Authentication(Spring Security) object is null when URL is not mapped by PrettyFaces

StackOverflow https://stackoverflow.com/questions/16803995

Question

  1. I'm using JSF(Primefaces), Spring, Spring Security, MyBatis and PrettyFaces in my application.
  2. I've a URL not mapped by PrettyFaces.
  3. This url redirect to XHTML page. XHTML page is mapped with Spring Security and is associated a role of my application
  4. In XHTML page I invoke a Authentication object. This object store user logged in my application.
  5. When I enter to url ocurrs a exception because Authentication object is null
  6. But when I mapped url, Authentication object return value stored user.

What's happening?

This is log of my webapp:

40094 [http-8080-6] TRACE com.ocpsoft.pretty.PrettyContext  - Initialized PrettyContext
 40094 [http-8080-6] TRACE com.ocpsoft.pretty.PrettyContext  - Initialized PrettyContext
 40094 [http-8080-6] TRACE com.ocpsoft.pretty.PrettyFilter  - Request is not mapped using PrettyFaces. Continue.
 40094 [http-8080-6] TRACE com.ocpsoft.pretty.PrettyContext  - Initialized PrettyContext
 40094 [http-8080-6] TRACE com.ocpsoft.pretty.PrettyContext  - PrettyContext not found in Request - building new instance
 40094 [http-8080-6] DEBUG org.springframework.faces.support.RequestLoggingPhaseListener  - Entering JSF Phase: RESTORE_VIEW 1
 40141 [http-8080-6] TRACE com.ocpsoft.pretty.PrettyContext  - Retrieved PrettyContext from Request
 40141 [http-8080-6] TRACE com.ocpsoft.pretty.faces.beans.ParameterInjector  - Validating parameters.
 40141 [http-8080-6] TRACE com.ocpsoft.pretty.PrettyContext  - Retrieved PrettyContext from Request
 40141 [http-8080-6] TRACE com.ocpsoft.pretty.faces.beans.ParameterInjector  - Injecting parameters
 40141 [http-8080-6] TRACE com.ocpsoft.pretty.PrettyContext  - Retrieved PrettyContext from Request
 40141 [http-8080-6] TRACE com.ocpsoft.pretty.PrettyContext  - Retrieved PrettyContext from Request
 40141 [http-8080-6] INFO  com.indra.siguip.view.exceptions.SiguipExceptionHandler  - Entrando al manejador de Excepciones del JSF
 40141 [http-8080-6] TRACE com.ocpsoft.pretty.PrettyContext  - Retrieved PrettyContext from Request
 40141 [http-8080-6] DEBUG org.springframework.faces.support.RequestLoggingPhaseListener  - Entering JSF Phase: APPLY_REQUEST_VALUES 2
 40141 [http-8080-6] INFO  com.indra.siguip.view.exceptions.SiguipExceptionHandler  - Entrando al manejador de Excepciones del JSF
 40141 [http-8080-6] TRACE com.ocpsoft.pretty.PrettyContext  - Retrieved PrettyContext from Request
 40141 [http-8080-6] DEBUG org.springframework.faces.support.RequestLoggingPhaseListener  - Entering JSF Phase: PROCESS_VALIDATIONS 3
 40141 [http-8080-6] TRACE org.springframework.web.jsf.el.SpringBeanFacesELResolver  - Successfully resolved variable 'applicationConfig' in Spring BeanFactory
 40141 [http-8080-6] TRACE org.springframework.web.jsf.el.SpringBeanFacesELResolver  - Successfully resolved variable 'menuGeneratorService' in Spring BeanFactory
 28/05/2013 07:54:00 PM com.sun.faces.lifecycle.ProcessValidationsPhase execute
ADVERTENCIA: Se ha producido un error al realizar la inyección de recurso en el bean administrado menuController
com.sun.faces.mgbean.ManagedBeanCreationException: Se ha producido un error al realizar la inyección de recurso en el bean administrado menuController
    at com.sun.faces.mgbean.BeanBuilder.invokePostConstruct(BeanBuilder.java:229)

This is my configuration of Spring Securiy and PretyFaces

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>FORWARD</dispatcher>
  </filter-mapping>
  <filter>
    <filter-name>Pretty Filter</filter-name>
    <filter-class>com.ocpsoft.pretty.PrettyFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>Pretty Filter</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>ERROR</dispatcher>
  </filter-mapping>

PD: I've change topic to be more explicit

Was it helpful?

Solution

You have only configured your spring-security filter to handle FORWARD requests, it also needs to handle other types:

<filter>
  <filter-name>springSecurityFilterChain</filter-name>
  <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
  <filter-name>springSecurityFilterChain</filter-name>
  <url-pattern>/*</url-pattern>
  <dispatcher>FORWARD</dispatcher>
  <dispatcher>REQUEST</dispatcher>
  <dispatcher>INCLUDE</dispatcher>
  <dispatcher>ERROR</dispatcher>
</filter-mapping>

PrettyFaces does not FORWARD the request if it is not handled by the framework, therefore, the dispatch type remains REQUEST, and the Spring Security filter never executes.

OTHER TIPS

No, you definitively don't have to map every URL when using PrettyFaces. If an incoming request doesn't match any mapping, it's simply forwarded to the application and PrettyFaces doesn't do anything with it.

So your exception is caused by something else. If you post the full stacktrace with an not localized error message I could have a look at it.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top