SEC-1404: Expression not expanded in intercept-url pattern #1649

Closed
spring-issuemaster opened this Issue Feb 9, 2010 · 5 comments

1 participant

@spring-issuemaster

Johann Vanackere (Migrated from SEC-1404) said:

Expression is not expanded in intercept-url pattern.

Here is my configuration :

    <security:http>
        <security:form-login login-page="${security.admin.loginPageUrl}" login-processing-url="${security.admin.loginProcessingUrl}" default-target-url="${security.admin.loginTargetUrl}" always-use-default-target="true" />
        <security:intercept-url pattern="${security.admin.loginPageUrl}" filters="none" />
        <security:intercept-url pattern="/restricted/**" access="ROLE_ADMIN" />
        <security:intercept-url pattern="/**" access="ROLE_USER" />
    </security:http>

and the error I get :

org.springframework.beans.factory.BeanDefinitionStoreException: Invalid bean definition with name 'org.springframework.security.filterChainProxy' defined in null: Could not resolve placeholder 'security.admin.loginpageurl'

The same expression works well in form-login#login-page attribute, but not in intercept-url#pattern attribute.

@spring-issuemaster

Johann Vanackere said:

Sorry for the formatting, my corporate issue tracker uses ```
for code samples.

By the way, I have the same issue using Spring Security 3.0.1

@spring-issuemaster

Luke Taylor said:

We already have unit tests in place which check that placeholders work in intercept-url element patterns. Then only thing I could see that was different in your code is that you are using filters="none". Hoever, I've modified the test to also do this and it still passes.

Could you check you are definitely using an up-to-date versions and if possible check with a nightly snapshot.

@spring-issuemaster

Johann Vanackere said:

If I replace :

with :

everything works fine.

I'm using the lastest release version (3.0.1), I will check with nightly as soon as possible.

@spring-issuemaster

Luke Taylor said:

Ah, hang on. It looks like it may be a case sensitivity issue. I will investigate. In the meantime, switching your property names to lower case will probably solve the issue. It is also only a problem with filters="none".

@spring-issuemaster

Luke Taylor said:

Should now be fixed in trunk.

@spring-issuemaster spring-issuemaster added this to the 3.0.2 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment