使用Spring Security在具有自定義域的Tomcat服務器上部署webapp時的重定向

Question

我使用Spring和Spring安全性開發了一個webapp（稱爲「wander」）。當我在我的開發PC上運行我的Web應用程序或將Web應用程序部署在託管我的網站的Tomcat服務器上時，Web應用程序正常工作，並重定向到URL爲http：// localhost：8080 /漫遊到http：// localhost： 8080/wander /登錄時，我沒有登錄。正如預期的那樣，我在登錄時重定向到根目錄http://localhost:8080/wander作爲項目根目錄。

但是，調整我的虛擬主機文件以使用自定義域，當我作爲項目根目錄或在這裏如果我沒有登錄到www.customdomain.com/wander，「登錄」會追加到www .customdomain.com/wanderlogin顯示爲URL，然後我得到一個404丟失的頁面錯誤。爲什麼當我訪問www.customdomain.com/wander或當我沒有登錄時出現此錯誤，爲什麼「登錄」會被附加，而不是去www.customdomain.com/wander/login？我不確定這個錯誤是在我的web應用程序本身還是在部署服務器上，以及我是如何配置的。任何建議將是非常有用的，因爲我是更新的Web應用程序開發。我檢查了我的Tomcat和Apache日誌，沒有錯誤似乎相關。

調度的Servlet：

<context:component-scan base-package="com.togetherwander.web.controllers"> 
</context:component-scan> 

<mvc:annotation-driven /> 
<bean class="org.springframework.context.support.ResourceBundleMessageSource" 
    id="messageSource"> 

    <property value="com.togetherwander.web.messages.messages" 
     name="basename" /> 
</bean> 

<bean id="tilesViewResolver" 
    class="org.springframework.web.servlet.view.tiles2.TilesViewResolver"> 
</bean> 


<bean id="tilesConfigurer" 
    class="org.springframework.web.servlet.view.tiles2.TilesConfigurer"> 
    <property name="definitions"> 
     <list> 
      <value>/WEB-INF/layouts/default.xml</value> 
     </list> 
    </property> 
</bean> 

安全-conext.xml：

<security:authentication-manager> 
    <security:authentication-provider> 
     <security:jdbc-user-service 
      data-source-ref="dataSource" 
      authorities-by-username-query='select username, authority from users where binary username = ?' 
      users-by-username-query='select username, password, enabled from users where binary username = ?' 
      id="jdbcUserService" /> 
    </security:authentication-provider> 
</security:authentication-manager> 

<security:http use-expressions="true"> 
    <security:intercept-url pattern="/admin" 
     access="hasRole('ROLE_ADMIN')" /> 
    <security:intercept-url pattern="/" 
     access="isAuthenticated()" /> 
    <security:intercept-url pattern="/createevent" 
     access="permitAll" /> 
    <security:intercept-url pattern="/docreateevent" 
     access="permitAll" /> 
    <security:intercept-url pattern="/createwander" 
     access="isAuthenticated()" /> 
    <security:intercept-url pattern="/editevent" 
     access="isAuthenticated()" /> 
    <security:intercept-url pattern="/doeditevent" 
     access="isAuthenticated()" /> 
    <security:intercept-url pattern="/removetraveler" 
     access="isAuthenticated()" /> 
    <security:intercept-url pattern="/docreate" 
     access="isAuthenticated()" /> 
    <security:intercept-url pattern="/showwander" 
     access="permitAll" /> 
    <security:intercept-url pattern="/home" 
     access="permitAll" /> 
    <security:intercept-url pattern="/removewander" 
     access="permitAll" /> 
    <security:intercept-url pattern="/removeevent" 
     access="permitAll" /> 
    <security:intercept-url pattern="/loggedout" 
     access="permitAll" /> 
    <security:intercept-url pattern="/newaccount" 
     access="permitAll" /> 
    <security:intercept-url pattern="/createaccount" 
     access="permitAll" /> 
    <security:intercept-url pattern="/accountcreated" 
     access="permitAll" /> 
    <security:intercept-url pattern="/static/**" 
     access="permitAll" /> 
    <security:intercept-url pattern="/login" 
     access="permitAll" /> 
    <security:intercept-url pattern="/**" access="denyAll" /> 
    <security:form-login login-page="/login" 
     authentication-failure-url="/login?error=true" /> 
    <security:logout logout-success-url="/loggedout" /> 
    <security:access-denied-handler 
     error-page="/denied" /> 
    <security:remember-me key="offersAppKey" 
     user-service-ref="jdbcUserService" /> 
</security:http> 

<security:global-method-security 
    secured-annotations="enabled"></security:global-method-security> 

<bean id="passwordEncoder" 
    class="org.springframework.security.crypto.password.StandardPasswordEncoder"> 
</bean> 

的LoginController：

package com.togetherwander.web.controllers; 

import javax.validation.Valid; 
import org.springframework.beans.factory.annotation.Autowired; 
import org.springframework.dao.DuplicateKeyException; 
import org.springframework.stereotype.Controller; 
import org.springframework.ui.Model; 
import org.springframework.validation.BindingResult; 
import org.springframework.validation.annotation.Validated; 
import org.springframework.web.bind.annotation.RequestMapping; 
import org.springframework.web.bind.annotation.RequestMethod; 

import com.togetherwander.web.dao.FormValidationGroup; 
import com.togetherwander.web.dao.User; 
import com.togetherwander.web.service.UsersService; 

@Controller 
public class LoginController { 

    private UsersService usersService; 

    @RequestMapping("/loggedout") 
    public String showLoggedOut() { 
     return "login"; 
    } 

@Autowired 
public void setUsersService(UsersService usersService) { 
    this.usersService = usersService; 
} 

@RequestMapping("/login") 
public String showLogin() { 
    return "login"; 
} 

@RequestMapping("/newaccount") 
public String showNewAccount(Model model) { 

    model.addAttribute("user", new User()); 
    return "newaccount"; 
} 


@RequestMapping(value="/createaccount", method=RequestMethod.POST) 
public String createAccount(@Validated(FormValidationGroup.class) User user, BindingResult result) { 

    if(result.hasErrors()) { 
     return "newaccount"; 
    } 

    user.setAuthority("user"); 
    user.setEnabled(true); 



    if(usersService.exists(user.getUsername())){ 
     result.rejectValue("username", "DuplicateKey.user.username", "This username already exists!"); 
     return "newaccount"; 
    } 


    try { 
     usersService.create(user); 
    } catch (DuplicateKeyException e) { 
     result.rejectValue("username", "DuplicateKey.user.username"); 
     return "newaccount"; 
    } 

    return "home"; 
} 
} 

Answer 1

好的，所以它總是簡單的答案。當我的登錄控制器被重定向到登錄jsp時，與我的其他webapps不同，我似乎需要在root根目錄之後的代理服務器中使用正斜槓：「/ wander /」我仍然不知道爲什麼我的Spring項目需要這個但不是我的標準jsp和servlet項目。

<VirtualHost *:80> 
ServerName example.com 
ProxyRequests On 
ProxyPass /wander/ http://localhost:8080/wander/ 
ProxyPassReverse /wander/ http://localhost:8080/wander/ 
<Location "/sample"> 
    Order allow,deny 
    Allow from all 
</Location>