I have a Java EE 6 web application running on JBoss 7.1.1 that contains some pages that require authentication, and many of them do not work. For authenticated pages, I use Servlet 3.0 Programmatic Security, as described in this previous post .
In my web.xml, I have the following entry
<login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/login</form-login-page> <form-error-page>/loginError</form-error-page> </form-login-config> </login-config>
and in my Login class, I have a method annotated with @PostConstruct where the requested page is requested: String previousURL = (String) FacesContext.getCurrentInstance().getExternalContext().getRequestMap().get(RequestDispatcher.FORWARD_QUERY_STRING)
However, he evaluates the / login page, not the page requested by the user, and was then sent by JBoss because of the login.web configuration settings in web.xml. As a result, when I redirect to the previous URL, it simply returns me to the login page, and not to the page that the user clicked on at first. What am I doing wrong?
Anand source share