I've deployed an application on Wildfly 10, that is working correctly on GlassFish, but I'm getting a blank page /<context_path>/j_security_check when I try to login.
I've looked some posts suggesting to include cache control request headers, but it didn't resolve the problem.
The logs do not show any kind of error or relevant information and I really don't know what to try next.
Has anyone experienced any similar issue?
EDIT 1 The authentication is working correctly. If, afterwards, I try to access a protected resource, I'm able to do so. It's just the redirect after the login that is not being triggered.
EDIT 2 The Request/Response dump:
----------------------------REQUEST---------------------------
URI=/ecc
characterEncoding=null
contentLength=-1
contentType=null
cookie=EPMSID=sfTmDLw92HjAhwfY7HUei5fzlUbwKjxUg3EhyTMk.d014349
header=Accept=text/html, application/xhtml+xml, */*
header=Connection=Keep-Alive
header=Accept-Language=pt-PT
header=Accept-Encoding=gzip, deflate
header=Cookie=EPMSID=sfTmDLw92HjAhwfY7HUei5fzlUbwKjxUg3EhyTMk.d014349
header=User-Agent=Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
header=Host=localhost:8443
locale=[pt_PT]
method=GET
protocol=HTTP/1.1
queryString=
remoteAddr=/127.0.0.1:62990
remoteHost=sibshare
scheme=https
host=localhost:8443
serverPort=8443
--------------------------RESPONSE--------------------------
contentLength=0
contentType=null
header=Connection=keep-alive
header=X-Powered-By=Undertow/1
header=Server=WildFly/10
header=Location=https://localhost:8443/ecc/
header=Content-Length=0
header=Date=Mon, 09 May 2016 08:18:33 GMT
status=302
==============================================================
2016-05-09 09:18:33,890 INFO [stdout] (default task-5) [DEBUG] ecc_src - NoCacheFilter:Initializing filter
2016-05-09 09:18:33,902 INFO [io.undertow.request.dump] (default task-5)
----------------------------REQUEST---------------------------
URI=/ecc/
characterEncoding=null
contentLength=-1
contentType=null
cookie=EPMSID=sfTmDLw92HjAhwfY7HUei5fzlUbwKjxUg3EhyTMk.d014349
header=Accept=text/html, application/xhtml+xml, */*
header=Connection=Keep-Alive
header=Accept-Language=pt-PT
header=Accept-Encoding=gzip, deflate
header=Cookie=EPMSID=sfTmDLw92HjAhwfY7HUei5fzlUbwKjxUg3EhyTMk.d014349
header=User-Agent=Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
header=Host=localhost:8443
locale=[pt_PT]
method=GET
protocol=HTTP/1.1
queryString=
remoteAddr=/127.0.0.1:62989
remoteHost=sibshare
scheme=https
host=localhost:8443
serverPort=8443
--------------------------RESPONSE--------------------------
contentLength=239
contentType=text/html
header=Expires=Thu, 01 Jan 1970 00:00:00 GMT
header=Cache-Control=no-cache, no-store, must-revalidate
header=X-Powered-By=Undertow/1
header=Server=WildFly/10
header=Pragma=no-cache
header=Accept-Ranges=bytes
header=Date=Mon, 09 May 2016 08:18:33 GMT
header=Connection=keep-alive
header=ETag=W/"239-1462554016000"
header=Last-Modified=Fri, 06 May 2016 17:00:16 GMT
header=Content-Type=text/html
header=Content-Length=239
status=200
==============================================================
2016-05-09 09:18:34,112 INFO [io.undertow.request.dump] (default task-6)
----------------------------REQUEST---------------------------
URI=/ecc/secure/home.jsf
characterEncoding=null
contentLength=-1
contentType=null
cookie=EPMSID=sfTmDLw92HjAhwfY7HUei5fzlUbwKjxUg3EhyTMk.d014349
header=Accept=text/html, application/xhtml+xml, */*
