Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSO not working in IE 11 when I active form login #560

Open
gargomanjr opened this issue Oct 4, 2017 · 4 comments
Open

SSO not working in IE 11 when I active form login #560

gargomanjr opened this issue Oct 4, 2017 · 4 comments

Comments

@gargomanjr
Copy link

Hi,

I have a strange workaround. I'm using waffle-spring-security4 (1.8.3 version). The SSO works perfectly, but when I active form login (in spring security) IE 11 (11.0.9600.18762 version) SSO doesn't work.

I debugged and I found out that authorizationHeader (authorizationHeader.isNull() in NegotiateSecurityFilter) is always null I'm being redirect to login form because the authentication fail. I'm using spring security 4.2.1 and Spring Web 4.3.5.RELEASE.

I'm aware of https://github.com/Waffle/waffle/blob/master/Docs/ConfiguringBrowsers.md configuration and I followed all steps and I don't what is happening.

My WebSecurityConfig class

@Autowired
private NegotiateSecurityFilter negotiateSecurityFilter;

@Autowired
private NegotiateSecurityFilterEntryPoint entryPoint;

@Autowired
public WindowsAuthenticationProvider windowsAuthenticationProvider;

protected void configure(HttpSecurity http) throws Exception {

	http.csrf().disable();
	CustomLoginExceptionHandler failureHandler = new CustomLoginExceptionHandler();
    http.
    	authorizeRequests()
	        .antMatchers("/error.xhtml").permitAll()
	        .antMatchers("/invalid.xhtml").permitAll()
	        .antMatchers("/expired.xhtml").permitAll()
	        .antMatchers("/login*").anonymous()
	        .antMatchers("/j_spring_security_check").permitAll()
	        .anyRequest().fullyAuthenticated()
        .and()
			.httpBasic().authenticationEntryPoint(entryPoint)
		.and()
			.addFilterBefore(negotiateSecurityFilter, BasicAuthenticationFilter.class)
	    .authenticationProvider(windowsAuthenticationProvider)
	    		.formLogin();  // This line provoke SSO fail in IE

}

I'm using this dependency:

com.github.waffle
waffle-spring-security4
1.8.3

My WaffleConfig is:

@configuration
public class WaffleConfig {

@Bean
public WindowsAuthProviderImpl waffleWindowsAuthProvider() {
    return new WindowsAuthProviderImpl();
}

@Bean
public NegotiateSecurityFilterProvider negotiateSecurityFilterProvider(
		WindowsAuthProviderImpl windowsAuthProvider) {        
	return new NegotiateSecurityFilterProvider(windowsAuthProvider);
}

@Bean
public BasicSecurityFilterProvider basicSecurityFilterProvider(WindowsAuthProviderImpl windowsAuthProvider) {
    return new BasicSecurityFilterProvider(windowsAuthProvider);
}

@Bean
public SecurityFilterProviderCollection waffleSecurityFilterProviderCollection(
        NegotiateSecurityFilterProvider negotiateSecurityFilterProvider,
        BasicSecurityFilterProvider basicSecurityFilterProvider) {
    SecurityFilterProvider[] securityFilterProviders = {
            negotiateSecurityFilterProvider,
            basicSecurityFilterProvider };
    return new SecurityFilterProviderCollection(securityFilterProviders);
}

@Bean
public NegotiateSecurityFilterEntryPoint negotiateSecurityFilterEntryPoint(
        SecurityFilterProviderCollection securityFilterProviderCollection) {
    NegotiateSecurityFilterEntryPoint negotiateSecurityFilterEntryPoint = new NegotiateSecurityFilterEntryPoint();
    negotiateSecurityFilterEntryPoint.setProvider(securityFilterProviderCollection);
    return negotiateSecurityFilterEntryPoint;
}

@Bean
public NegotiateSecurityFilter waffleNegotiateSecurityFilter(SecurityFilterProviderCollection securityFilterProviderCollection) {
    NegotiateSecurityFilter negotiateSecurityFilter = new NegotiateSecurityFilter();
    negotiateSecurityFilter.setProvider(securityFilterProviderCollection);
    return negotiateSecurityFilter;
}

