spring security + sitemesh 적용시 filter 순위

전자정부프레임워크에 sitemesh 를 적용시키고 나서 

sitemesh가 적용된 화면에서 EgovUserDetailsHelper.isAuthenticated() 를 조회하면 계속 false 로

로그인안한 사용자로 간주해버려서 이리 저리 수정하다가 결국 filter 순서인걸 알았다

sitemesh 를 최상단에 위치하게 뒀는데 이것때문에 spring security filter 랑 꼬여서 안됬나보다.

위치를 바꾸니까 간단하게 해결. 

    <filter>

        <filter-name>springSecurityFilterChain</filter-name>

        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>

    </filter>

    <filter-mapping>

        <filter-name>springSecurityFilterChain</filter-name>

        <url-pattern>/*</url-pattern>

    </filter-mapping>

    <filter>

        <filter-name>sitemesh</filter-name>

        <filter-class>com.opensymphony.sitemesh.webapp.SiteMeshFilter</filter-class>

    </filter>    

    <filter-mapping>

        <filter-name>sitemesh</filter-name>

        <url-pattern>/*</url-pattern>

    </filter-mapping>        

    <filter>

        <filter-name>CharacterEncodingFilter</filter-name>

        <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>

        <init-param>

            <param-name>encoding</param-name>

            <param-value>UTF-8</param-value>

        </init-param>

        <init-param>

            <param-name>forceEncoding</param-name>

            <param-value>true</param-value>

        </init-param>

    </filter>

    <filter-mapping>

        <filter-name>CharacterEncodingFilter</filter-name>

        <url-pattern>/*</url-pattern>

    </filter-mapping>   

layout 예시는 아래와 같이....

<spring:url value="/static/j_spring_security_logout?spring-security-redirect=/xxxx_login" var="logout"/>

<div id="head">

<h1><img src="<spring:url value="/resources"/>/images/admin/logo.gif" /></h1>

<div class="toputil">

<p><b><sec:authorize access="hasRole('ROLE_ADMIN')">+</sec:authorize><sec:authentication property="principal.username"/></b>님 접속하셨습니다.</p>

<ul>

<li class="fir"><a href="${logout}">로그아웃</a></li>

</ul>

</div>