网络错误404 Spring安全性

时间:2012-12-28 15:15:38

标签: java spring spring-mvc

我有一个在Tomcat 6.0.35上运行的Spring MVC应用程序。所有页面都由Spring安全保护,我希望允许测试人员使用特定页面进行登录模拟。该页面称为“preinicio”。以下是xml配置文件的相关部分:

的web.xml


<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<display-name>gestion_tramite_gfhl</display-name>
<context-param>
    <param-name>log4jConfigLocation</param-name>
    <param-value>classpath:properties/gestion_tramite_gfhl/log4j.properties</param-value>
</context-param>
<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>/WEB-INF/context/spring-base.xml </param-value>
</context-param>
<context-param>
    <param-name>webAppRootKey</param-name>
    <param-value>gestion_tramite_gfhl</param-value>
</context-param>
<!-- Define the basename for a resource bundle for I18N -->
<context-param>
    <param-name>javax.servlet.jsp.jstl.fmt.localizationContext</param-name>
    <param-value>messages</param-value>
</context-param>
<listener>
    <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<filter>
    <filter-name>encodingFilter</filter-name>
    <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
    <init-param>
        <param-name>encoding</param-name>
        <param-value>UTF-8</param-value>
    </init-param>
    <init-param>
        <param-name>forceEncoding</param-name>
        <param-value>true</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>encodingFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

<!--<filter>
    <filter-name>autoLoginFilter</filter-name>
    <filter-class>gob.osinergmin.common.filter.AutoLoginFilter</filter-class>
    <init-param>
        <param-name>checkClientIP</param-name>
        <param-value>false</param-value>
    </init-param>
    <init-param>
        <param-name>checkDate</param-name>
        <param-value>true</param-value>
    </init-param>
    <init-param>
        <param-name>invalidParamPage</param-name>
        <param-value>/error/invalidAutoLogin.html</param-value>
    </init-param>
</filter>-->
<!--<filter>
    <filter-name>UserOnSessionFilter</filter-name>
    <filter-class>gob.osinergmin.gestion_tramite_gfhl.controller.filter.UserOnSessionFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>UserOnSessionFilter</filter-name>
    <url-pattern>/pages/*</url-pattern>
</filter-mapping>-->
<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<!--filter-mapping>
    <filter-name>autoLoginFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping-->
<!--    <filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>*.jsp</url-pattern>
</filter-mapping>-->
<!--    <filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/pages/*</url-pattern>
</filter-mapping>    -->
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>        
<!--    <filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/j_spring_security_logout</url-pattern>
</filter-mapping>    -->
<!--    <filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/pages/inicio</url-pattern>
</filter-mapping>      -->
<!-- Handles all requests into the application -->
<servlet>
    <servlet-name>Spring MVC Dispatcher Servlet</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <init-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/context/spring-mvc.xml</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
    <servlet-name>Spring MVC Dispatcher Servlet</servlet-name>
    <url-pattern>/pages/*</url-pattern>
</servlet-mapping>
<session-config>
    <session-timeout>30</session-timeout>
</session-config>
<welcome-file-list>
    <welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<error-page>
    <error-code>500</error-code>
    <location>/error/error.jsp</location>
</error-page>
<error-page>
    <error-code>400</error-code>
    <location>/error/error.jsp</location>
</error-page>
<error-page>
    <error-code>403</error-code>
    <location>/error/403.jsp</location>
</error-page>
<error-page>
    <error-code>404</error-code>
    <location>/error/404.jsp</location>
</error-page>

弹簧security.xml文件


<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:security="http://www.springframework.org/schema/security"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
       http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">

    <security:http auto-config='false' entry-point-ref="authenticationProcessingFilterEntryPoint" use-expressions="true">        
    <security:intercept-url pattern="/pages/public/**" access="permitAll" />
    <security:intercept-url pattern="/pages/login.jsp" access="permitAll" />
    <!--*LOOK THIS LINE BELOW*-->
    <security:intercept-url pattern="/pages/preinicio" access="permitAll" />  
    <security:intercept-url pattern="/stylesheets/**" access="permitAll" />
    <security:intercept-url pattern="/javascript/**" access="permitAll" />
    <security:intercept-url pattern="/images/**" access="permitAll" />
    <security:intercept-url pattern="/pages/**" access="hasRole('ROLE_USER')" />
    <security:intercept-url pattern="/**" access="permitAll" />
    <security:custom-filter position="FORM_LOGIN_FILTER" ref="customAuthenticationFilter"/>
    <security:logout success-handler-ref="logoutHandler" />
    </security:http>

问题是当我在firefox中运行应用程序并尝试访问URL“http:// localhost:8086 / myApplicationContext / pages / preinicio”时,我在Firebug中获得404页面和以下错误:

NetworkError:404未找到 - http://localhost:8086/hidrovirtual/pages/preinicio"

页面和所有资源都在正确的路径中,因为当我在没有弹簧安全性的情况下测试它时,一切正常。

如果有人可以帮助我,我将不胜感激。我花了几个小时解决这个问题。谢谢。

1 个答案:

答案 0 :(得分:0)

你有没有试过直接去jsp。

将您对precinio页面的拦截网址更改为

<intercept-url pattern="/pages/preinicio.jsp" access="permitAll"/>

并将网址更改为

http://localhost:8086/hidrovirtual/pages/preinicio.jsp