@Bean
public WindowsAuthenticationProvider windowsAuthenticationProvider(final WindowsAuthProviderImpl windowsAuthProvider) {
	WindowsAuthenticationProvider provider = new WindowsAuthenticationProvider();
    provider.setAllowGuestLogin(false);
    provider.setAuthProvider(windowsAuthProvider);
    return provider;
}

}

When I'm usign sso and form login I have this workaround (i don't have body request):

image
image
image

Without login form

image
image

Thanks in advance!
@gargomanjr
Copy link
Author

I checked the Security filter chain and the only diffence is that when I add the form login, UsernamePasswordAuthenticationFilter is incluided.

I debugged in IE and without form login. The difference is the attemp to login when there is no session created.

This trace is without login form:

08:33:46.678 [http-nio-8181-exec-7] INFO Spring Security Debugger -

Request received for GET '/index.jsp':

org.apache.catalina.connector.RequestFacade@27509242

servletPath:/index.jsp
pathInfo:null
headers:
accept: text/html, application/xhtml+xml, /
accept-language: es-ES,en;q=0.5
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate
host: localhost:8181
connection: Keep-Alive

Security filter chain: [
WebAsyncManagerIntegrationFilter
SecurityContextPersistenceFilter
HeaderWriterFilter
LogoutFilter
BasicAuthenticationFilter
NegotiateSecurityFilter
RequestCacheAwareFilter
SecurityContextHolderAwareRequestFilter
AnonymousAuthenticationFilter
SessionManagementFilter
ExceptionTranslationFilter
FilterSecurityInterceptor
]

08:33:46.683 [http-nio-8181-exec-7] INFO Spring Security Debugger -

New HTTP session created: 0F39FFAF12D2DCA0B353513EB06A9175

Call stack:

at org.springframework.security.web.debug.Logger.info(Logger.java:29)
at org.springframework.security.web.debug.DebugRequestWrapper.getSession(DebugFilter.java:151)
at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:240)
at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:240)
at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:240)
at org.springframework.security.web.savedrequest.HttpSessionRequestCache.saveRequest(HttpSessionRequestCache.java:42)
at org.springframework.security.web.access.ExceptionTranslationFilter.sendStartAuthentication(ExceptionTranslationFilter.java:201)
at org.springframework.security.web.access.ExceptionTranslationFilter.handleSpringSecurityException(ExceptionTranslationFilter.java:177)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:133)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:122)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:169)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:48)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at waffle.spring.NegotiateSecurityFilter.doFilter(NegotiateSecurityFilter.java:156)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:158)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:120)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:91)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:53)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:213)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176)
at org.springframework.security.web.debug.DebugFilter.invokeWithWrappedRequest(DebugFilter.java:75)
at org.springframework.security.web.debug.DebugFilter.doFilter(DebugFilter.java:62)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:474)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:624)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:349)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:783)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:798)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1434)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)

08:33:46.689 [http-nio-8181-exec-8] INFO Spring Security Debugger -

Request received for GET '/index.jsp':

org.apache.catalina.connector.RequestFacade@27509242

servletPath:/index.jsp
pathInfo:null
headers:
accept: text/html, application/xhtml+xml, /
accept-language: es-ES,en;q=0.5
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate
host: localhost:8181
connection: Keep-Alive
cookie: JSESSIONID=0F39FFAF12D2DCA0B353513EB06A9175
authorization: Negotiate YHoGBisGAQUFAqBwMG6gMDAuBgorBgEEAYI3AgIKBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKwYBBAGCNwICHqI6BDhOVExNU1NQAAEAAACXsgjiBgAGADIAAAAKAAoAKAAAAAYBsR0AAAAPSVRFTS04ODc4NEVNRUFBRA==

Security filter chain: [
WebAsyncManagerIntegrationFilter
SecurityContextPersistenceFilter
HeaderWriterFilter
LogoutFilter
BasicAuthenticationFilter
NegotiateSecurityFilter
RequestCacheAwareFilter
SecurityContextHolderAwareRequestFilter
AnonymousAuthenticationFilter
SessionManagementFilter
ExceptionTranslationFilter
FilterSecurityInterceptor
]

