我正在尝试添加Spring安全性,但我无法使其正常运行。但是我会认为这会导致浏览器弹出一个询问用户名和密码的对话框,但没有显示任何内容。它只是给我带来了正常页面而没有强制执行任何安全性。使用Spring 3.1:
web.xml:
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
context.xml:
<security:http>
<security:http-basic />
<security:intercept-url pattern="/**" access="ROLE_USER" />
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="test" password="testpass" authorities="ROLE_USER" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
答案 0 :(得分:-1)
你也需要这样的东西
<security:form-login login-page='/Login' authentication-failure-url="/Login?login_error=1"/>
您需要创建自己的登录页面,其中至少包含此页面,并映射到上面的URL(显然不一定与我的相同):
<form name="f" id="f" action="<c:url value='/j_spring_security_check'/>" method="POST">
<label for="j_username">Username : </label>
<input type='text' id='j_username' name='j_username'/><br/>
<label for="j_password">Password : </label>
<input type='password' id='j_password' name='j_password'><br>
答案 1 :(得分:-1)
您需要在web.xml中添加spring安全上下文,以便Web应用程序可以正确加载context.xml。
以下是how to do basic authentication using spring security or even with some customization
的示例