Problems integrating with spring social
Posted: Sat Jul 13, 2013 7:59 am
Hi,
I have been trying to do the spring social integration in the site and after following the steps from the http://www.broadleafcommerce.com/post/why-your-ecommerce-site-should-integrate-with-spring-social There are few problems.
My present environment is
Broadleaf version 3.0
Eclipse juno
I have been runnig the demo on tomcat6 and mysql as given in your tutorials. It was working fine until now.
Now after applying your steps in the site the site is working fine but whenever I click the Login or Register button It shows that your webpage has a redirect loop.
The corresponding filers are follows
development.properties
root pom
site pom
applicationContext-social.xml
applicationContext-servlet.xml
applicationContext-security.xml
web.xml
What could be the reason of the redirect loop and how can I remove it.
Thanks
I have been trying to do the spring social integration in the site and after following the steps from the http://www.broadleafcommerce.com/post/why-your-ecommerce-site-should-integrate-with-spring-social There are few problems.
My present environment is
Broadleaf version 3.0
Eclipse juno
I have been runnig the demo on tomcat6 and mysql as given in your tutorials. It was working fine until now.
Now after applying your steps in the site the site is working fine but whenever I click the Login or Register button It shows that your webpage has a redirect loop.
The corresponding filers are follows
development.properties
Code: Select all
# Please see common-shared.properties for more information on how the properties files work
blPU.hibernate.hbm2ddl.auto=update
#Spring Social
facebook.clientId=159955237520907
facebook.clientSecret=1c114fa66acb5f27724aa2b012b650e6
application.url=http://127.0.0.1:8087
root pom
Code: Select all
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.mycompany</groupId>
<artifactId>ecommerce-website</artifactId>
<version>1.0</version>
<packaging>pom</packaging>
<name>ecommerce</name>
<url>http://www.blc-archetype.com</url>
<properties>
<blc.version>3.0.0-BETA3</blc.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<gwt.version>2.4.0</gwt.version>
</properties>
<description>My Company's eCommerce Website</description>
<repositories>
<repository>
<id>public snapshots</id>
<name>public snapshots</name>
<url>http://nexus.broadleafcommerce.org/nexus/content/repositories/snapshots/</url>
</repository>
<repository>
<id>public releases</id>
<name>public releases</name>
<url>http://nexus.broadleafcommerce.org/nexus/content/repositories/releases/</url>
</repository>
</repositories>
<build>
<pluginManagement>
<plugins>
<plugin>
<!-- Needed for Eclipse Indigo -->
<!-- This plugin does not actually exist, but is instead read by Eclipse for configuration purposes -->
<groupId>org.eclipse.m2e</groupId>
<artifactId>lifecycle-mapping</artifactId>
<version>1.0.0</version>
<configuration>
<lifecycleMappingMetadata>
<pluginExecutions>
<pluginExecution>
<pluginExecutionFilter>
<groupId>org.zeroturnaround</groupId>
<artifactId>jrebel-maven-plugin</artifactId>
<versionRange>[1.0,)</versionRange>
<goals>
<goal>generate</goal>
</goals>
</pluginExecutionFilter>
<action>
<ignore />
</action>
</pluginExecution>
<pluginExecution>
<pluginExecutionFilter>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-antrun-plugin</artifactId>
<versionRange>[1.3,)</versionRange>
<goals>
<goal>run</goal>
</goals>
</pluginExecutionFilter>
<action>
<ignore />
</action>
</pluginExecution>
<pluginExecution>
<pluginExecutionFilter>
<groupId>
org.codehaus.mojo
</groupId>
<artifactId>
build-helper-maven-plugin
</artifactId>
<versionRange>
[1.7,)
</versionRange>
<goals>
<goal>
timestamp-property
</goal>
</goals>
</pluginExecutionFilter>
<action>
<ignore></ignore>
</action>
</pluginExecution>
<pluginExecution>
<pluginExecutionFilter>
<groupId>
org.codehaus.mojo
</groupId>
<artifactId>
keytool-maven-plugin
</artifactId>
<versionRange>
[1.2,)
</versionRange>
<goals>
<goal>clean</goal>
<goal>genkey</goal>
</goals>