08:33:46.689 [http-nio-8181-exec-8] DEBUG waffle.servlet.spi.NegotiateSecurityFilterProvider - security package: Negotiate, connection id: 127.0.0.1:50532
08:33:46.689 [http-nio-8181-exec-8] DEBUG waffle.servlet.spi.NegotiateSecurityFilterProvider - token buffer: 124 byte(s)
08:33:46.693 [http-nio-8181-exec-8] DEBUG waffle.servlet.spi.NegotiateSecurityFilterProvider - continue token: oYIBETCCAQ2gAwoBAaEMBgorBgEEAYI3AgIKooH3BIH0TlRMTVNTUAACAAAADAAMADgAAAAVwoniBS7ttoZ3neOAWsMCAAAAALAAsABEAAAABgGxHQAAAA9FAE0ARQBBAEEARAACAAwARQBNAEUAQQBBAEQAAQAUAEkAVABFAE0ALQA4ADgANwA4ADQABAAeAGUAbQBlAGEALgBtAHMAYQBkAC4AcwBvAHAAcgBhAAMAOgBJAFQARQBNAC0AOAA4ADcAOAA0AC4AZABoAGMAcAAuAG0AYQBuAG8ALgBlAHMALgBzAG8AcAByAGEABQAUAG0AcwBhAGQALgBzAG8AcAByAGEABwAIAMPUuOWjPdMBAAAAAA==
08:33:46.694 [http-nio-8181-exec-8] DEBUG waffle.servlet.spi.NegotiateSecurityFilterProvider - continue required: true
08:33:46.699 [http-nio-8181-exec-9] INFO Spring Security Debugger -

Request received for GET '/index.jsp':

org.apache.catalina.connector.RequestFacade@27509242

servletPath:/index.jsp
pathInfo:null
headers:
accept: text/html, application/xhtml+xml, /
accept-language: es-ES,en;q=0.5
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate
host: localhost:8181
connection: Keep-Alive
authorization: Negotiate oXcwdaADCgEBoloEWE5UTE1TU1AAAwAAAAAAAABYAAAAAAAAAFgAAAAAAAAAWAAAAAAAAABYAAAAAAAAAFgAAAAAAAAAWAAAABXCiOIGAbEdAAAAD6jQbDC/M0Wo7FOI3/BH0EmjEgQQAQAAAAITQX/JslsGAAAAAA==
cookie: JSESSIONID=0F39FFAF12D2DCA0B353513EB06A9175

Security filter chain: [
WebAsyncManagerIntegrationFilter
SecurityContextPersistenceFilter
HeaderWriterFilter
LogoutFilter
BasicAuthenticationFilter
NegotiateSecurityFilter
RequestCacheAwareFilter
SecurityContextHolderAwareRequestFilter
AnonymousAuthenticationFilter
SessionManagementFilter
ExceptionTranslationFilter
FilterSecurityInterceptor
]

08:33:46.700 [http-nio-8181-exec-9] DEBUG waffle.servlet.spi.NegotiateSecurityFilterProvider - security package: Negotiate, connection id: 127.0.0.1:50532
08:33:46.700 [http-nio-8181-exec-9] DEBUG waffle.servlet.spi.NegotiateSecurityFilterProvider - token buffer: 121 byte(s)
08:33:46.701 [http-nio-8181-exec-9] DEBUG waffle.servlet.spi.NegotiateSecurityFilterProvider - continue token: oRswGaADCgEAoxIEEAEAAAA9IfgFTuW18wAAAAA=
08:33:46.701 [http-nio-8181-exec-9] DEBUG waffle.servlet.spi.NegotiateSecurityFilterProvider - continue required: false

