AlvaroFalcon
commented
7 years ago I'm facing the same problem, did you solve it?
Open flexguse opened 7 years ago
AlvaroFalcon
commented
7 years ago I'm facing the same problem, did you solve it?
flexguse
commented
7 years ago Hi Alvaro,
fortunately I found a workaround which differs from the docs.
I switched on Spring auto configuration for security and configured spring-security for allowed anonymous access to my application. With this configuration Spring seems to link the HTTP session with a SecurityContext.
In my Vaadin login-form I used VaadinSecurity to set the user's detail into the SecurityContext. After that I'm able to navigate between my views, after a page refresh with F5 the user is still authenticated.
To logout I used SecurityContextHolder.clearContext(); as the VaadinSecurity logout method did not work properly.
Hope that helps, Christoph
AlvaroFalcon
commented
7 years ago Yep it helped me a bit tbh, but I found out that my problem was a bit different but also found a fix for it, thanks for the help.
khauser
commented
6 years ago @AlvaroFalcon How did you fix this problem? I'm having the same issue, but no clue how to solve it..
Switching views is no Problem, but reloading. I do also have a INFO log entry like this: o.v.s.s.shared.PushSecurityInterceptor : Found no SecurityContextRepository in the application context, using HttpSessionSecurityContextRepository
chvndb
commented
6 years ago I have the same issue. I am using the keycloak spring adapter. When enabling Vaadin Push everything works, except security is somehow ignored. I also see the warning:
o.v.s.s.shared.PushSecurityInterceptor : Found no SecurityContextRepository in the application context, using HttpSessionSecurityContextRepository
zygimantus
commented
6 years ago Have you tried something like this in your UI class?:
@Override
protected void init(VaadinRequest vaadinRequest) {
// ...
if (vaadinSecurity.isAuthenticated()) {
setContent(adminView);
removeStyleName("loginView");
getNavigator().navigateTo(getNavigator().getState());
} else {
setContent(loginView);
addStyleName("loginView");
}
}
Hi everybody,
currently I face some trouble using managed VaadinSecurity.
My setup:
My application has several views which are managed by the Vaadin Navigator. One view is the admin-view for which a login is needed. I followed the sample application for managed security and I'm able to log-in. But when I switch to another view and back to the admin view, I have to re-login even if the HTTP Session was not closed.
I supposed some implementation error in the vaadin-spring-ext-security, so I created a simple custom service which sets the SecurityContext. This service was tried in @VaadinSessionScope and in singleton scope but it behaved like the vaadin-spring-ext-security and lost the user context after switching the view.
Maybe my issue is related to https://stackoverflow.com/questions/33541022/vaadin-springboot-integration-and-securitycontextholder-getcontext-is-null? Any thoughts?
Cheers, Christoph