我使用Spring和Spring安全性開發了一個webapp(稱爲「wander」)。當我在我的開發PC上運行我的Web應用程序或將Web應用程序部署在託管我的網站的Tomcat服務器上時,Web應用程序正常工作,並重定向到URL爲http:// localhost:8080 /漫遊到http:// localhost: 8080/wander /登錄時,我沒有登錄。正如預期的那樣,我在登錄時重定向到根目錄http://localhost:8080/wander作爲項目根目錄。使用Spring Security在具有自定義域的Tomcat服務器上部署webapp時的重定向
但是,調整我的虛擬主機文件以使用自定義域,當我作爲項目根目錄或在這裏如果我沒有登錄到www.customdomain.com/wander,「登錄」會追加到www .customdomain.com/wanderlogin顯示爲URL,然後我得到一個404丟失的頁面錯誤。爲什麼當我訪問www.customdomain.com/wander或當我沒有登錄時出現此錯誤,爲什麼「登錄」會被附加,而不是去www.customdomain.com/wander/login?我不確定這個錯誤是在我的web應用程序本身還是在部署服務器上,以及我是如何配置的。任何建議將是非常有用的,因爲我是更新的Web應用程序開發。我檢查了我的Tomcat和Apache日誌,沒有錯誤似乎相關。
調度的Servlet:
<context:component-scan base-package="com.togetherwander.web.controllers">
</context:component-scan>
<mvc:annotation-driven />
<bean class="org.springframework.context.support.ResourceBundleMessageSource"
id="messageSource">
<property value="com.togetherwander.web.messages.messages"
name="basename" />
</bean>
<bean id="tilesViewResolver"
class="org.springframework.web.servlet.view.tiles2.TilesViewResolver">
</bean>
<bean id="tilesConfigurer"
class="org.springframework.web.servlet.view.tiles2.TilesConfigurer">
<property name="definitions">
<list>
<value>/WEB-INF/layouts/default.xml</value>
</list>
</property>
</bean>
安全-conext.xml:
<security:authentication-manager>
<security:authentication-provider>
<security:jdbc-user-service
data-source-ref="dataSource"
authorities-by-username-query='select username, authority from users where binary username = ?'
users-by-username-query='select username, password, enabled from users where binary username = ?'
id="jdbcUserService" />
</security:authentication-provider>
</security:authentication-manager>
<security:http use-expressions="true">
<security:intercept-url pattern="/admin"
access="hasRole('ROLE_ADMIN')" />
<security:intercept-url pattern="/"
access="isAuthenticated()" />
<security:intercept-url pattern="/createevent"
access="permitAll" />
<security:intercept-url pattern="/docreateevent"
access="permitAll" />
<security:intercept-url pattern="/createwander"
access="isAuthenticated()" />
<security:intercept-url pattern="/editevent"
access="isAuthenticated()" />
<security:intercept-url pattern="/doeditevent"
access="isAuthenticated()" />
<security:intercept-url pattern="/removetraveler"
access="isAuthenticated()" />
<security:intercept-url pattern="/docreate"
access="isAuthenticated()" />
<security:intercept-url pattern="/showwander"
access="permitAll" />
<security:intercept-url pattern="/home"
access="permitAll" />
<security:intercept-url pattern="/removewander"
access="permitAll" />
<security:intercept-url pattern="/removeevent"
access="permitAll" />
<security:intercept-url pattern="/loggedout"
access="permitAll" />
<security:intercept-url pattern="/newaccount"
access="permitAll" />
<security:intercept-url pattern="/createaccount"
access="permitAll" />
<security:intercept-url pattern="/accountcreated"
access="permitAll" />
<security:intercept-url pattern="/static/**"
access="permitAll" />
<security:intercept-url pattern="/login"
access="permitAll" />
<security:intercept-url pattern="/**" access="denyAll" />
<security:form-login login-page="/login"
authentication-failure-url="/login?error=true" />
<security:logout logout-success-url="/loggedout" />
<security:access-denied-handler
error-page="/denied" />
<security:remember-me key="offersAppKey"
user-service-ref="jdbcUserService" />
</security:http>
<security:global-method-security
secured-annotations="enabled"></security:global-method-security>
<bean id="passwordEncoder"
class="org.springframework.security.crypto.password.StandardPasswordEncoder">
</bean>
的LoginController:
package com.togetherwander.web.controllers;
import javax.validation.Valid;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.dao.DuplicateKeyException;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import com.togetherwander.web.dao.FormValidationGroup;
import com.togetherwander.web.dao.User;
import com.togetherwander.web.service.UsersService;
@Controller
public class LoginController {
private UsersService usersService;
@RequestMapping("/loggedout")
public String showLoggedOut() {
return "login";
}
@Autowired
public void setUsersService(UsersService usersService) {
this.usersService = usersService;
}
@RequestMapping("/login")
public String showLogin() {
return "login";
}
@RequestMapping("/newaccount")
public String showNewAccount(Model model) {
model.addAttribute("user", new User());
return "newaccount";
}
@RequestMapping(value="/createaccount", method=RequestMethod.POST)
public String createAccount(@Validated(FormValidationGroup.class) User user, BindingResult result) {
if(result.hasErrors()) {
return "newaccount";
}
user.setAuthority("user");
user.setEnabled(true);
if(usersService.exists(user.getUsername())){
result.rejectValue("username", "DuplicateKey.user.username", "This username already exists!");
return "newaccount";
}
try {
usersService.create(user);
} catch (DuplicateKeyException e) {
result.rejectValue("username", "DuplicateKey.user.username");
return "newaccount";
}
return "home";
}
}