服务器理解该请求但拒绝授权它并记住我的身份验证

时间:2017-08-17 12:55:22

标签: java spring spring-mvc spring-security spring-mybatis

我正在尝试实现持久性令牌,请记住我在spring security中的身份验证,并且我从邮递员调用控制器(/ test), 但是当我在security-config.xml文件中输入以下行时:

<intercept-url pattern="/testt" access="ROLE_USER" />

我点击发送按钮后直接在邮递员中收到以下错误:

<!doctype html><html lang="en"><head><title>HTTP Status [403] – [Forbidden]</title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status [403] – [Forbidden]</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> Access Denied</p><p><b>Description</b> The server understood the request but refuses to authorize it.</p><hr class="line" /><h3>Apache Tomcat/8.5.15</h3></body></html>

我的security-config.xml 

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
           http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
           http://www.springframework.org/schema/security
           http://www.springframework.org/schema/security/spring-security-3.2.xsd">

    <http auto-config="false" entry-point-ref="entryPoint">
        <intercept-url pattern="/login" access="ROLE_ADMIN" />
        <intercept-url pattern="/testt" access="ROLE_USER" />
        <intercept-url pattern="/loginTest" access="ROLE_USER" />
        <logout logout-success-url="/login" />
        <remember-me services-ref="rememberMeServices" key="testKeyForBlog" />
    </http>

    <!-- Authentication Manager (uses same UserDetailsService as RememberMeService) -->
    <authentication-manager alias="authenticationManager">
        <authentication-provider user-service-ref="myUserDetailsService" />
    </authentication-manager>



    <global-method-security secured-annotations="enabled" />
    <!-- <beans:bean name="userServiceSec" class="com.equadis.webapp.service.UserServiceSec"/> -->
</beans:beans>

有什么帮助吗?

0 个答案:

没有答案
相关问题
最新问题