</pluginExecutionFilter>
<action>
<ignore></ignore>
</action>
</pluginExecution>
</pluginExecutions>
</lifecycleMappingMetadata>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>2.0.2</version>
<configuration>
<source>1.6</source>
<target>1.6</target>
</configuration>
</plugin>
<plugin>
<groupId>org.zeroturnaround</groupId>
<artifactId>jrebel-maven-plugin</artifactId>
<version>1.1.3</version>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>build-helper-maven-plugin</artifactId>
<version>1.7</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.10</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>2.1.1</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
<version>2.3.2</version>
</plugin>
<plugin>
<artifactId>maven-clean-plugin</artifactId>
<configuration>
<excludeDefaultDirectories>true</excludeDefaultDirectories>
<filesets>
<!-- delete directories that will be generated when you start the develpment server/client in eclipse -->
<fileset>
<directory>target</directory>
<includes>
<include>**/*</include>
</includes>
</fileset>
</filesets>
</configuration>
</plugin>
</plugins>
</pluginManagement>
</build>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>com.mycompany</groupId>
<artifactId>core</artifactId>
<version>1.0</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
<!-- Mysql dependency -->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.21</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
<!-- Spring social dependency -->
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-social-facebook</artifactId>
<version>1.0.2.RELEASE</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-social-twitter</artifactId>
<version>1.0.2.RELEASE</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-social-web</artifactId>
<version>1.0.2.RELEASE</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
<!--Broadleaf libraries -->
<dependency>
<groupId>org.broadleafcommerce</groupId>
<artifactId>broadleaf-common</artifactId>
<version>${blc.version}</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.broadleafcommerce</groupId>
<artifactId>broadleaf-profile</artifactId>
<version>${blc.version}</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.broadleafcommerce</groupId>
<artifactId>broadleaf-profile-web</artifactId>
<version>${blc.version}</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.broadleafcommerce</groupId>
<artifactId>broadleaf-framework</artifactId>
<version>${blc.version}</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.broadleafcommerce</groupId>
<artifactId>broadleaf-framework-web</artifactId>
<version>${blc.version}</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.broadleafcommerce</groupId>
<artifactId>broadleaf-admin-module</artifactId>
<version>${blc.version}</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.broadleafcommerce</groupId>
<artifactId>broadleaf-contentmanagement-module</artifactId>
<version>${blc.version}</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.broadleafcommerce</groupId>
<artifactId>broadleaf-open-admin-platform</artifactId>
<version>${blc.version}</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.broadleafcommerce</groupId>
<artifactId>integration</artifactId>
<version>${blc.version}</version>
<type>jar</type>
<classifier>tests</classifier>
<scope>test</scope>
</dependency>
<!-- Other dependencies -->
<dependency>
<groupId>org.hsqldb</groupId>
<artifactId>hsqldb</artifactId>
<version>2.2.4</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>commons-dbcp</groupId>
<artifactId>commons-dbcp</artifactId>
<version>1.2.2</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.5</version>
<type>jar</type>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.testng</groupId>
<artifactId>testng</artifactId>
<version>5.9</version>
<type>jar</type>
<classifier>jdk15</classifier>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.tomcat</groupId>
<artifactId>tomcat-jdbc</artifactId>
<version>7.0.30</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
</dependencies>
</dependencyManagement>