# ## With login form:
08:37:40.147 [http-nio-8181-exec-2] INFO Spring Security Debugger -

Request received for GET '/index.jsp':

org.apache.catalina.connector.RequestFacade@1545ae9d

servletPath:/index.jsp
pathInfo:null
headers:
accept: text/html, application/xhtml+xml, /
accept-language: es-ES,en;q=0.5
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate
host: localhost:8181
connection: Keep-Alive

Security filter chain: [
WebAsyncManagerIntegrationFilter
SecurityContextPersistenceFilter
HeaderWriterFilter
LogoutFilter
UsernamePasswordAuthenticationFilter
BasicAuthenticationFilter
NegotiateSecurityFilter
RequestCacheAwareFilter
SecurityContextHolderAwareRequestFilter
AnonymousAuthenticationFilter
SessionManagementFilter
ExceptionTranslationFilter
FilterSecurityInterceptor
]

08:37:40.517 [http-nio-8181-exec-2] INFO Spring Security Debugger -

New HTTP session created: CE852E4F22A58581098F7EC59A7B5471

Call stack:

at org.springframework.security.web.debug.Logger.info(Logger.java:29)
at org.springframework.security.web.debug.DebugRequestWrapper.getSession(DebugFilter.java:151)
at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:240)
at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:240)
at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:240)
at org.springframework.security.web.savedrequest.HttpSessionRequestCache.saveRequest(HttpSessionRequestCache.java:42)
at org.springframework.security.web.access.ExceptionTranslationFilter.sendStartAuthentication(ExceptionTranslationFilter.java:201)
at org.springframework.security.web.access.ExceptionTranslationFilter.handleSpringSecurityException(ExceptionTranslationFilter.java:177)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:133)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:122)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:169)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:48)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at waffle.spring.NegotiateSecurityFilter.doFilter(NegotiateSecurityFilter.java:156)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:158)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:205)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:120)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:91)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:53)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:213)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176)
at org.springframework.security.web.debug.DebugFilter.invokeWithWrappedRequest(DebugFilter.java:75)
at org.springframework.security.web.debug.DebugFilter.doFilter(DebugFilter.java:62)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:474)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:624)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:349)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:783)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:798)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1434)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)

08:37:40.536 [http-nio-8181-exec-2] INFO Spring Security Debugger -

Request received for GET '/login.xhtml': WHY???

org.apache.catalina.connector.RequestFacade@1545ae9d

servletPath:/login.xhtml
pathInfo:null
headers:
accept: text/html, application/xhtml+xml, /
accept-language: es-ES,en;q=0.5
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate
host: localhost:8181
connection: Keep-Alive
cookie: JSESSIONID=CE852E4F22A58581098F7EC59A7B5471

Security filter chain: [
WebAsyncManagerIntegrationFilter
SecurityContextPersistenceFilter
HeaderWriterFilter
LogoutFilter
UsernamePasswordAuthenticationFilter
BasicAuthenticationFilter
NegotiateSecurityFilter
RequestCacheAwareFilter
SecurityContextHolderAwareRequestFilter
AnonymousAuthenticationFilter
SessionManagementFilter
ExceptionTranslationFilter
FilterSecurityInterceptor
]

