1

I'm using Spring Security in my application but I am having several problems to authenticate correctly.

If I run application at localhost domain, the user is authenticated. If I run on my internal IP address, the user is not authenticated. The login process is with ajax requests.

This is the core of my spring security config

<http entry-point-ref="loginEntryPoint" disable-url-rewriting="true" use-expressions="true" create-session="always">
    <intercept-url pattern="/" access="permitAll" />
    <intercept-url pattern="/login.do" access="permitAll" />
    <intercept-url pattern="/accessDenied.do" access="permitAll" />
    <intercept-url pattern="/app/**" access="permitAll" />
    <intercept-url pattern="/signup/createuser" access="permitAll" />
    <intercept-url pattern="/**" access="authenticated" />
    <access-denied-handler error-page="/accessDenied.do" />
    <custom-filter position="FORM_LOGIN_FILTER" ref="authenticationFilter"/>
     <logout logout-url="/logout"
            logout-success-url="/login/form?logout"/>
</http>

  <bean:bean id="loginEntryPoint"
        class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
   <beans:property name="loginFormUrl" value="/login.do" />
</bean:bean>

  <beans:bean id="authenticationFilter" class="com.myapp.webapp.filter.CustomUsernamePasswordAuthenticationFilter">
    <beans:property name="authenticationManager" ref="authenticationManager"/>
    <beans:property name="postOnly" value="false"/>
    <beans:property name="authenticationSuccessHandler" ref="loginSuccessHandler"/>
    <beans:property name="authenticationFailureHandler" ref="loginFailureHandler"/>
  </beans:bean>

<beans:bean id="loginSuccessHandler"
    class="com.myapp.webapp.security.authentication.LoginSuccessHandler" />
<beans:bean id="loginFailureHandler"
    class="com.myapp.webapp.security.authentication.LoginFailureHandler" />

<authentication-manager alias="authenticationManager">
    <authentication-provider ref="customUserAuthenticationProvider" />
</authentication-manager>

What are the differences you run the application on localhost and the internal network IP?

Vítor Nóbrega
  • 1,219
  • 4
  • 26
  • 53

1 Answers1

0

Could be related with a cross domain issue?

check here Error handling cross domain jquery ajax call

what is telling you your browser console(firebug)??

Community
  • 1
  • 1
paul
  • 12,873
  • 23
  • 91
  • 153