<modules>
<module>admin</module>
<module>core</module>
<module>site</module>
</modules>
</project>
site pom
Code: Select all
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>com.mycompany</groupId>
<artifactId>ecommerce-website</artifactId>
<version>1.0</version>
</parent>
<artifactId>site</artifactId>
<packaging>war</packaging>
<name>site</name>
<description>Web Module For Broadleaf Commerce Based ECommerce Site</description>
<properties>
<webappDirectory>${project.build.directory}/${project.build.finalName}</webappDirectory>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<!-- httpsPort and httpPort are used by embeded jetty server.-->
<!-- Make sure the following httpsPort matches what's in the runtime-properties file, -->
<httpsPort>8443</httpsPort>
<httpPort>8087</httpPort>
</properties>
<build>
<outputDirectory>${webappDirectory}/WEB-INF/classes</outputDirectory>
<finalName>mycompany</finalName>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<configuration>
<webappDirectory>${webappDirectory}</webappDirectory>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.tomcat.maven</groupId>
<!-- for Tomcat 7, change to tomcat7-maven-plugin -->
<artifactId>tomcat6-maven-plugin</artifactId>
<version>2.0-beta-1</version>
<configuration>
<path>/</path>
<warSourceDirectory>${webappDirectory}</warSourceDirectory>
<port>8087</port>
</configuration>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>keytool-maven-plugin</artifactId>
<version>1.2</version>
<executions>
<execution>
<phase>generate-resources</phase>
<id>clean</id>
<goals>
<goal>clean</goal>
</goals>
</execution>
<execution>
<phase>generate-resources</phase>
<id>genkey</id>
<goals>
<goal>genkey</goal>
</goals>
</execution>
</executions>
<configuration>
<keystore>${webappDirectory}/WEB-INF/blc-example.keystore</keystore>
<dname>cn=localhost</dname>
<keypass>broadleaf</keypass>
<storepass>broadleaf</storepass>
<alias>broadleaf</alias>
<keyalg>RSA</keyalg>
</configuration>
</plugin>
<plugin>
<groupId>org.zeroturnaround</groupId>
<artifactId>jrebel-maven-plugin</artifactId>
<configuration>
<packaging>war</packaging>
<rootPath>${basedir}</rootPath>
</configuration>
<executions>
<execution>
<id>generate-rebel-xml</id>
<phase>process-resources</phase>
<goals>
<goal>generate</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
<dependencies>
<dependency>
<groupId>com.mycompany</groupId>
<artifactId>core</artifactId>
</dependency>
<dependency>
<groupId>org.broadleafcommerce</groupId>
<artifactId>broadleaf-framework-web</artifactId>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
</dependency>
<dependency>
<groupId>org.apache.tomcat</groupId>
<artifactId>tomcat-jdbc</artifactId>
</dependency>
<dependency>
<groupId>commons-dbcp</groupId>
<artifactId>commons-dbcp</artifactId>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.21</version>
</dependency>
<!-- spring social dependency-->
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-social-facebook</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-social-twitter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-social-web</artifactId>
<exclusions>
<exclusion>
<artifactId>spring-web</artifactId>
<groupId>org.springframework</groupId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
</project>
applicationContext-social.xml
Code: Select all
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd">
<bean id="connectionFactoryLocator" class="org.springframework.social.connect.support.ConnectionFactoryRegistry">
<property name="connectionFactories">
<list>
<bean class="org.springframework.social.facebook.connect.FacebookConnectionFactory">
<constructor-arg value="${facebook.clientId}" />
<constructor-arg value="${facebook.clientSecret}" />
</bean>
<!-- <bean class="org.springframework.social.twitter.connect.TwitterConnectionFactory">
<constructor-arg value="${twitter.consumerKey}" />
<constructor-arg value="${twitter.consumerSecret}" />
</bean> -->
</list>
</property>
</bean>
<bean id="usersConnectionRepository" class="org.springframework.social.connect.jdbc.JdbcUsersConnectionRepository">
