java - Do applications with spring security share SecurityContextHolder among them -


i have 2 different applications, a , . both using spring security same configuration. here situation:

i log a application. works fine. when log b application (it has same ip different port) in tab in same browser, see these lines (below) , thrown away a application, means no longer authenticated in it.

debug 2013-05-20 13:42:43,969 [http-8080-2] org.springframework.security.web.filterchainproxy$virtualfilterchain : /webapp/backoffice/index.jsp @ position 2 of 12 in additional filter chain; firing filter: 'securitycontextpersistencefilter'

debug 2013-05-20 13:42:43,969 [http-8080-2] org.springframework.security.web.context.httpsessionsecuritycontextrepository : no httpsession exists

debug 2013-05-20 13:42:43,969 [http-8080-2] org.springframework.security.web.context.httpsessionsecuritycontextrepository : no securitycontext available httpsession: null. new 1 created.

  1. i using httpsessionsecuritycontextrepository securitycontextrepository.
  2. i have enabled sessionmigration security purposes.
  3. i using concurrentsessionfilter, prevent being logged in via 2 or more devices.

but not getting why logging in b application, removes httpsession a application? (or maybe other things happening)

i want know whether these applications, share in common within browser.

asked ip/port, should know ips same (both localhost) have different ports.
a) localhost:8080/dtts/backoffice
b) localhost:8081/dtts/backoffice
solved
problem every url/path there unique jsessionid. both of applications use url:localhost , path:dtts. that's why second jsessionid replaces first one.

the cookie application b overwriting cookie stored in browser application a, because both cookies same server i.e. 'localhost', , both cookies have name, i.e. 'jsessionid'.

cookies not port specific. discussed in question: are http cookies port specific?

i believe options are:

  • use different ip or server name access each application (e.g. localhost , 127.0.0.1, or applicationa.mydomain.com , applicationb.mydomain.com)
  • use different name session cookie in container each application running in

Comments

Post a Comment

Popular posts from this blog

.htaccess - First slash is removed after domain when entering a webpage in the browser -

sometimes when hit address of webpage in browser, removes first slash after domain. examples: www.mywebsite.com/scripts/script_6.php -> trying load www.mywebsite.comscripts/script_6.php www.mywebsite.com/test.php -> trying load www.mywebsite.comtest.php after entering again, loads page. a .htaccess settings must wrong: rewritebase / errordocument 404 http://www.mywebsite.com/oops.php errordocument 401 /notallowed.php rewriteengine on # turn on rewriting engine #gzip <ifmodule mod_deflate.c> addoutputfilterbytype deflate text/text text/html text/plain text/xml text/css application/x- javascript application/javascript </ifmodule> #end gzip rewritecond %{http_host} ^mywebsite\.com rewriterule ^(.*)$ http://www.mywebsite.com$1 [r=permanent,l] directoryindex index6.php rewriterule ^termsofuse/?$ termsofuse.php [nc,l] # handle requests "adpolicy" rewriterule ^privacy-policy/?$ privacy-policy.php [nc,l] # handle requ...
Read more

Automatically create pages in phpfox -

i have array of information of places , wanna use them create multiple pages in phpfox site. first tried manually insert data in phpfox database (in tables of phpfox_pages , phpfox_pages_text ). the page shown in site when opening it's link, site says: the page looking cannot found. do know other tables should manipulate make work? or know plugin phpfox same? thanks, solved ( @purefan guide): "pages" has user if take @ phpfox_user table, you'll found out how fetch new records on that. there 2 ambiguous fields in table ( password & password_salt ). can use script create values fields: <?php function generaterandomstring() { $length = 164; $characters = '-_0123456789abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz'; $randomstring = ''; ($i = 0; $i < $length; $i++) { $randomstring .= $characters[rand(0, strlen($characters) - 1)]; } return $randomstring; } $ssalt = '';...
Read more

c# - Farseer ContactListener is not working -

i'm using farseer in xna project, have trouble contactlistener. created class contactlistener these 2 error messages , don't know how fix problems. the type or namespace name 'contactlistener' not found (are missing using directive or assembly reference?) the type or namespace name 'contactimpulse' not found (are missing using directive or assembly reference?) what wrong contactlistener class? class mycontactlistener: contactlistener { void begincontact(contact contact) { /* handle begin event */ } void endcontact(contact contact) { /* handle end event */ } void presolve(contact contact, ref manifold oldmanifold) { fixture fixturea = contact.fixturea; fixture fixtureb = contact.fixtureb; if (fixtureb.collisioncategories == category.cat10) { contact.enabled = false; } } void postsolve(contact contact, ref contactimpulse impulse) { /* handle post-solve event */ } }...
Read more