SAMLRequest 403在css链接标记中拒绝访问
我在Spring MVC应用程序的jsp页面中添加链接标记时遇到了问题。
此jsp页面用于处理" Access Denied"在进行SAMLRequest之后。但有些我的链接标记是如何在jsp中获取SAMLRequest而不是CSS文本。有人可以在这个问题上帮助我吗?
我的JSP
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<html>
<head>
<link rel="stylesheet" href="css/temp.css" type="text/css">
</head>
<body>
<div class="forbidden">
<div class="repeat-image">
<div class="main-image image403">
<div class="text-block">
<p class="status">403</p>
<p class="title">Access Denied</p>
<p class="message">You currently do not have permission to access this page. Want access?</p>
<div class="instructions">
Instructions to request via Self Service UAA<br />
<ul>
<li>In SSUAA --> Search for "Access"</li>
<li>Click "Next" to confirm requests</li>
</ul>
You will receive an email confirmation and status updates for your request
</div>
<div class="message">
Go ahead and request it <a href="url" target="_blank">here » </a>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
Firebug HTML标签:
<html>
<head>
<link type="text/css" href="css/temp.css" rel="stylesheet">
<HTML><HEAD><TITLE>HTTP Post Binding (Request)</TITLE></HEAD><BODY Onload="document.forms[0].submit()"><FORM METHOD="POST" ACTION="/idp/SSO.saml2"><INPUT TYPE="HIDDEN" NAME="SAMLRequest" VALUE="PHNhbWxwOkF1dGhuUmVxdWVzdCB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnBm5hbWVpZC1mb3JtYXQ6dHJhbnNpZW50IiBBbGxvd0NyZWF0ZT0idHJ1ZSIvPjwvc2FtbHA6QXV0aG5SZXF1ZXN0Pg=="/><INPUT TYPE="HIDDEN" NAME="RelayState" VALUE="https://localhost:8080/"/></FORM></BODY></HTML>
</link>
</head>
<body>
</html>
目录结构:
安全部分:
<security:http pattern="/css/**" security="none" />
<security:http pattern="/images/**" security="none" />
<security:http pattern="/403" security="none" />
<security:http entry-point-ref="entryPoint"
use-expressions="true">
<security:intercept-url pattern="/**"
access="isAuthenticated()" />
<security:custom-filter position="CAS_FILTER"
ref="authenticationFilter" />
<security:logout logout-url="/signout"
logout-success-url="/" />
<security:csrf disabled="true"/>
</security:http>
<bean id="authenticationFilter"
class="com.espn.ese.ais.vod.ams.security.picketlink.PicketLinkAuthenticationFilter"
lazy-init="true">
<constructor-arg value="${picketlink.filter.processes.url}" />
<property name="authenticationManager" ref="authenticationManager" />
<property name="serviceUrl" value="${picketlink.service.url}" />
<property name="authenticationFailureHandler">
<bean class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<constructor-arg value="/403" />
</bean>
</property>
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider
ref="authenticationProvider" />
</security:authentication-manager>
<bean id="authenticationProvider"
class="com.espn.ese.ais.vod.ams.security.picketlink.PicketLinkAuthenticationProvider"
lazy-init="true">
<property name="authenticationUserDetailsService">
<bean
class="com.espn.ese.ais.vod.ams.security.picketlink.PicketLinkAuthenticationUserDetailsService">
<constructor-arg ref="userDetailsService" />
</bean>
</property>
</bean>
<bean id="userDetailsService"
class="com.espn.ese.ais.vod.ams.security.TestUserDetailsService"
lazy-init="true" />
找不到页面
2016-07-28 10:19:18,023 WARN [org.springframework.web.servlet.PageNotFound] (http-/0.0.0.0:8080-1) No mapping found for HTTP request with URI [/{contextroot}/css/temp.css] in DispatcherServlet with name 'spring-web'
1 个答案:
答案 0 :(得分:0)
最后,我找到了上述问题的解决方案。我在spring-web-servlet.xml
中缺少<mvc:default-servlet-handler />
感谢@ bluro224。
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?