Clever Geek Handbook

Spring Authentication - localhost vs other IP

I am using Spring Security in my application, but I have a couple of problems to authenticate correctly.

If I run the application on the localhost domain, the user is authenticated. If I run my internal IP, the user is not authenticated. The login process is done using ajax requests.

This is the core of Spring Security configuration

<http entry-point-ref="loginEntryPoint" disable-url-rewriting="true" use-expressions="true" create-session="always">
    <intercept-url pattern="/" access="permitAll" />
    <intercept-url pattern="/login.do" access="permitAll" />
    <intercept-url pattern="/accessDenied.do" access="permitAll" />
    <intercept-url pattern="/app/**" access="permitAll" />
    <intercept-url pattern="/signup/createuser" access="permitAll" />
    <intercept-url pattern="/**" access="authenticated" />
    <access-denied-handler error-page="/accessDenied.do" />
    <custom-filter position="FORM_LOGIN_FILTER" ref="authenticationFilter"/>
     <logout logout-url="/logout"
            logout-success-url="/login/form?logout"/>
</http>

  <bean:bean id="loginEntryPoint"
        class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
   <beans:property name="loginFormUrl" value="/login.do" />
</bean:bean>

  <beans:bean id="authenticationFilter" class="com.myapp.webapp.filter.CustomUsernamePasswordAuthenticationFilter">
    <beans:property name="authenticationManager" ref="authenticationManager"/>
    <beans:property name="postOnly" value="false"/>
    <beans:property name="authenticationSuccessHandler" ref="loginSuccessHandler"/>
    <beans:property name="authenticationFailureHandler" ref="loginFailureHandler"/>
  </beans:bean>

<beans:bean id="loginSuccessHandler"
    class="com.myapp.webapp.security.authentication.LoginSuccessHandler" />
<beans:bean id="loginFailureHandler"
    class="com.myapp.webapp.security.authentication.LoginFailureHandler" />

<authentication-manager alias="authenticationManager">
    <authentication-provider ref="customUserAuthenticationProvider" />
</authentication-manager>

What is the difference between you running the application on the local host and the IP of the internal network?

+1


source to share


1 answer


Could it be related to a cross domain issue?

check here Error processing jQuery request for cross domain ajax



what is your browser console (firebug) telling you ??

0


source






More articles:


All Articles