1. 首頁
  2. 問答
  3. 在JBoss上使用Spring MVC安全Java配置時出現404錯誤

在JBoss上使用Spring MVC安全Java配置時出現404錯誤

2014-10-16 193 views
0

我用Java Config編寫了一個小型的Spring MVC應用程序,並使用Spring Security 3.2.5對其進行了保護。它在Tomcat上工作得非常好,但不在JBoss EAP 6.2上。它被成功部署在JBoss上,但當我請求任何由Spring MVC定義的頁面和瀏覽器中的404錯誤時,我會得到這個警告。在JBoss上使用Spring MVC安全Java配置時出現404錯誤

WARN [org.springframework.web.servlet.PageNotFound] (http-/127.0.0.1:8080-1) No mapping found for HTTP request with URI [/example-web/pages/login.jsp] in DispatcherServlet with name 'dispatcher'

由於春季安全使用,對於例如需要認證的用戶的任何請求http://localhost:8080/example-web/start,Spring Security重定向到https://localhost:8443/example-web/login那是當我看到警告和404錯誤。

在這裏你可以看到我的代碼:

public class WebApplicationInitializer extends AbstractAnnotationConfigDispatcherServletInitializer { 

@Override 
protected Class<?>[] getRootConfigClasses() { 
    return new Class[] { RootConfiguration.class}; 
} 

@Override 
protected Class<?>[] getServletConfigClasses() { 
    return new Class[] { WebMvcConfig.class }; 
} 

@Override 
protected String[] getServletMappings() { 
    return new String[] { "/*" }; 
} 

@Override 
protected Filter[] getServletFilters() { 
    return new Filter[] { new HiddenHttpMethodFilter() }; 
} 
}

這裏是我的Spring MVC配置:

@EnableWebMvc 
@ComponentScan("com.spring.example.w.controller") 
@Configuration 
public class WebMvcConfig extends WebMvcConfigurerAdapter { 

    @Override 
    public void addViewControllers(ViewControllerRegistry registry) { 
     registry.addViewController("login").setViewName("login"); 
     registry.setOrder(Ordered.HIGHEST_PRECEDENCE); 
    } 

    @Bean 
    public InternalResourceViewResolver getInternalResourceViewResolver(){ 
     InternalResourceViewResolver resolver = new InternalResourceViewResolver(); 
     resolver.setPrefix("/pages/"); 
     resolver.setSuffix(".jsp"); 
     return resolver; 
    } 
}

下面是我的春節,安全配置:

@Configuration 
@EnableWebSecurity 
public class SecurityConfig extends WebSecurityConfigurerAdapter { 

    @Override 
    protected void configure(HttpSecurity http) throws Exception{ 

     http 
      .addFilter(myUsernamePasswordAuthenticationFilter()) 
      .authorizeRequests() 
       .antMatchers("/login").permitAll() 
       .antMatchers("/admin/**").hasRole("Admin") 
       .antMatchers("/start/**").hasRole("Viewer") 
       .antMatchers("/user/**").hasRole("User") 
       .antMatchers("/**").hasRole("User") 
       .and() 
      .httpBasic().authenticationEntryPoint(loginUrlAuthenticationEntryPoint()) 
       .and() 
      .logout() 
       .permitAll() 
       .and() 
      .requiresChannel() 
       .anyRequest().requiresSecure(); 
    } 

    @Bean 
    public LoginUrlAuthenticationEntryPoint loginUrlAuthenticationEntryPoint(){ 
     LoginUrlAuthenticationEntryPoint loginUrlAuthenticationEntryPoint = new LoginUrlAuthenticationEntryPoint("/login"); 
     return loginUrlAuthenticationEntryPoint; 
    } 


    @Bean 
    public ActiveDirectoryLdapAuthenticationProvider activeDirectoryLdapAuthenticationProvider(){ 
     ActiveDirectoryLdapAuthenticationProvider authProvider = new ActiveDirectoryLdapAuthenticationProvider(my_domain, my_url); 
     authProvider.setConvertSubErrorCodesToExceptions(true); 
     authProvider.setUseAuthenticationRequestCredentials(true); 
     authProvider.setUseAuthenticationRequestCredentials(true); 
     authProvider.setUserDetailsContextMapper(userDetailsContextMapper()); 
     return authProvider; 
    } 

    @Bean 
    public UserDetailsContextMapper userDetailsContextMapper(){ 
     CustomUserDetailsContextMapper myAuthoritiesPopulator = new CustomUserDetailsContextMapper(); 
     return myAuthoritiesPopulator; 
    } 

