我在試着學習Spring安全是如何工作的,所以我下載了一些示例項目,然後嘗試在我的項目中實現該解決方案。但是當我嘗試登錄時,出現404
錯誤,並且在地址欄中我有http://localhost:8080/fit/j_spring_security_check
。我試圖在這裏看到類似的問題,但我沒有意識到,如何將它應用到我的項目中。我會非常感激,如果有經驗的人能夠幫助我。Spring 3安全j_spring_security_check
我的應用程序的結構是這樣的:
的applicationContext.xml:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<context:annotation-config/>
<context:component-scan base-package="cz.cvut.fit"/>
<import resource="classpath:applicationContext-security.xml"/>
</beans>
的applicationContext-web.xml中:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<context:annotation-config/>
<context:component-scan base-package="cz.cvut.fit" />
<mvc:annotation-driven />
<security:global-method-security jsr250-annotations="enabled"
proxy-target-class="true"/>
</beans>
的applicationContext-security.xml文件:
<beans xmlns:security="http://www.springframework.org/schema/security"
xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<security:http pattern="/css/**" security="none"/>
<security:http pattern="/views/login.jsp*" security="none"/>
<security:http pattern="/views/denied.jsp" security="none"/>
<security:http auto-config="true" access-denied-page="/denied.jsp" servlet-api-provision="false">
<security:intercept-url pattern="/views/login.jsp*" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<security:intercept-url pattern="/views/edit/**" access="ROLE_EDIT"/>
<security:intercept-url pattern="/views/admin/**" access="ROLE_ADMIN"/>
<security:intercept-url pattern="/**" access="ROLE_USER"/>
<security:form-login login-page="/views/login.jsp" authentication-failure-url="/denied.jsp"
default-target-url="/home.jsp"/>
<security:logout/>
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="adam" password="adampassword" authorities="ROLE_USER"/>
<security:user name="jane" password="janepassword" authorities="ROLE_USER, ROLE_ADMIN"/>
<security:user name="sue" password="suepassword" authorities="ROLE_USER, ROLE_EDIT"/>
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
</beans>
'j_spring_security_check'是實際的認證是由一個Servlet,你必須映射您的登錄表單的這個Servlet的動作。你是否在你的登錄頁面上執行此操作 - 「
'? – Lion 2013-03-12 15:41:06請顯示您的web.xml。/j_spring_security_check URL必須由springSecurityFilterChain過濾器處理。 – 2013-03-12 15:44:27
是的,我是......但我不知道下一步該怎麼做,以使它工作良好。 : -/ – Dworza 2013-03-12 15:44:46