08:37:41.178 [http-nio-8181-exec-2] DEBUG org.hibernate.validator.internal.engine.resolver.DefaultTraversableResolver - Found javax.persistence.Persistence on classpath containing 'getPersistenceUtil'. Assuming JPA 2 environment. Trying to instantiate JPA aware TraversableResolver
08:37:41.178 [http-nio-8181-exec-2] DEBUG org.hibernate.validator.internal.engine.resolver.DefaultTraversableResolver - Instantiated JPA aware TraversableResolver of type org.hibernate.validator.internal.engine.resolver.JPATraversableResolver.
08:37:41.183 [http-nio-8181-exec-2] DEBUG org.hibernate.validator.internal.xml.ValidationXmlParser - Trying to load META-INF/validation.xml for XML based Validator configuration.
08:37:41.188 [http-nio-8181-exec-2] DEBUG org.hibernate.validator.internal.xml.ValidationXmlParser - No META-INF/validation.xml found. Using annotation based configuration only.
08:37:41.607 [http-nio-8181-exec-2] DEBUG org.hibernate.validator.internal.engine.resolver.DefaultTraversableResolver - Found javax.persistence.Persistence on classpath containing 'getPersistenceUtil'. Assuming JPA 2 environment. Trying to instantiate JPA aware TraversableResolver
08:37:41.608 [http-nio-8181-exec-2] DEBUG org.hibernate.validator.internal.engine.resolver.DefaultTraversableResolver - Instantiated JPA aware TraversableResolver of type org.hibernate.validator.internal.engine.resolver.JPATraversableResolver.
08:37:41.609 [http-nio-8181-exec-2] DEBUG org.hibernate.validator.internal.xml.ValidationXmlParser - Trying to load META-INF/validation.xml for XML based Validator configuration.
08:37:41.610 [http-nio-8181-exec-2] DEBUG org.hibernate.validator.internal.xml.ValidationXmlParser - No META-INF/validation.xml found. Using annotation based configuration only.
oct 05, 2017 8:37:42 AM org.apache.myfaces.shared.renderkit.RendererUtils getClientId
INFORMACIÓN: Unable to find component 'j_username' (calling findComponent on component 'j_id_d', viewLocation: /file:WEB-INF/lib/01-arq-sso-presentation-2.0.1-SNAPSHOT.jar!/META-INF/resources/login.xhtml at line 110 and column 59). We'll try to return a guessed client-id anyways - this will be a problem if you put the referenced component into a different naming-container. If this is the case, you can always use the full client-id.
oct 05, 2017 8:37:42 AM org.apache.myfaces.shared.renderkit.RendererUtils getClientId
INFORMACIÓN: Unable to find component 'j_password' (calling findComponent on component 'j_id_g', viewLocation: /file:WEB-INF/lib/01-arq-sso-presentation-2.0.1-SNAPSHOT.jar!/META-INF/resources/login.xhtml at line 114 and column 59). We'll try to return a guessed client-id anyways - this will be a problem if you put the referenced component into a different naming-container. If this is the case, you can always use the full client-id.
08:37:43.515 [http-nio-8181-exec-3] INFO Spring Security Debugger -

Request received for GET '/javax.faces.resource/primefaces.css.xhtml?ln=primefaces&v=5.3&v=5.3':

org.apache.catalina.connector.RequestFacade@1545ae9d

servletPath:/javax.faces.resource/primefaces.css.xhtml
pathInfo:null
headers:
accept: text/css, /
referer: http:https://localhost:8181/usuariosPresentations/login.xhtml
accept-language: es-ES,en;q=0.5
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate
host: localhost:8181
connection: Keep-Alive
cookie: JSESSIONID=CE852E4F22A58581098F7EC59A7B5471; oam.Flash.RENDERMAP.TOKEN=4izbo9urs

Security filter chain: [] empty (bypassed by security='none')

08:37:43.525 [http-nio-8181-exec-4] INFO Spring Security Debugger -

Request received for GET '/javax.faces.resource/jquery/jquery.js.xhtml?ln=primefaces&v=5.3&v=5.3':

org.apache.catalina.connector.RequestFacade@4cb324a0

servletPath:/javax.faces.resource/jquery/jquery.js.xhtml
pathInfo:null
headers:
accept: application/javascript, /;q=0.8
referer: http:https://localhost:8181/usuariosPresentations/login.xhtml
accept-language: es-ES,en;q=0.5
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate
host: localhost:8181
connection: Keep-Alive
cookie: JSESSIONID=CE852E4F22A58581098F7EC59A7B5471; oam.Flash.RENDERMAP.TOKEN=4izbo9urs

Security filter chain: [] empty (bypassed by security='none')

08:37:43.545 [http-nio-8181-exec-5] INFO Spring Security Debugger -

Request received for GET '/javax.faces.resource/primefaces.js.xhtml?ln=primefaces&v=5.3&v=5.3':

org.apache.catalina.connector.RequestFacade@230e8c3a

servletPath:/javax.faces.resource/primefaces.js.xhtml
pathInfo:null
headers:
accept: application/javascript, /;q=0.8
referer: http:https://localhost:8181/usuariosPresentations/login.xhtml
accept-language: es-ES,en;q=0.5
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate
host: localhost:8181
connection: Keep-Alive
cookie: JSESSIONID=CE852E4F22A58581098F7EC59A7B5471; oam.Flash.RENDERMAP.TOKEN=4izbo9urs

Security filter chain: [] empty (bypassed by security='none')

08:37:43.691 [http-nio-8181-exec-6] INFO Spring Security Debugger -

Request received for GET '/javax.faces.resource/js/css3-mediaqueries.js.xhtml':

org.apache.catalina.connector.RequestFacade@1545ae9d

servletPath:/javax.faces.resource/js/css3-mediaqueries.js.xhtml
pathInfo:null
headers:
accept: application/javascript, /;q=0.8
referer: http:https://localhost:8181/usuariosPresentations/login.xhtml
accept-language: es-ES,en;q=0.5
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate
host: localhost:8181
connection: Keep-Alive
cookie: JSESSIONID=CE852E4F22A58581098F7EC59A7B5471; oam.Flash.RENDERMAP.TOKEN=4izbo9urs

Security filter chain: [] empty (bypassed by security='none')

08:37:43.693 [http-nio-8181-exec-7] INFO Spring Security Debugger -

Request received for GET '/javax.faces.resource/js/html5shiv.min.js.xhtml':

org.apache.catalina.connector.RequestFacade@230e8c3a

servletPath:/javax.faces.resource/js/html5shiv.min.js.xhtml
pathInfo:null
headers:
accept: application/javascript, /;q=0.8
referer: http:https://localhost:8181/usuariosPresentations/login.xhtml
accept-language: es-ES,en;q=0.5
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate
host: localhost:8181
connection: Keep-Alive
cookie: JSESSIONID=CE852E4F22A58581098F7EC59A7B5471; oam.Flash.RENDERMAP.TOKEN=4izbo9urs

Security filter chain: [] empty (bypassed by security='none')

08:37:43.694 [http-nio-8181-exec-8] INFO Spring Security Debugger -

Request received for GET '/javax.faces.resource/js/respond.min.js.xhtml':

org.apache.catalina.connector.RequestFacade@4cb324a0

servletPath:/javax.faces.resource/js/respond.min.js.xhtml
pathInfo:null
headers:
accept: application/javascript, /;q=0.8
referer: http:https://localhost:8181/usuariosPresentations/login.xhtml
accept-language: es-ES,en;q=0.5
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate
host: localhost:8181
connection: Keep-Alive
cookie: JSESSIONID=CE852E4F22A58581098F7EC59A7B5471; oam.Flash.RENDERMAP.TOKEN=4izbo9urs

Security filter chain: [] empty (bypassed by security='none')

08:37:43.706 [http-nio-8181-exec-9] INFO Spring Security Debugger -

Request received for GET '/javax.faces.resource/img/logo.png.xhtml':

org.apache.catalina.connector.RequestFacade@1545ae9d

servletPath:/javax.faces.resource/img/logo.png.xhtml
pathInfo:null
headers:
accept: image/png, image/svg+xml, image/*;q=0.8, /;q=0.5
referer: http:https://localhost:8181/usuariosPresentations/login.xhtml
accept-language: es-ES,en;q=0.5
user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate
host: localhost:8181
connection: Keep-Alive
cookie: JSESSIONID=CE852E4F22A58581098F7EC59A7B5471; oam.Flash.RENDERMAP.TOKEN=4izbo9urs

Security filter chain: [] empty (bypassed by security='none')

@gargomanjr
Copy link
Author

I believe that UsernamePasswordAuthenticationFilter is finishing the security chain

@hazendaz
Copy link
Member

hazendaz commented Oct 8, 2017

Does this work in other browsers or do you experience same problem with them?

@gargomanjr
Copy link
Author

In other browser works fine, my problem is only in IE when I active login form. It's a bit strange because without login form IE works perfectly..

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hazendaz @gargomanjr