An issue came up when I’m trying to integrate my Vaadin based web applications with CAS 3.5.1 using Spring Security 3.0.5. Everything works fine locally on my Windows machine, but when I tried on Linux machine, Vaadin started to complain about com.aversan.ontario.cip.tmi.widgetset.TMIWidgetset.nocache.js widgetset load failed error (javascript alert). I tested this on IE, Firefox and Chrome and found out that this problem is only happening on IE. Please help!
I noticed that CAS was trying to validate all the resources (js, css, and images) that Vaadin is trying to load on startup. So, I had to change the Spring Security configuration to not to validate against CAS.
Before:
<bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy">
<sec:filter-chain-map path-type="ant">
<sec:filter-chain pattern="/" filters="casAuthenticationFilter,casValidationFilter,wrappingFilter,sif,j2eePreAuthFilter,etf,fsi" />
<sec:filter-chain pattern="/j_spring_security_logout" filters="logoutFilter,etf,fsi" />
<sec:filter-chain pattern="/**" filters="casAuthenticationFilter,casValidationFilter,wrappingFilter,sif,j2eePreAuthFilter,logoutFilter,etf,fsi" />
</sec:filter-chain-map>
</bean>
After:
<bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy">
<sec:filter-chain-map path-type="ant">
<sec:filter-chain pattern="/" filters="casAuthenticationFilter,casValidationFilter,wrappingFilter,sif,j2eePreAuthFilter,etf,fsi" />
<sec:filter-chain pattern="/j_spring_security_logout" filters="logoutFilter,etf,fsi" />
<sec:filter-chain pattern="**/VAADIN/**" filters="none" />
<sec:filter-chain pattern="**/APP/**" filters="none" />
<sec:filter-chain pattern="**/UIDL*" filters="none" />
<sec:filter-chain pattern="/**" filters="casAuthenticationFilter,casValidationFilter,wrappingFilter,sif,j2eePreAuthFilter,logoutFilter,etf,fsi" />
</sec:filter-chain-map>
</bean>
I’m wondering if there a timeout setting in Vaadin if the page load is slow?