<constructor-arg ref="webDS" />
<constructor-arg ref="connectionFactoryLocator" />
<constructor-arg ref="textEncryptor" />
<aop:scoped-proxy proxy-target-class="false" />
<property name="tablePrefix" value="BLC_"/>
</bean>
<bean id="connectionRepository" factory-method="createConnectionRepository" factory-bean="usersConnectionRepository" scope="request">
<constructor-arg value="#{session.customer.username}" />
<aop:scoped-proxy proxy-target-class="false" />
</bean>
<!-- Configure this to use the Broadleaf Runtime Environment properties file -->
<bean id="textEncryptor" class="org.springframework.security.crypto.encrypt.Encryptors"
factory-method="noOpText" />
</beans>
applicationContext-servlet.xml
Code: Select all
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.2.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-3.2.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd">
<!-- Scan Broadleaf defined web utility classes -->
<!-- context:component-scan base-package="org.broadleafcommerce.cms.web"/ -->
<context:component-scan base-package="org.broadleafcommerce.common.web"/>
<context:component-scan base-package="org.broadleafcommerce.core.web"/>
<context:component-scan base-package="org.broadleafcommerce.profile.web"/>
<!-- Turn on AOP annotations (required by Broadleaf) -->
<aop:config/>
<!-- Checks for a URL match to a product's SEO URL. -->
<bean class="org.broadleafcommerce.core.web.catalog.ProductHandlerMapping">
<property name="order" value="2"/>
</bean>
<!-- Checks for a URL match to a CMS managed page URL. -->
<bean class="org.broadleafcommerce.cms.web.PageHandlerMapping">
<property name="order" value="3"/>
</bean>
<!-- Checks for a URL match to a category's SEO URL -->
<bean class="org.broadleafcommerce.core.web.catalog.CategoryHandlerMapping">
<property name="order" value="4"/>
</bean>
<bean class="org.springframework.social.connect.web.ProviderSignInController">
<property name="applicationUrl" value="${application.url}" />
<property name="signUpUrl" value="/register" />
<property name="signInUrl" value="/login" />
</bean>
<!-- Scan for custom controllers -->
<context:component-scan base-package="com.mycompany.controller" />
<!-- Allow annotation driven controllers -->
<mvc:annotation-driven/>
<!-- Disable caching for any non-resource. This prevents the header from becoming stagnant -->
<mvc:interceptors>
<bean id="webContentInterceptor" class="org.broadleafcommerce.core.web.interceptor.NonResourceWebContentInterceptor">
<property name="cacheSeconds" value="0"/>
<property name="useExpiresHeader" value="true"/>
<property name="useCacheControlHeader" value="true"/>
<property name="useCacheControlNoStore" value="true"/>
</bean>
<!-- Interceptor for blLocalCode-->
<bean class="org.springframework.web.servlet.i18n.LocaleChangeInterceptor">
<property name="paramName" value="blLocaleCode"/>
</bean>
</mvc:interceptors>
<!-- Default locale set -->
<bean id="localeResolver" class="org.springframework.web.servlet.i18n.CookieLocaleResolver">
<property name="defaultLocale" value="en"/>
</bean>
<!-- Tell Spring to not try to map things in these directories to controllers -->
<!-- Order must be set to supercede the handler configured by the mvc:annotation-driven annotation -->
<mvc:resources order="-10" location="/img/" mapping="/img/**" />
<mvc:resources order="-10" location="/css/" mapping="/css/**" />
<mvc:resources order="-10" location="/js/, classpath:/common_js/" mapping="/js/**" />
<mvc:resources order="-10" location="/fonts/" mapping="/fonts/**" />
<mvc:resources order="-10" location="favicon.ico" mapping="favicon.ico" />
<mvc:resources order="-10" location="robots.txt" mapping="robots.txt" />
<!-- Set up the view resolver to be used by Spring -->
<bean class="org.broadleafcommerce.common.web.BroadleafThymeleafViewResolver">
<property name="templateEngine" ref="blWebTemplateEngine" />
<property name="order" value="1" />
<property name="cache" value="false" />
<property name="fullPageLayout" value="layout/fullPageLayout" />
