-
15. Re: Advice on Security System
+1 for redirecting back
As its an external redirect i presume this isnt currently possible - but external redirect is nice so don't change that!
How about just appending a ?target=[original page] to the end, then we can pick that up as a @RequestParameter and redirect if we wish?
Other than that, it was a breeze to implement - works like a charm, nice work Shane!
Thanks - Ben -
-
17. Re: Advice on Security System
Guys,
Need some help with the clustered case and latest Security from the CVS. I am getting: javax.servlet.ServletException: Cannot get value for expression '#{identity.loggedIn}'
exception. Any leads will be really appreciated. I've got two Tomcat servers and one MySQL DB behind an Apache LB.
Thanks--Alex -
18. Re: Advice on Security System
I've double checked that everything works fine before I set in web.xml and push to the cluster. The following happens when I try to log in:
java.lang.ClassCastException: org.jboss.seam.security.Identity cannot be cast to javax.servlet.http.HttpSessionActivationListener at $javax.servlet.http.HttpSessionActivationListener$$FastClassByCGLIB$$d658c913.invoke(<generated>) at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:149) at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:45)
Any ideas?
Thanks--Alex -
19. Re: Advice on Security System
Correction: before I set "distributable" in web.xml. An XML fragment got dropped from the previous post.
-
20. Re: Advice on Security System
Guys, with Feb 1 CVS code, the problems above have gone away and in fact, all is working well. However, I am getting the following exception trace in the log:
2007-02-01 10:30:59,450 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/helloworld]] Session attribute event listener threw exception java.lang.IllegalStateException: No application context active at org.jboss.seam.Component.forName(Component.java:1586) at org.jboss.seam.Component.getInstance(Component.java:1636) at org.jboss.seam.Component.getInstance(Component.java:1631) at org.jboss.seam.Component.getInstance(Component.java:1608) at org.jboss.seam.Component.getInstance(Component.java:1603) at org.jboss.seam.persistence.PersistenceProvider.instance(PersistenceProvider.java:45) at org.jboss.seam.core.ManagedPersistenceContext.sessionWillPassivate(ManagedPersistenceContext.java:104) at org.jboss.web.tomcat.tc5.session.ClusteredSession.passivate(ClusteredSession.java:896) at org.jboss.web.tomcat.tc5.session.JBossCacheManager.storeSession(JBossCacheManager.java:642) at org.jboss.web.tomcat.tc5.session.InstantSnapshotManager.snapshot(InstantSnapshotManager.java:49) at org.jboss.web.tomcat.tc5.session.ClusteredSessionValve.invoke(ClusteredSessionValve.java:98) at org.jboss.web.tomcat.tc5.session.JvmRouteValve.invoke(JvmRouteValve.java:84) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
I am following all the latest security patterns in the CVS.
I would really appreiciate your help on this. This is the only show stopper for me now.
Thanks--Alex -
