I am having some problems with apache shiro, it authenticate the user but when I try to redirect it keeps sending me back to the login page.
Here is my shiro.ini file:
[main]
authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
authc.loginUrl = /pages/login-portal.xhtml
authc.successUrl = /pages/dashboard/portal-dashboard.xhtml
roles.unauthorizedUrl = /unauthorized.xhtml
ssl.enabled = false
# Use default password matcher (SHA-256, 500000 hash iterations)
passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher
# JDBC Realm
jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
# Configure JDBC realm datasource.
dataSource = org.postgresql.ds.PGSimpleDataSource
dataSource.serverName = localhost
dataSource.databaseName = portal
dataSource.portNumber = 5432
dataSource.user = postgres
dataSource.password = postgres
jdbcRealm.dataSource = $dataSource
# Configure JDBC realm SQL queries.
jdbcRealm.authenticationQuery = SELECT pass FROM tb_users WHERE login = ?
jdbcRealm.userRolesQuery = SELECT description FROM tb_role r INNER JOIN tb_users u ON u.role = r.role_id and login = ?
jdbcRealm.permissionsLookupEnabled = false
#jdbcRealm.permissionsQuery = SELECT permission_name FROM ROLES_PERMISSIONS WHERE role_name = ?
#jdbcRealm.credentialsMatcher = $passwordMatcher
jdbcRealm.dataSource = $dataSource
securityManager.realms = $jdbcRealm
[users]
admin = secret
[urls]
/javax.faces.resource/** = anon
/login-portal.xhtml = authc
/** = authc, roles[admin]
My login page:
<h:form>
<span class="label-input">Usuário</span>
<br/>
<p:inputText id="login" styleClass="large-input" value="#{loginPortalBean.login}" style="font-family:'Roboto', sans serif,'FontAwesome'"/>
<p:watermark for="login" value="" />
<br/>
<span class="label-input">Senha</span>
<br/>
<p:password id="senha" styleClass="large-input" value="#{loginPortalBean.senha}" style="font-family:'Trebuchet MS','FontAwesome'" />
<p:watermark for="senha" value="" />
<br/>
<p:commandButton id="bt" styleClass="large-button" value="Entrar" action="#{loginPortalBean.doLogin}"
ajax="false" />
<p:messages id="messages" showDetail="false" autoUpdate="true" closable="true" />
</h:form>
And the login method:
public void doLogin () {
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(getLogin().trim(), getSenha().trim());
try {
subject.login(token);
FacesContext.getCurrentInstance().getExternalContext().redirect("/Portal/pages/dashboard/portal-dashboard.xhtml");
} catch (UnknownAccountException ex) {
facesError("Esse usuário não existe");
log.error(ex.getMessage(), ex);
}
catch (IncorrectCredentialsException ex) {
facesError("Senha incorreta");
log.error(ex.getMessage(), ex);
}
catch (LockedAccountException ex) {
facesError("Usuário Bloqueado");
log.error(ex.getMessage(), ex);
}
catch (AuthenticationException | IOException ex) {
facesError("Erro desconhecido: " + ex.getMessage());
log.error(ex.getMessage(), ex);
}
finally {
token.clear();
}
}
Can anyone help me with this? I looked other questions like this but I couldn't fix it. Thanks in advance.
Aucun commentaire:
Enregistrer un commentaire