I'm wondering why my code doesn't work at random when I try to login but when I close the browser and recompile the code,it will work like normal.
The error usually come when I logout after successfully login, then when I try to re login this error come out in chrome:
Request method 'POST' not supported
When I try to open in IE,this come Out:
(HTTP 405 Method Not Allowed)
in console error:
org.springframework.web.servlet.PageNotFound - Request method 'POST' not supported
org.springframework.web.servlet.mvc.support.DefaultHandlerExceptionResolver - Handler execution resulted in exception: Request method 'POST' not supported
this is my SecurityConfig:
.formLogin()
.loginProcessingUrl( "/login" )
.loginPage( "/login.do" )
.defaultSuccessUrl( "/",true )
.failureUrl( "/login.do?error" )
.usernameParameter( "username" )
.passwordParameter( "password" )
.permitAll()
.and()
If you need any code,just tell me.
Added @RequestMapping:
private static final Logger logger = LoggerFactory.getLogger(LoginController.class);
@RequestMapping(value = {"/login.do" }, method ={ RequestMethod.GET,RequestMethod.POST})
public ModelAndView login(
@RequestParam(value = "error", required = false) String error,
@RequestParam(value = "logout", required = false) String logout,
@RequestParam(value = "timeout", required = false) String timeout,
@RequestParam(value = "expired", required = false) String expired,
@RequestParam(value = "invalid", required = false) String invalid,
HttpServletRequest request,
HttpServletResponse response) {
HttpSession session = request.getSession(false);
if (session != null) {
sessionClear(request, response);
}
Context context;
try {
context = new InitialContext();
DataSource ds = (DataSource) context.lookup("jndi/CMS");
Connection c = ds.getConnection();
Statement stmt = c.createStatement();
} catch (NamingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
ModelAndView model = new ModelAndView();
if (error != null) {
model.addObject("error", "Invalid username and password!");
}
if (logout != null) {
model.addObject("msg", "You've been logged out successfully.");
}
if (expired != null) {
model.addObject("exp", "You've been logged out due to expired.");
}
model.setViewName("log_in");
logger.trace("this is trace");
logger.debug("This is a debug");
logger.info("this is info");
logger.warn("This is warn");
logger.error("This is error");
return model;
}
Update: I realize if I compile and login in new window,its always work as normal,but if I recompile the code and execute in new tab,the error will trigger.
For some reason,the problem has been solve. I have change back my spring security to use /logout URL to invalidate session in spring security. Before this i use :
SecurityContextHolder.getContext().setAuthentication(null);
try {
request.logout();
} catch (ServletException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
request.getSession().invalidate();
to invalidate session,then when i change to logout base on spring security which is either /j_spring_security_logout or /logout,the problem seem to solve.Maybe my programmatically logout cannot logout and invalidate session properly.
Thanks for help.