我已经使用弹簧安全性来验证我的应用程序。配置应用程序后,我什至无法查看登录页面。我为登录页面提供了匿名访问,因此可以直接访问。但是当我访问登录页面时,它返回404错误,因此我无法使用该应用程序。我已经使用了 JDBC 身份验证,并且我正在通过导入另一个 xml 来获取所需的 bean。
豆类.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns = "http://www.springframework.org/schema/beans"
xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation = "http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd">
<bean id = "dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name = "driverClassName" value = "com.mysql.jdbc.Driver"/>
<property name = "url" value = "jdbc:mysql://localhost:3306/Employee_Management"/>
<property name = "username" value = "root"/>
<property name = "password" value = "root"/>
</bean>
<bean id = "transactionManager"
class = "org.springframework.jdbc.datasource.DataSourceTransactionManager">
<property name = "dataSource" ref = "dataSource" />
</bean>
<bean id = "employeeJDBCTemplate" class = "com.utility.EmployeeJDBCTemplate">
<property name = "dataSource" ref = "dataSource" />
<property name = "transactionManager" ref = "transactionManager"/>
</bean>
</beans>
弹簧安全.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<beans:import resource="Beans.xml"/>
<http entry-point-ref="loginUrlAuthenticationEntryPoint" auto-config="true" authentication-manager-ref="authenticationManager">
<intercept-url pattern="/j_spring_security_check" access="isAnonymous()"/>
<intercept-url pattern="/login" access="isAnonymous()"/>
<intercept-url pattern="/welcome" access="hasRole('ROLE_ADMIN')"/>
<form-login login-processing-url="/j_spring_security_check" login-page="/login" default-target-url="/welcome"
authentication-failure-url="/login?error" username-parameter="username"
password-parameter="password" />
<logout logout-url="/j_spring_security_logout" invalidate-session="true" logout-success-url="/login?logout"/>
</http>
<beans:bean id="employeeAuthenticationProvider" class="com.authentication.EmployeeAuthenticationProvider">
<beans:property name="employeeJDBCTemplate" ref="employeeJDBCTemplate" />
</beans:bean>
<authentication-manager alias="authenticationManager">
<authentication-provider ref="employeeAuthenticationProvider"/>
</authentication-manager>
<beans:bean id="loginUrlAuthenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
<beans:constructor-arg value="/login"/>
</beans:bean>
</beans:beans>
员工管理.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns = "http://www.springframework.org/schema/beans"
xmlns:context = "http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation = "http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc.xsd">
<mvc:annotation-driven />
<mvc:default-servlet-handler/>
<context:component-scan base-package = "com.controller" />
<bean class = "org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name = "prefix" value = "/WEB-INF/jsp/" />
<property name = "suffix" value = ".jsp" />
</bean>
</beans>
员工控制.java
package com.controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;
public class EmployeeController {
@RequestMapping(value = {"/", "/welcome"}, method = RequestMethod.GET)
public ModelAndView welcome() {
ModelAndView model = new ModelAndView();
model.addObject("title", "This is welcome page");
model.addObject("message", "Welcome to Employee Management");
model.setViewName("hello");
return model;
}
@RequestMapping(value = "/login", method = RequestMethod.GET)
public ModelAndView login(
@RequestParam(value = "error", required = false)String error,
@RequestParam(value = "logout", required = false)String logout) {
System.out.println("Show login page");
ModelAndView model = new ModelAndView();
if (error != null) {
model.addObject("error", "Invalid username and password");
}
if (logout != null) {
model.addObject("msg", "Logged out successfully");
}
model.setViewName("login");
return model;
}
}
尝试将配置更改为
<intercept-url pattern="/login*" access="permitAll" />
将两个控制器文件合并到单个文件时,我错过了控制器文件中的@Controller注释,这导致了登录页面的 404 错误。