小贝子编程

弹簧安全不起作用.我做错了什么



正如标题所示,我在简单的 Spring 安全测试中遇到了一些小问题。这是我的项目结构(maven webapp 2.5):

main
 java
   de
     cochu
       spring
         controller
           HomeController
webapp
  WEB-INF
    jsp
      home.jsp
      index.jsp
    security-context.xml
    spring-servlet.xml
    web.xml

网络.xml:

<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>
        /WEB-INF/security-context.xml
    </param-value>
</context-param>
<filter>
    <filter-name>filterChainProxy</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
    <filter-name>filterChainProxy</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
    <servlet-name>spring</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
    <servlet-name>spring</servlet-name>
    <url-pattern>/spring/*</url-pattern>
</servlet-mapping>

弹簧奴仆.xml

<context:annotation-config/>
<context:component-scan base-package="de.cochu.spring.controller"/>
<bean id="internalViewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
    <property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/>
    <property name="prefix" value="/WEB-INF/jsp/"/>
    <property name="suffix" value=".jsp"/>
</bean>

安全上下文.xml

<security:http auto-config="true" use-expressions="true">
    <security:intercept-url pattern="/**" access="ROLE_USER"/>
</security:http>
<security:authentication-manager>
    <security:authentication-provider>
        <security:user-service>
            <security:user name="test" password="test" authorities="ROLE_USER"/>
        </security:user-service>
    </security:authentication-provider>
</security:authentication-manager>

首页控制器.java

@Controller
@RequestMapping( "/" )
public class HomeController {
    @RequestMapping( method = RequestMethod.GET )
    public String show() {
        return "index";
    }
    @RequestMapping( value = "/secure", method = RequestMethod.GET )
    public String secure() {
        return "home";
    }
}

确切的问题:没有打开登录表单或任何内容。它只显示页面。我尝试了几乎所有的网址模式组合/拦截网址组合,但没有反应。怎么了?

FilterChainProxy bean 注册为别名springSecurityFilterChain因此请尝试修改您的 web.xml并更改此

<filter>
    <filter-name>filterChainProxy</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

对此

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

这是我通常使用的配置(使用 spring security 3.1.0.RELEASE)

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium