i have problem spring security, try redirect login page when user session expired doesn't work. , got message when user session expired in jsp page:
etat http 500 - request processing failed; nested exception java.lang.nullpointerexception
type rapport d''exception
message request processing failed; nested exception java.lang.nullpointerexception
description le serveur rencontré une erreur interne qui l''a empêché de satisfaire la requête.
exception org.springframework.web.util.nestedservletexception: request processing failed; nested exception java.lang.nullpointerexception org.springframework.web.servlet.frameworkservlet.processrequest(frameworkservlet.java:973) org.springframework.web.servlet.frameworkservlet.doget(frameworkservlet.java:852) javax.servlet.http.httpservlet.service(httpservlet.java:620) org.springframework.web.servlet.frameworkservlet.service(frameworkservlet.java:837) javax.servlet.http.httpservlet.service(httpservlet.java:727) org.apache.tomcat.websocket.server.wsfilter.dofilter(wsfilter.java:52) org.springframework.security.web.filterchainproxy$virtualfilterchain.dofilter(filterchainproxy.java:330) org.springframework.security.web.access.intercept.filtersecurityinterceptor.invoke(filtersecurityinterceptor.java:118) org.springframework.security.web.access.intercept.filtersecurityinterceptor.dofilter(filtersecurityinterceptor.java:84) org.springframework.security.web.filterchainproxy$virtualfilterchain.dofilter(filterchainproxy.java:342) org.springframework.security.web.access.exceptiontranslationfilter.dofilter(exceptiontranslationfilter.java:113) org.springframework.security.web.filterchainproxy$virtualfilterchain.dofilter(filterchainproxy.java:342) org.springframework.security.web.session.sessionmanagementfilter.dofilter(sessionmanagementfilter.java:103) org.springframework.security.web.filterchainproxy$virtualfilterchain.dofilter(filterchainproxy.java:342)
this spring-security.xml:
`
<security:access-denied-handler error-page="/403"/> <security:session-management session-fixation-protection="none"> <security:concurrency-control expired-url="/login?login_error=2" /> </security:session-management> <security:intercept-url pattern="/" access="hasanyrole('role_user','role_admin','role_rh')" /> <security:intercept-url pattern="/choix" access="hasanyrole('role_user','role_admin','role_rh')" /> <security:intercept-url pattern="/list" access="hasanyrole('role_admin','role_rh')" /> <security:intercept-url pattern="/listdemandeconge" access="hasrole('role_user','role_rh','role_admin')" /> <security:intercept-url pattern="/addcategorie" access="hasrole('role_achat')" /> <security:form-login login-page="/login" login-processing-url="/login.do" default-target-url="/" always-use-default-target="true" username-parameter="username" password-parameter="password" authentication-failure-url="/login?error=1"/> </security:http> <security:authentication-manager> <security:authentication-provider> <security:password-encoder hash="md5"></security:password-encoder> <security:jdbc-user-service data-source-ref="datasource" users-by-username-query="select login, password, case enabled when 'active' 'true' else 'false' end 'enabled' utilisateur login=?" authorities-by-username-query="select us.login, ur.libelle_profil utilisateur us, profil ur us.id_utilisateur = ur.id_utilisateur , us.login =? " /> </security:authentication-provider> </security:authentication-manager> `
Comments
Post a Comment