我写了一个小应用程序来学习java配置在春天,因为我已经被同行唠叨了一段时间,现在升级我们的应用程序;-),一个简单的待办事项列表应用程序,它有安全和web mvc配置,JPA用于持久化,所有通过java配置。我在尝试运行应用程序时面临一个问题。安全配置和JPA等工作良好,但我得到一个空视图后,成功拦截受保护的url
主web应用程序初始化器类扩展了AbstractAnnotationConfigDispatcherServletInitializer
public class WiggleWebApplicationInitializer extends
AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class<?>[] getRootConfigClasses() {
return new Class<?>[] { WiggleApplicationConfig.class };
}
@Override
protected Class<?>[] getServletConfigClasses() {
return new Class<?>[] { WiggleWebAppConfig.class };
}
@Override
protected String[] getServletMappings() {
return new String[] { "/" };
}
@Override
protected void registerDispatcherServlet(ServletContext servletContext) {
super.registerDispatcherServlet(servletContext);
servletContext.addListener(new HttpSessionEventPublisher());
}
@Override
protected Filter[] getServletFilters() {
CharacterEncodingFilter characterEncodingFilter = new CharacterEncodingFilter();
characterEncodingFilter.setEncoding("UTF-8");
characterEncodingFilter.setForceEncoding(true);
return new Filter[] { characterEncodingFilter };
}
}
WiggleApplicationConfig导入安全、JPA和社会
@Configuration
@ComponentScan(basePackages = { "wiggle.app.services.*" })
@Import({ WigglePersistenceConfig.class, WiggleSecurityConfig.class,
WiggleSocialConfig.class })
public class WiggleApplicationConfig {
@Bean
public DateFormat dateFormat() {
return new SimpleDateFormat("dd-MM-yyyy");
}
}
web配置然后添加默认处理程序等
@Configuration
@EnableWebMvc
@ComponentScan(basePackages = { "wiggle.app.controllers.*" })
public class WiggleWebAppConfig extends WebMvcConfigurerAdapter {
private static final String VIEW_RESOLVER_PREFIX = "/WEB-INF/jsp/";
private static final String VIEW_RESOLVER_SUFFIX = ".jsp";
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/static/**").addResourceLocations(
"/static/");
}
@Override
public void configureDefaultServletHandling(
DefaultServletHandlerConfigurer configurer) {
configurer.enable();
}
@Bean
public SimpleMappingExceptionResolver exceptionResolver() {
SimpleMappingExceptionResolver exceptionResolver = new SimpleMappingExceptionResolver();
Properties exceptionMappings = new Properties();
exceptionMappings.put("java.lang.Exception", "error/error");
exceptionMappings.put("java.lang.RuntimeException", "error/error");
exceptionResolver.setExceptionMappings(exceptionMappings);
Properties statusCodes = new Properties();
statusCodes.put("error/404", "404");
statusCodes.put("error/error", "500");
exceptionResolver.setStatusCodes(statusCodes);
return exceptionResolver;
}
@Bean
public ViewResolver viewResolver() {
InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
viewResolver.setViewClass(JstlView.class);
viewResolver.setPrefix(VIEW_RESOLVER_PREFIX);
viewResolver.setSuffix(VIEW_RESOLVER_SUFFIX);
return viewResolver;
}
}
所有这些都位于包wiggle.app.config中,通过我的配置/**受到保护,应该重定向到/login,这是对所有人开放的,安全过滤器链确实工作正常,我看到访问被拒绝之后,有重定向到/wiggle/login,之后我如何获得404与以下日志条目,当我访问主页即http://localhost:8080/wiggle/
Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@6faeba70: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffbcba8: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 8A7C29831E56336A6FDF1A0E19200E70; Granted Authorities: ROLE_ANONYMOUS
Voter: org.springframework.security.web.access.expression.WebExpressionVoter@c01ac1b, returned: 1
Authorization successful
RunAsManager did not change Authentication object
/login reached end of additional filter chain; proceeding with original chain
DispatcherServlet with name 'dispatcher' processing GET request for [/wiggle/login]
Looking up handler method for path /login
Did not find handler method for [/login]
Matching patterns for request [/login] are [/**]
URI Template variables for request [/login] are {}
Mapping [/login] to HandlerExecutionChain with handler [org.springframework.web.servlet.resource.DefaultServletHttpRequestHandler@688a42b5] and 1 interceptor
Last-Modified value for [/wiggle/login] is: -1
SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
Null ModelAndView returned to DispatcherServlet with name 'dispatcher': assuming HandlerAdapter completed request handling
Successfully completed request
Chain processed normally
SecurityContextHolder now cleared, as request processing completed
我通常会在XML中放入以下内容来处理映射
<beans:bean class="org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping" />
<!-- Enables annotated POJO @Controllers -->
<beans:bean class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter">
和
<!-- Scans within the base package of the application for @Components to configure as beans -->
<context:component-scan base-package="com.code.controller" />
我无法找出我正在做什么,以启用Java配置的类似行为。
我发现除了这个配置之外,我还错过了一个重要的文档,来自Spring框架文档
的16.16.8 mvc:default-servlet-handler一节。重写"/"Servlet映射的警告是,默认Servlet的RequestDispatcher必须按名称而不是按路径检索。DefaultServletHttpRequestHandler将尝试在启动时自动检测容器的默认Servlet,使用大多数主要Servlet容器(包括Tomcat、Jetty、GlassFish、JBoss、Resin、WebLogic和WebSphere)的已知名称列表。如果默认Servlet已经用不同的名称自定义配置,或者如果在默认Servlet名称未知的情况下使用不同的Servlet容器,则必须显式地提供默认Servlet的名称,如下面的示例所示:
@Configuration
@EnableWebMvc
public class WebConfig extends WebMvcConfigurerAdapter {
@Override
public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) {
configurer.enable("myCustomDefaultServlet");
}
}
因此我改成了这个
@Override
public void configureDefaultServletHandling(
DefaultServletHandlerConfigurer configurer) {
configurer.enable("wiggleServlet");
}
还有一个配置错误
@Configuration
@EnableWebMvc
@ComponentScan(basePackages = { "wiggle.app.controllers.*" })
public class WiggleWebAppConfig extends WebMvcConfigurerAdapter {
应为
@Configuration
@EnableWebMvc
@ComponentScan(basePackages = { "wiggle.app.controllers" })
public class WiggleWebAppConfig extends WebMvcConfigurerAdapter {