I'm using spring-security web authentication with spring-mvc, all is well so far, but now i am developing a mobile version of my application for that i have designed a different set of pages for mobile site which includes a different login page. now my i have problems configuring that
here's my applicationContext-security.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<http auto-config="true" lowercase-comparisons="false">
<intercept-url pattern="/images/**" filters="none" />
<intercept-url pattern="/Stylesheets/**" filters="none" />
<intercept-url pattern="/JavaScript/**" filters="none" />
<intercept-url pattern="/scripts/**" filters="none" />
<intercept-url pattern="/favicon.ico" access="ROLE_ANONYMOUS" />
<intercept-url pattern="/**" access="ROLE_USER,ROLE_ADMIN"/>
<intercept-url pattern="/mobile/**" access="ROLE_USER,ROLE_ADMIN"/>
<form-login login-page="/login.htm" authentication-success-handler-ref="customHandler"
authentication-failure-url="/login.htm?error=true" default-target-url="/home.htm"
login-processing-url="/j_security_check" />
<remember-me user-service-ref="userDAO" key="e37f4b31-0c46-11dd-bd0b-0800200c9a66"/>
</http>
<beans:bean id="customHandler" class="com.example.auth.AuthenticationHandler">
</beans:bean>
<authentication-manager>
<authentication-provider user-service-ref="userDAO">
<!--
TODO skipped to allow password emailing instead of password change and security
TODO question hell..
-->
<!-- <password-encoder ref="passwordEncoder"/> -->
</authentication-provider>
</authentication-manager>
</beans:beans>
now how can i have multiple login pages according to the different request, i mean if the pages of mobile folder than the user should be shown the mobile login page. i have seen similar questions on stackoverflow but those were login pages according to different roles, but in my case i want diff login for different pages.
hi, thanks for the solution it seems that it will work fine for me. i have now switched to spring security 3.1 but it is giving me an exception. can you please help me resolve this.
Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChain#4' while setting bean property 'sourceList' with key [4]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#4': Cannot create inner bean '(inner bean)' of type [org.springframework.security.web.authentication.logout.LogoutFilter] while setting constructor argument with key [1]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#6': Cannot resolve reference to bean 'org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices#0' while setting constructor argument with key [1]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices#0': Cannot create inner bean '(inner bean)' while setting bean property 'userDetailsService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#7': Initialization of bean failed; nested exception is org.springframework.beans.factory.BeanInitializationException: Property 'sessionFactory' is required for bean '(inner bean)#7'
If you have the posibility to switch t spring security 3.1, you can simply define 2 http elements 1. If you can not switch, you can not configure it fully via the namespace, but have to register an entry-point-ref and somd <sec:custom-filter> elements.