header=Connection=Keep-Alive
header=Accept-Language=pt-PT
header=Accept-Encoding=gzip, deflate
header=Cookie=EPMSID=sfTmDLw92HjAhwfY7HUei5fzlUbwKjxUg3EhyTMk.d014349
header=User-Agent=Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
header=Host=localhost:8443
locale=[pt_PT]
method=GET
protocol=HTTP/1.1
queryString=
remoteAddr=sibshare/127.0.0.1:62990
remoteHost=sibshare
scheme=https
host=localhost:8443
serverPort=8443
--------------------------RESPONSE--------------------------
contentLength=2897
contentType=text/html;charset=UTF-8
cookie=EPMSID=KcblRlqogTv4hCuVtjeL27onM3Nbp04k--DDZfnt.d014349; domain=null; path=/ecc
header=Expires=0
header=Expires=0
header=Cache-Control=no-cache, no-store, must-revalidate
header=Cache-Control=no-cache, no-store, must-revalidate
header=X-Powered-By=Undertow/1
header=Set-Cookie=EPMSID=KcblRlqogTv4hCuVtjeL27onM3Nbp04k--DDZfnt.d014349; path=/ecc; secure; HttpOnly
header=Server=WildFly/10
header=Pragma=no-cache
header=Pragma=no-cache
header=Date=Mon, 09 May 2016 08:18:34 GMT
header=Connection=keep-alive
header=Content-Type=text/html;charset=UTF-8
header=Content-Length=2897
status=200
==============================================================
2016-05-09 09:18:44,841 INFO [io.undertow.request.dump] (default task-13)
----------------------------REQUEST---------------------------
URI=/ecc/j_security_check
characterEncoding=null
contentLength=68
contentType=[application/x-www-form-urlencoded]
cookie=EPMSID=KcblRlqogTv4hCuVtjeL27onM3Nbp04k--DDZfnt.d014349
header=Accept=text/html, application/xhtml+xml, */*
header=Accept-Language=pt-PT
header=Cache-Control=no-cache
header=Accept-Encoding=gzip, deflate
header=User-Agent=Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
header=Connection=Keep-Alive
header=Content-Type=application/x-www-form-urlencoded
header=Content-Length=68
header=Cookie=EPMSID=KcblRlqogTv4hCuVtjeL27onM3Nbp04k--DDZfnt.d014349
header=Referer=https://localhost:8443/ecc/secure/home.jsf
header=Host=localhost:8443
locale=[pt_PT]
method=POST
protocol=HTTP/1.1
queryString=
remoteAddr=sibshare/127.0.0.1:62993
remoteHost=sibshare
scheme=https
host=localhost:8443
serverPort=8443
--------------------------RESPONSE--------------------------
contentLength=0
contentType=null
cookie=EPMSID=JtIoopj1u-p_Ko95XwYi45HqkdzNBVRxSklVFQEL.d014349; domain=null; path=/ecc
header=Expires=0
header=Cache-Control=no-cache, no-store, must-revalidate
header=X-Powered-By=Undertow/1
header=Set-Cookie=EPMSID=JtIoopj1u-p_Ko95XwYi45HqkdzNBVRxSklVFQEL.d014349; path=/ecc; secure; HttpOnly
header=Server=WildFly/10
header=Pragma=no-cache
header=Date=Mon, 09 May 2016 08:18:44 GMT
header=Connection=keep-alive
header=Content-Length=0
status=200
==============================================================
I eventually figured out what is wrong. In my login page I've the following listener configured for invalidating the active session:
<f:metadata>
<f:event type="preRenderView" listener="#{manager.invalidateActiveSession}" />
</f:metadata>
This listener simply invalidates the session (if it exists):
HttpSession session = (HttpSession) FacesContext.getCurrentInstance().getExternalContext().getSession(false);
if (session != null ) {
synchronized( session ) {
session.invalidate();
}
}
And this is what is causing the strange behavior. This same code works fine on GlassFish. I've changed the code to, additionally, verify if the Principal is also not null.