Console errors when refreshing login page after upgrading to JSF 2.2 and RF 4.5.7
I have recently upgraded a web application from JSF 1.2 to JSF 2.2 as well as RF 3.3.3 to RF 4.5.7. I'm currently experiencing console errors when loading the first login.html page. This only happens when either the page is first loaded or when I refresh (F5 or shift F5). When I log in and log out again I don't receive these errors! The URL is exactly the same, e.g. host:port/xxx/login.html
This issue only occurs on this page. I'm using Spring (3.1.0) for the login although not sure if the issue is related. Security config in applicationContext.xml is:
<sec:http auto-config='true' pattern="/login.html*" security="none"/>
<sec:http pattern="/a4j/**" security="none"/>
<sec:http pattern="/css/**" security="none"/>
<sec:http pattern="/img/**" security="none"/>
<sec:http realm="Name goes here">
<sec:form-login login-processing-url="/j_spring_security_check"
login-page="/login.html"
authentication-failure-url="/login.html?fail"
default-target-url="/main.html"
always-use-default-target="true"/>
<sec:logout logout-url="/logout.html"/>
<sec:intercept-url pattern="/**" access="ROLE_USER"/>
</sec:http>
and in login.xhtml:
<form id="frm-login" action="j_spring_security_check" method="post">
<label class="above">Username<h:inputText id="j_username" /></label>
<rich:jQuery selector="#j_username" query="focus()"/><br/>
<label class="above">Password<h:inputSecret id="j_password" /></label><br/>
<h:commandButton id="submit" name="submit" type="submit" value="Login"> </h:commandButton>
</form>
Before the upgrade this was fine. Using Firebug I have compared the generated HTML between the times where I see console errors and times I don't.
Bad
Good
I believe I have applied all necessary updates such as removing old jar files (including removal of redundant Facelets 1.1.14, view handler references), updating RF code, XHTML page code and namespaces as well as web.xml and faces-config.xml updates.
One thing I do know is that when I comment out the following config I do not receive the error. So somehow this is interfering with the loading of resources on this page.
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
<dispatcher>INCLUDE</dispatcher>
</filter-mapping>
Any ideas how to resolve this? Apologies in advance if I have missed some vital information required in helping resolve this.
UPDATE 1: Images taken when loading page using Network tab on google chrome:
Bad
Good
UPDATE 2:
Good
Bad
Ok I found it (with some helpful pointers from BallusC). After the upgrade I had to update the security config in applicationContext.xml as follows:
<sec:http auto-config='true' pattern="/login.html*" security="none"/>
<sec:http pattern="/a4j/**" security="none"/>
<sec:http pattern="/css/**" security="none"/>
<sec:http pattern="/img/**" security="none"/>
<sec:http realm="name goes here">
<sec:form-login login-processing-url="/j_spring_security_check"
login-page="/login.html"
authentication-failure-url="/login.html?fail"
default-target-url="/main.html"
always-use-default-target="true"/>
<sec:logout logout-url="/logout.html"/>
<sec:intercept-url pattern="/login.html*" access="ROLE_USER"/>
<sec:intercept-url pattern="/a4j/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<sec:intercept-url pattern="/css/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<sec:intercept-url pattern="/img/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
</sec:http>
The root cause of my issue above was having the following entry in applicationContext.xml:
<sec:intercept-url pattern="/**" access="ROLE_USER"/>
- Math.Sin() gives incorrect value
- How to run my python script when the sunOS is start booting
- Express-session: not resetting cookie expiration on each request
- Getting a stack overflow exception when normalizing a vector
- Edit default summary function in R gives error for multiple variables
- What was a For loop? Why isn't it needed in R?
- How to use download button in shiny and save results in various formats (csv, texte, pdf, spss...)?
- Why are there two assignment operators, `<-` and `->` in R?
- lm()$assign: what is it?
- How to get the value of list(...) in R and S functions
- Design matrix for MLM from library(lme4) with fixed and random effects
- how to generate elements not included in my sample
- Create a matrix with gradually changing values without a for loop
- Emacs ESS and S-plus ( S+ ) 8.1 compatability
- How to lag date-index in a time-series in R?
- Nonlinear regression in R / S
- Calling R from S-Plus?