2 Replies Latest reply on Jan 8, 2014 7:38 AM by pcraveiro

    SAML SSO on Spring MVC using Picketlink JBoss 7.1.1 AS - 404 error after authentication

    devthoughts

      We are trying to configure picketlink on jboss 7 to have SAML based web SSO on spring mvc application (as IDP).

      We have custom login module which extends DatabaseServerLogin module and our application needs just user authentication and no need of authorization. We have a custom authorization logic built in house which will be called after user is authenticated. So the roles for <auth-constraint> & <security-role> is marked *.

      configuration done in web.xml

       

      <security-constraint>

           <web-resource-collection>

           <web-resource-name>Manager command</web-resource-name>

           <url-pattern>/home</url-pattern>

           </web-resource-collection>

           <auth-constraint>

           <role-name>*</role-name>

           </auth-constraint>

           </security-constraint>


      <login-config>

           <auth-method>FORM</auth-method>

           <realm-name>PicketLink IDP Application</realm-name>

           <form-login-config>

           <form-login-page>/WEB-INF/jsp/loginUser.jsp</form-login-page>

           <form-error-page>/WEB-INF/jsp/error.jsp</form-error-page>

           </form-login-config>

      </login-config>


      <security-role>

      <role-name>*</role-name>

      </security-role>

      Spring dispatcher servlet url pattern is

      <servlet-mapping> <servlet-name>dispatcher</servlet-name>> <url-pattern>/</url-pattern> </servlet-mapping>

      http:myHostName:8080/myapp/home is taking to login page as configured.

      After login/authentication is successful, then call is redirected to a controller url mapping /home and that controller is returning home.jsp as expected but on the browser I am getting 404 error.

      But when we debugged, we came to know that at some point of method stack trace before returning to browser, there status of response object is changed to 404 and error is true.

      Am i missing any configuration? Any help would be appreciated@@