<property name="characterEncoding" value="UTF-8" />
<property name="layoutMap">
<map>
<entry key="account/" value="layout/accountLayout" />
<entry key="catalog/" value="NONE" />
<entry key="checkout/" value="layout/checkoutLayout" />
<entry key="checkout/confirmation" value="layout/fullPageNoNavLayout" />
<entry key="layout/" value="NONE" />
</map>
</property>
</bean>
<!-- This validator will additionally require state on shipping addresses -->
<bean id="blShippingInfoFormValidator" class="org.broadleafcommerce.core.web.checkout.validator.USShippingInfoFormValidator" />
</beans>
applicationContext-security.xml
Code: Select all
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.2.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util-3.2.xsd">
<context:component-scan base-package="org.broadleafcommerce.common.web.security"/>
<context:component-scan base-package="org.broadleafcommerce.profile.web.core.security"/>
<context:component-scan base-package="org.broadleafcommerce.core.web.order.security"/>
<!-- Resources do not need security -->
<sec:http pattern="/css/**" security="none" />
<sec:http pattern="/fonts/**" security="none" />
<sec:http pattern="/img/**" security="none" />
<sec:http pattern="/js/**" security="none" />
<sec:http pattern="/favicon.ico" security="none" />
<sec:http pattern="/robots.txt" security="none" />
<!-- This also goes for static assets delivered by the application -->
<sec:http pattern="/**/${asset.server.url.prefix.internal}/**" security="none" />
<!-- Set up Spring security for the application -->
<sec:http auto-config="false" authentication-manager-ref="blAuthenticationManager" >
<!-- We handle session fixation protection ourselves -->
<sec:session-management session-fixation-protection="none" />
<!-- Wishlist modifications live under /account, but we don't need HTTPS -->
<sec:intercept-url pattern="/account/wishlist/**" access="ROLE_USER" requires-channel="any" />
<!-- Specify these URLs as requiring HTTPS to encrypt user data -->
<sec:intercept-url pattern="/register*" requires-channel="https" />
<sec:intercept-url pattern="/login*/**" requires-channel="https" />
<sec:intercept-url pattern="/account/**" access="ROLE_USER" requires-channel="https" />
<sec:intercept-url pattern="/checkout/**" requires-channel="https" />
<!-- Spring Social endpoints -->
<sec:intercept-url pattern="/signin/**" requires-channel="https" />
<sec:intercept-url pattern="/confirmation/**" requires-channel="https" />
<!-- Since the cart page is viewing as a modal, we want to allow it on any page -->
<sec:intercept-url pattern="/cart/**" requires-channel="any" />
<!-- All URLs not explicitly specified as https will be served under http -->
<sec:intercept-url pattern="/" requires-channel="http"/>
<sec:intercept-url pattern="/**" requires-channel="http"/>
<!-- Define the login form along with the success and failure handlers -->
<sec:form-login login-page='/login'
authentication-success-handler-ref="blAuthenticationSuccessHandler"
authentication-failure-handler-ref="blAuthenticationFailureHandler"
login-processing-url="/login_post.htm"
/>
<!-- Provide the logout handler -->
<sec:logout delete-cookies="ActiveID" invalidate-session="true" logout-url="/logout"/>
<!-- Specify our custom filters -->
<sec:custom-filter ref="blCsrfFilter" before="FORM_LOGIN_FILTER"/>
<sec:custom-filter ref="blCustomerStateFilter" after="REMEMBER_ME_FILTER"/>
<sec:custom-filter ref="blSessionFixationProtectionFilter" before="SESSION_MANAGEMENT_FILTER"/>
</sec:http>
<!-- The BLC Authentication manager. -->
<sec:authentication-manager alias="blAuthenticationManager">
<sec:authentication-provider user-service-ref="blUserDetailsService">
<sec:password-encoder ref="blPasswordEncoder" />
</sec:authentication-provider>
</sec:authentication-manager>
<!-- User details service that authenticates using customer data in the database. -->
<sec:jdbc-user-service data-source-ref="webDS"
id="blUserDetailsService"
users-by-username-query="SELECT USER_NAME,PASSWORD,TRUE FROM BLC_CUSTOMER WHERE USER_NAME=?"
