Form based authentication and Vaadin7 UIDL

Vaadin 6 / 7 / 8
1

With Vaadin6 I have been using a form based authentication defined in the web.xml file. Since the Vaadin application was not mapped to the root, I also had to add a mapping for “/VAADIN/*” in order to have it working.

The problem is that it seems that, since Vaadin7, the UIDL requests seem to go trough the path “/UIDL/". I tried adding a mapping to it like I had to do with "/VAADIN/”, but it seems that UIDL queries get the start HTML page of Vaadin instead of the expected UIDL response.

Here is a digest version of the web.xml file I tried to use:

<welcome-file-list>
    <welcome-file>index.jsp</welcome-file>
  </welcome-file-list>
  <servlet>
    <servlet-name>VaadinTestApp</servlet-name>
    <servlet-class>com.vaadin.server.VaadinServlet</servlet-class>
    <init-param>
      <description>Vaadin entry point</description>
      <param-name>UI</param-name>
      <param-value>test.vaadin.VaadinTestApp</param-value>
    </init-param>
    <init-param>
      <description>Vaadin widgetset</description>
      <param-name>widgetset</param-name>
      <param-value>test.vaadin.VaadinTestAppWidgetSet</param-value>
    </init-param>
  </servlet>
  <servlet-mapping>
    <servlet-name>VaadinTestApp</servlet-name>
    <url-pattern>/VaadinTestApp/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
    <servlet-name>VaadinTestApp</servlet-name>
    <url-pattern>/VAADIN/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
    <servlet-name>VaadinTestApp</servlet-name>
    <url-pattern>/UIDL/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
    <servlet-name>VaadinTestApp</servlet-name>
    <url-pattern>/index.jsp</url-pattern>
  </servlet-mapping>
  <security-constraint>
    <web-resource-collection>
      <web-resource-name>vaadinPages</web-resource-name>
      <url-pattern>/VaadinTestApp</url-pattern>
      <url-pattern>/VAADIN/*</url-pattern>
      <url-pattern>/UIDL/*</url-pattern>
      <url-pattern>/index.jsp</url-pattern>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
      <role-name>testUser</role-name>
    </auth-constraint>
    <user-data-constraint>
      <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
  </security-constraint>
  <login-config>
    <auth-method>FORM</auth-method>
    <realm-name>test_web</realm-name>
    <form-login-config>
      <form-login-page>/WEB-INF/login.jsp</form-login-page>
      <form-error-page>/WEB-INF/login.jsp?errorHappened=true</form-error-page>
    </form-login-config>
  </login-config>

Does anyone has the same problem and is there a particular reason why UIDL requests need their own dedicated mapping?

2

Any one can help, coz after migrating from v6 we have the same problem.

3

I don’t fully see the problem. Using a web.xml containing

<servlet-mapping>
	<servlet-name>VaadinTestApp</servlet-name>
	<url-pattern>/VaadinTestApp/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
	<servlet-name>VaadinTestApp</servlet-name>
	<url-pattern>/VAADIN/*</url-pattern>
</servlet-mapping>

works just fine when opening http://localhost:8080/contextpath/VaadinTestApp/. The UIDL requests go as expected to /contextpath/VaadinTestApp/UIDL