3

Since I switched to Vaadin 20.0.1 (from v18.0.2) EACH time after I log into my application I first get a page that displays:

self.additionalManifestEntries = [
{ url: 'icons/icon-144x144.png', revision: '-1456135562' },
{ url: 'icons/icon-192x192.png', revision: '-1333786034' },
{ url: 'icons/icon-512x512.png', revision: '1931390955' },
{ url: 'icons/icon-16x16.png', revision: '-1417519116' },
{ url: 'icons/icon-32x32.png', revision: '-2087744108' },
{ url: 'offline-stub.html', revision: '203115787' },
{ url: 'manifest.webmanifest', revision: '1979121418' },
{ url: './styles/offline.css', revision: '1252570030' },
{ url: './images/offline.png', revision: '1252570030' }
];

I then need to reload the URL. This time (since I am already logged in) it directly brings me to my application's entry page and from then on things work ok. I also noted that this happens only for the very first login (i.e. the first user that logs in) and the URL shown is: http://localhost:8080/sw-runtime-resources-precache.js.

But what is the above trying to convey to me? Why is this appearing? And - since it's annoying: how can I tell this to "get lost!" `

Later addendum, since the code snippet is too long for a comment:

My current implementation (which I copied from some Vaadin example) reads like this:


import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.web.savedrequest.HttpSessionRequestCache;

class CustomRequestCache extends HttpSessionRequestCache
{
    @Override
    public void saveRequest(HttpServletRequest request, HttpServletResponse response) {
        if (!SecurityUtils.isFrameworkInternalRequest(request)) {
            /* Saves unauthenticated requests so we can redirect the user to the page they were trying to access once they’re logged in: */
            super.saveRequest(request, response);
        }
    }
}

Later addition: this bug/effect resurfaced with v22. I thus adapted the title of the question.

mmo
  • 3,897
  • 11
  • 42
  • 63

1 Answers1

3

This is most likely caused by the request cache in Spring Security which keeps track of the last request that happened before showing the login view and then assumes that the user wants to continue from there after logging in. The problem is that this particular request is an internal feature of the newly introduce offline support rather than a request that the user itself is interested in.

Vaadin 20 also introduced a VaadinWebSecurityConfigurerAdapter class that you might want to either use directly, or alternatively you could just use the same kind of logic that it uses through the VaadinDefaultRequestCache class (or directly use that class).

Leif Åstrand
  • 7,820
  • 13
  • 19
  • I added my current implementation of the request cache to my question above. This implementation (which I copied from a Vaadin example) only caches requests that are *not* framework internal requests. Could it be that requests do not have that flag set any more? What would be the alternative solution to exclude such requests like `.../sw-runtime-resources-precache.js`? I searched for info on `VaadinWebSecurityConfigurerAdapter` that you mentioned but I found only this: https://stackoverflow.com/questions/67500144/what-happened-to-vaadinwebsecurityconfigureradapter-in-vaadin-19. Not much help. – mmo Jun 22 '21 at 11:09
  • Re-reading your comment I finally understood what I need to do: I simple have to replace my above `CustomRequestCache` with the `VaadinDefaultRequestCache` that you mentioned. Everything working dandy again now! :-) Thanks for the hint! – mmo Jun 22 '21 at 14:04
  • I see how my reference to `VaadinDefaultRequestCache` might have been a little vague. I tried rephrasing it so that it might be clearer for anyone else who reads this. – Leif Åstrand Jun 22 '21 at 14:46
  • 1
    I just updated to v22 and now I am getting this same page again after logging in! :-( Any idea what could be causing it this time? I *do* of course now use the `VaadinWebSecurityConfigurerAdapter` described/suggested above. I didn't see anything in the release notes re. this or that I should again switch to some new class or similar. Any hint? – mmo Dec 20 '21 at 20:24