authorities-by-username-query="SELECT c.USER_NAME,r.ROLE_NAME from BLC_CUSTOMER c
JOIN BLC_CUSTOMER_ROLE cr ON c.CUSTOMER_ID = cr.CUSTOMER_ID
JOIN BLC_ROLE r ON cr.ROLE_ID = r.ROLE_ID
WHERE USER_NAME=?" />
<bean id="blCsrfFilter" class="org.broadleafcommerce.common.security.handler.CsrfFilter" />
<!-- Sets the login failure URL -->
<bean id="blAuthenticationFailureHandler" class="org.broadleafcommerce.common.security.BroadleafAuthenticationFailureHandler">
<constructor-arg value="/login?error=true" />
<property name="redirectStrategy" ref="blAuthenticationFailureRedirectStrategy" />
</bean>
<!-- Sets the login success URL -->
<bean id="blAuthenticationSuccessHandler" class="org.broadleafcommerce.core.web.order.security.BroadleafAuthenticationSuccessHandler">
<property name="redirectStrategy" ref="blAuthenticationSuccessRedirectStrategy" />
<property name="defaultTargetUrl" value="/account" />
<property name="targetUrlParameter" value="successUrl" />
<property name="alwaysUseDefaultTargetUrl" value="false" />
</bean>
</beans>
web.xml
Code: Select all
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" id="WebApp_ID">
<display-name>mycompany</display-name>
<context-param>
<param-name>webAppRootKey</param-name>
<param-value>site.root</param-value>
</context-param>
<context-param>
<param-name>patchConfigLocation</param-name>
<param-value>
classpath:/bl-open-admin-contentClient-applicationContext.xml
classpath:/bl-cms-contentClient-applicationContext.xml
classpath:/applicationContext.xml
/WEB-INF/applicationContext-datasource.xml
/WEB-INF/applicationContext-email.xml
/WEB-INF/applicationContext-security.xml
/WEB-INF/applicationContext-social.xml
/WEB-INF/applicationContext.xml
/WEB-INF/applicationContext-filter.xml
</param-value>
</context-param>
<context-param>
<param-name>shutdownHookMethod</param-name>
<param-value>forceFlush</param-value>
</context-param>
<listener>
<listener-class>
org.springframework.web.context.request.RequestContextListener
</listener-class>
</listener>
<filter>
<filter-name>blPreSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter>
<filter-name>blPostSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>blPreSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>blPostSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- enable configured logging -->
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/log4j.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<listener>
<listener-class>org.broadleafcommerce.common.web.extensibility.MergeContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener>
<!-- Note: The applicationContext-servlet-cms-contentClient.xml file is used to load static assets
from the Broadleaf CMS such as images. It will match on any URL that contains the static asset
prefix URL in any depth of it. -->
<servlet>
<servlet-name>mycompany</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>
classpath:/applicationContext-servlet-cms-contentClient.xml
/WEB-INF/applicationContext-servlet.xml
</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>mycompany</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<!-- The RESTApiServlet can be disabled, but doesn't have to be. It will throw an exception if
it is accessed when no endpoints have been registered via Spring. Add /WEB-INF/applicationContext-rest-api.xml
to the merge patchConfigLocation above to activate and begin using REST services. Alternately, this
servlet and servlet mapping can be commented out entirely. -->
<servlet>
<servlet-name>RESTApiServlet</servlet-name>
<servlet-class>com.sun.jersey.spi.spring.container.servlet.SpringServlet</servlet-class>
<init-param>
<param-name>com.sun.jersey.config.property.packages</param-name>
<param-value>org.codehaus.jackson.jaxrs</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>RESTApiServlet</servlet-name>
<url-pattern>/api/v1/*</url-pattern>
</servlet-mapping>
<env-entry>
<env-entry-name>appName</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>mycompanySite</env-entry-value>
</env-entry>
<resource-ref>
<res-ref-name>jdbc/web</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
</web-app>
What could be the reason of the redirect loop and how can I remove it.
Thanks