我有基本的 Spring MVC + Hibernate 应用程序。这是我的web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet
</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
</web-app>
一切都很好。
然后,我尝试通过将以下内容添加到web.xml来为应用添加基本的 Spring Security 支持:
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/security-context.xml</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
我的/WEB-INF/security-context.xml如下:
<?xml version="1.0" encoding="UTF-8" ?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<http>
<intercept-url pattern="/index*" access="ROLE_USER"/>
<form-login login-page="/login.jsp" default-target-url="/index"
authentication-failure-url="/login.jsp?error=true"/>
<logout logout-url="/logout" logout-success-url="/index"/>
<remember-me/>
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="user" password="pass" authorities="ROLE_USER"/>
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
添加该内容后,应用程序崩溃了。它只是在Chrome中显示“链接不起作用。尝试在Google中搜索。”。 我错过了什么?有任何想法吗?提前谢谢。
答案 0 :(得分:1)
<?xml version="1.0" encoding="UTF-8" ?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<security:http>
<security:intercept-url pattern="/index*" access="ROLE_USER"/>
<security:form-login login-page="/login.jsp" default-target-url="/index" authentication-failure-url="/login.jsp?error=true"/>
<security:logout logout-url="/logout" logout-success-url="/index"/> <security:remember-me/>
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="user" password="pass" authorities="ROLE_USER"/> </security:user-service>
</security:authentication-provider>
</security:authentication-manager>
</beans>
尝试使用上面的security-context.xml代码。
答案 1 :(得分:1)
谢谢大家。刚解决了。问题是我在http://www.springframework.org/schema/security/spring-security-3.0.xsd命名空间中使用了/WEB-INF/security-context.xml,但使用了3.1.2.RELEASE版本的spring-security libs。