beans:bean> <!-- Custom authentication filter to allow doing some other business logic when a user logs in (via login form) --> <beans:bean id="authenticationFilter" class="mypackage.security.CustomAuthenticationProcessingFilter" autowire="byName"> <custom-filter position="AUTHENTICATION_PROCESSING_FILTER"/><!-- Override the default one --> <beans:property name="authenticationManager" ref="authenticationManager" /> <beans:property name="authenticationFailureUrl" value="/login.html?login_error=1" /> <beans:property name="defaultTargetUrl" value="/pages/home.html" /> <beans:property name="alwaysUseDefaultTargetUrl" value="true" /> <beans:property name="filterProcessesUrl" value="/j_spring_security_check" /> <beans:property name="continueChainBeforeSuccessfulAuthentication" value="false" /> <beans:property name="rememberMeServices" ref="rememberMeServices" /> </beans:bean> <!-- Custom RememberMeProcessing filter to allow doing other business logic when a user logs in (via cookie)--> <beans:bean id="rememberMeProcessingFilter" class="mypackage.security.CustomRememberMeProcessingFilter" autowire="byName"> <custom-filter position="REMEMBER_ME_FILTER" /> <!-- Override the default one --> <beans:property name="rememberMeServices" ref="rememberMeServices"/> <beans:property name="authenticationManager" ref="authenticationManager" /> </beans:bean> <beans:bean id="rememberMeServices" class="org.springframework.security.ui.rememberme.TokenBasedRememberMeServices"> <beans:property name="userDetailsService" ref="userDetailsService" /> <beans:property name="key" value="springRocks" /> </beans:bean> <beans:bean id="rememberMeAuthenticationProvider" class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider"> <!-- This ensures that remember-me is added as an authentication provider --> <custom-authentication-provider /> <beans:property name="key" value="springRocks"/> </beans:bean> <!-- Custom Logout filter to allow doing other business logic when a user logs out --> <beans:bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter" autowire="byName"> <custom-filter position="LOGOUT_FILTER" /> <!-- Override the default one --> <beans:constructor-arg value="/login.html" /> <!-- URL redirected to after logout --> <beans:constructor-arg> <beans:list> <beans:ref bean="rememberMeServices" /> <!-- I add a bean here to perform some custom tasks when the user logs out --> <beans:bean class="mypackage.security.CustomSecurityLogoutHandler"/> </beans:list> </beans:constructor-arg> </beans:bean> <beans:bean id="loggerListener" class="org.springframework.security.event.authentication.LoggerListener" /> </beans:beans>
Partager