specify variable context path in spring security (3.0.x)
-
12-03-2021 - |
Question
We are developing "box" web-product, so I cannot foreseen the environment where application is deployed. This application uses spring-security. But it is appeared that if Tomcat placed application not at the root then following configuration fails:
<sec:http auto-config="true" >
....
<sec:form-login login-page="/ui/Login" />
Following recommendation: https://stackoverflow.com/a/6934712/149818 to use
#{servletContext.contextPath}
doesn't work. User instead of http://foo/myApp/ui/Login is redirected to http://foo/ui/Login
So my question is
- either how to get #{servletContext.contextPath} alive
- or how to force spring-security recognize actual contextPath
Solution
Great thanks to @Luke Taylor and @axtavt - my error is missing root '/' in the
<sec:http auto-config="true" use-expressions="true">
<sec:intercept-url pattern="/ui/Login"
access="IS_AUTHENTICATED_ANONYMOUSLY"/>
When '/' appears - #{servletContext.contextPath} starts work correctly.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow