Hi, I'm having trouble with the feature for redirecting to the previous request after a successful form login.
I've read the thread and poked around in the 5.1 and later source code for the default Tynamo login component, and my login component is essentially the same. It is mentioned that Tynamo now uses cookies to store the savedRequest (for good reason), however the code for dealing with cookies in the Tynamo LoginForm component is commented out. Here is my situation: I have a protected page called event viewer at http://localhost:8080/graphene-enron-web/eventviewer This page uses a layout component common to all authenticated pages, which should be fine. (The login and registration pages use a separate layout component, for unauthenticated access.) After successful login, howerever, I am sent to this URL: http://localhost:8080/graphene-enron-web/graphene/pub/core/js/plugin/pace/pace.min.js The "core/js/plugin/pace/pace.min.js" is one of the assets loaded by the common Layout component. Actually, what I've found is that the request is taking whatever first asset is used in the Layout. Previously to this, it would try to redirect to my favicon.ico, which was being included in the Layout's header! Do I need to somehow make my components or certain assets anonymously available? Here are some relevant snippets: public static void contributeApplicationDefaults( MappedConfiguration<String, String> configuration) { configuration.add(SecuritySymbols.LOGIN_URL, "/graphene/pub/login"); configuration.add(SecuritySymbols.UNAUTHORIZED_URL, "/graphene/infrastructure/pagedenied"); configuration.add(SecuritySymbols.SUCCESS_URL, "/graphene/index"); configuration.add(SecuritySymbols.REDIRECT_TO_SAVED_URL, "true"); } @Contribute(WebSecurityManager.class) public static void contributeWebSecurityManager( Configuration<Realm> configuration, Realm grapheneSecurityRealm) { configuration.add(grapheneSecurityRealm); } @Contribute(HttpServletRequestFilter.class) @Marker(Security.class) public static void setupSecurity( Configuration<SecurityFilterChain> configuration, SecurityFilterChainFactory factory, WebSecurityManager securityManager) { // Allow access to the login and registration pages configuration.add(factory.createChain("/graphene/pub/**") .add(factory.anon()).build()); configuration.add(factory.createChain("/assets/**").add(factory.anon()) .build()); configuration.add(factory.createChain("/**").add(factory.user()) .build()); } >From my login form, which is nearly identical to the Tynamo one: public Object onActionFromGrapheneLoginForm() throws IOException { Subject currentUser = securityService.getSubject(); if (currentUser == null) { logger.error("Subject can`t be null"); // throw new IllegalStateException("Subject can`t be null"); loginMessage = messages.get("AuthenticationError"); return null; } if (grapheneLogin.contains("@")) { grapheneLogin = grapheneLogin.split("@")[0]; } /** * We store the password entered into this token. It will later be * compared to the hashed version using whatever hashing routine is set * in the Realm. */ UsernamePasswordToken token = new UsernamePasswordToken(grapheneLogin, graphenePassword); token.setRememberMe(grapheneRememberMe); try { currentUser.login(token); } catch (UnknownAccountException e) { loginMessage = messages.get("AccountDoesNotExists"); return null; } catch (IncorrectCredentialsException e) { loginMessage = messages.get("WrongPassword"); return null; } catch (LockedAccountException e) { loginMessage = messages.get("AccountLocked"); return null; } catch (AuthenticationException e) { loginMessage = messages.get("AuthenticationError"); return null; } try { //creates the SSO associated with the user authenticatorHelper.login(grapheneLogin, graphenePassword); } catch (BusinessException e) { loginMessage = messages.get("InternalAuthenticationError"); e.printStackTrace(); return null; } SavedRequest savedRequest = WebUtils .getAndClearSavedRequest(requestGlobals.getHTTPServletRequest()); if (savedRequest != null && savedRequest.getMethod().equalsIgnoreCase("GET")) { try { response.sendRedirect(savedRequest.getRequestUrl()); return null; } catch (IOException e) { logger.warn("Can't redirect to saved request."); return loginContextService.getSuccessPage(); } } else if (redirectToSavedUrl) { String requestUri = loginContextService.getSuccessPage(); if (!requestUri.startsWith("/")) { requestUri = "/" + requestUri; } loginContextService.redirectToSavedRequest(requestUri); return null; } // Cookie[] cookies = // requestGlobals.getHTTPServletRequest().getCookies(); // if (cookies != null) for (Cookie cookie : cookies) if // (WebUtils.SAVED_REQUEST_KEY.equals(cookie.getName())) { // String requestUri = cookie.getValue(); // WebUtils.issueRedirect(requestGlobals.getHTTPServletRequest(), // requestGlobals.getHTTPServletResponse(), requestUri); // return null; // } return loginContextService.getSuccessPage(); }