    @Bean 
    public CustomUsernamePasswordAuthenticationFilter myUsernamePasswordAuthenticationFilter() 
      throws Exception { 
     CustomUsernamePasswordAuthenticationFilter usernamePasswordAuthenticationFilter = new CustomUsernamePasswordAuthenticationFilter(); 
     usernamePasswordAuthenticationFilter.setAuthenticationManager(authenticationManager()); 
     usernamePasswordAuthenticationFilter.setAllowSessionCreation(true); 
     SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler(); 
     usernamePasswordAuthenticationFilter.setAuthenticationSuccessHandler(successHandler); 
     usernamePasswordAuthenticationFilter.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler("/login?error")); 
     usernamePasswordAuthenticationFilter.afterPropertiesSet(); 
     return usernamePasswordAuthenticationFilter; 
    } 

    @Autowired 
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception{ 
     auth.authenticationProvider(activeDirectoryLdapAuthenticationProvider()); 
    } 
}

然後SecurityWebApplicationInitializer:

public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer { 
}

而且RootConfig:

@Configuration 
@ComponentScan 
public class RootConfiguration { 
}

而下面是我配置的JBoss SSL:

<subsystem xmlns="urn:jboss:domain:web:1.5" default-virtual-server="default-host" native="false"> 
    <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http" redirect-port="8443"/> 
    <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" enable-lookups="false" secure="true"> 
     <ssl name="ssl" password="<my_password>" certificate-key-file="c:\mykeystore.jks" protocol="TLSv1" verify-client="false"/> 
    </connector> 
    <virtual-server name="default-host" enable-welcome-root="true"> 
     <alias name="localhost"/> 
     <alias name="example.com"/> 
    </virtual-server> 
</subsystem>

在部署過程中,我可以在日誌中看到的請求也被映射:

INFO [org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping] (ServerService Thread Pool -- 71) Mapped "{[/start],methods=[GET],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.web.servlet.ModelAndView com.spring.example.w.controller.StartController.handleStart() throws javax.servlet.ServletException,java.io.IOException 
INFO [org.springframework.web.servlet.handler.SimpleUrlHandlerMapping] (ServerService Thread Pool -- 71) Mapped URL path [/login] onto handler of type [class org.springframework.web.servlet.mvc.ParameterizableViewController] 
INFO [org.springframework.web.context.ContextLoader] (ServerService Thread Pool -- 71) Root WebApplicationContext: initialization completed in 2530 ms 
INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/example-web]] (ServerService Thread Pool -- 71) Initializing Spring FrameworkServlet 'dispatcher' 
INFO [org.springframework.web.servlet.DispatcherServlet] (ServerService Thread Pool -- 71) FrameworkServlet 'dispatcher': initialization started

任何關於爲什麼我得到404錯誤的幫助和此警告是高度讚賞。我應該再次強調它正在使用Tomcat。提前致謝。

來源

2014-10-16 Samaneh

+0

你得到一個404,如果你直接要求HTTPS URL?通過https工作的其他請求?如果您從應用中刪除彈簧安全性,它是否可以通過https工作?此外,您應該啓用調試日誌記錄,並嘗試解決請求的處理方式。 – 2014-10-21 18:03:34

+0

非常感謝您的回覆。我刪除了所有Spring Security配置以及SSL。我嘗試了一個簡單的Spring MVC示例,並將其與Spring MVC示例進行了比較。但是我得到了同樣的錯誤,404。由於我的應用程序對Tomcat完美無誤,我猜Tomcat和JBoss Servlet容器之間的區別可能是原因。例如,我發現這篇文章:[鏈接](http://stackoverflow.com/questions/20666513/spring-java-config-vs-jboss-7)。儘管我已經將Servlet映射更改爲「/ *」而不是「/」。 – Samaneh 2014-10-26 10:08:24

+0

我應該提到,我可以在JBoss上使用XML設置來運行我的應用程序(Spring MVC Security)。 – Samaneh 2014-10-26 10:10:31

回答

0

您可以檢查連接器端口是否啓用SSL。此鏈接有一些細節。 Redirecting from non ssl port 8080 to ssl port 8443

希望它有助於

來源

2014-10-22 05:53:13 rvini

+0

感謝您的回答。我檢查過它,SSL連接器端口沒有問題。我設法使用SSL在JBoss上運行帶有XML配置的應用程序。 – Samaneh 2014-10-26 10:02:19

相關問題

 相關問題