jeudi 5 octobre 2017

Apache Shiro redirects me to login page after successful authentication

I am having some problems with apache shiro, it authenticate the user but when I try to redirect it keeps sending me back to the login page.

Here is my shiro.ini file:

[main]
authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter

authc.loginUrl = /pages/login-portal.xhtml
authc.successUrl = /pages/dashboard/portal-dashboard.xhtml
roles.unauthorizedUrl = /unauthorized.xhtml

ssl.enabled = false

# Use default password matcher (SHA-256, 500000 hash iterations)
passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher

# JDBC Realm
jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm

# Configure JDBC realm datasource.
dataSource = org.postgresql.ds.PGSimpleDataSource
dataSource.serverName = localhost
dataSource.databaseName = portal
dataSource.portNumber = 5432
dataSource.user = postgres
dataSource.password = postgres
jdbcRealm.dataSource = $dataSource


# Configure JDBC realm SQL queries.
jdbcRealm.authenticationQuery = SELECT pass FROM tb_users WHERE login = ?
jdbcRealm.userRolesQuery = SELECT description FROM tb_role r INNER JOIN tb_users u ON u.role = r.role_id and login = ?
jdbcRealm.permissionsLookupEnabled = false
#jdbcRealm.permissionsQuery = SELECT permission_name FROM ROLES_PERMISSIONS WHERE role_name = ?
#jdbcRealm.credentialsMatcher = $passwordMatcher
jdbcRealm.dataSource = $dataSource

securityManager.realms = $jdbcRealm

[users]
admin = secret



 [urls]
/javax.faces.resource/** = anon
/login-portal.xhtml = authc
/** = authc, roles[admin]

My login page:

<h:form>
                        <span class="label-input">Usuário</span>
                        <br/>
                        <p:inputText id="login" styleClass="large-input" value="#{loginPortalBean.login}" style="font-family:'Roboto', sans serif,'FontAwesome'"/>
                        <p:watermark for="login" value="&#xf007;" />
                        <br/>
                        <span class="label-input">Senha</span>
                        <br/>
                        <p:password id="senha" styleClass="large-input" value="#{loginPortalBean.senha}" style="font-family:'Trebuchet MS','FontAwesome'" />
                        <p:watermark for="senha" value="&#xf023;" />
                        <br/>
                        <p:commandButton id="bt" styleClass="large-button" value="Entrar" action="#{loginPortalBean.doLogin}"
                            ajax="false" />
                        <p:messages id="messages" showDetail="false" autoUpdate="true" closable="true" />
</h:form>

And the login method:

public void doLogin () {
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken(getLogin().trim(), getSenha().trim());

        try {
            subject.login(token);
            FacesContext.getCurrentInstance().getExternalContext().redirect("/Portal/pages/dashboard/portal-dashboard.xhtml");

        } catch (UnknownAccountException ex) {
            facesError("Esse usuário não existe");
            log.error(ex.getMessage(), ex);
        }
        catch (IncorrectCredentialsException ex) {
            facesError("Senha incorreta");
            log.error(ex.getMessage(), ex);
        }
        catch (LockedAccountException ex) {
            facesError("Usuário Bloqueado");
            log.error(ex.getMessage(), ex);
        }
        catch (AuthenticationException | IOException ex) {
            facesError("Erro desconhecido: " + ex.getMessage());
            log.error(ex.getMessage(), ex);
        }
        finally {
            token.clear();
        }
}

Can anyone help me with this? I looked other questions like this but I couldn't fix it. Thanks in advance.




Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)