我想为Web应用程序实现自定义错误页面。我使用以下方式:
的web.xml
<error-page>
<error-code>404</error-code>
<location>/404/</location>
</error-page>
弹簧security.xml文件
<http use-expressions="true">
<form-login ... />
<access-denied-handler error-page="/403/" />
....
</http>
两个页面都由适当的控制器处理。但似乎principal在这种情况下无法获取,即我无法获得有关当前登录用户的任何信息。
是默认行为还是代码中有错误?
谢谢
UPD#1: 我的配置:
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring-service.xml
/WEB-INF/spring-security.xml
/WEB-INF/spring-data.xml
/WEB-INF/spring-mail.xml
</param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>hibernateFilter</filter-name>
<filter-class>org.springframework.orm.hibernate3.support.OpenSessionInViewFilter</filter-class>
<init-param>
<param-name>sessionFactoryBeanName</param-name>
<param-value>sessionFactory</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>hibernateFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>spring</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>0</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>spring</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
答案 0 :(得分:6)
要从错误页面访问主要数据,您需要将spring安全过滤器映射为:
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>