我正在开发具有spring安全性的登录页面,但是当我启动项目时会自动重定向到登录页面。我在我的web.xml中重定向到index.xhtml,为什么重定向到login.xhtml?
的web.xml
<web-app >
<display-name>AirTour</display-name>
<welcome-file-list>
<welcome-file>index.xhtml</welcome-file>
</welcome-file-list>
<!-- SPRING -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/conf/applicationContext.xml
</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<!-- SPRING SECURITY -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- JSF -->
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
</web-app>
的applicationContext.xml
<bean id="userDetailsManager" class="org.springframework.security.provisioning.JdbcUserDetailsManager">
<property name="dataSource" ref="dataSource"></property>
</bean>
<bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.ShaPasswordEncoder"/>
<bean id="saltSource" class="org.springframework.security.authentication.dao.ReflectionSaltSource">
<property name="userPropertyToUse" value="username"/>
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider user-service-ref="userDetailsManager">
<security:password-encoder ref="passwordEncoder">
<security:salt-source ref="saltSource"/>
</security:password-encoder>
</security:authentication-provider>
</security:authentication-manager>
<security:http >
<security:intercept-url pattern="/user/*" access="ROLE_USER"/>
<security:intercept-url pattern="/comp/*" access="ROLE_COMP"/>
<security:intercept-url pattern="/admin/*" access="ROLE_ADMIN"/>
<security:intercept-url pattern="/*" access="ROLE_ANONIMOUS,ROLE_USER,ROLE_COMP,ROLE_ADMIN"/>
<security:form-login login-page="/login"/>
</security:http>
答案 0 :(得分:0)
看起来你的Spring安全配置中出现了拼写错误。将ROLE_ANONIMOUS替换为ROLE_ANONYMOUS:
<security:intercept-url pattern="/*" access="ROLE_ANONYMOUS,ROLE_USER,ROLE_COMP,ROLE_ADMIN"/>
答案 1 :(得分:0)
将您的上一个intercept-url更改为此:
<security:intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
还可以在auto-config中使用security:http。
<security:http auto-config="true">