我有一个JSF + Spring应用程序。它正在运行spring security 2.0.2。当我尝试调用myapp / j_spring_security_check时,我得到了我的应用程序的错误页面,没有异常解释发生了什么。控制台上的日志也是空的。
这是我的春季安全配置:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans
xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">
<http
auto-config="true">
<intercept-url pattern="/view/iam/login.do" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/view/iam/userSelfRegistration.do" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/images/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/view/iam/js/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/css/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/view/password.do" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/view/registration.do" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/view/register.do" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<!--intercept-url pattern="/rest/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/-->
<intercept-url pattern="/view/registrationProduct.do" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/view/studentRegistration.do" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/view/iam/concurrentTest.do" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/a4j/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/" access="IS_AUTHENTICATED_ANONYMOUSLY"/> <!-- root redirects to deal-mgmt -->
<intercept-url pattern="/**" access="ROLE_HOME_VIEW"/>
<form-login
login-processing-url="/j_spring_security_check"
login-page="/view/iam/login.do"
default-target-url="/view/iam/deal-mgmt.do"
always-use-default-target="false"
authentication-failure-url="/view/iam/login.do?login_error=1"/>
</http>
<beans:bean id="iapUserDetailsService" class="mycompany.mypackage.services.auth.IapUserDetailsService">
<beans:property name="userDao" ref="userDaoServ"/>
<beans:property name="userPrivilegeDao" ref="userPrivilegeDaoServ"/>
<beans:property name="rolePrivilegeDao" ref="rolePrivilegeDaoServ"/>
<beans:property name="userWebseviceClient" ref="iapUserWsClientServ"/>
</beans:bean>
<beans:bean id="iapPasswordEncoder" class="mycompany.mypackage.services.auth.IapPasswordEncoder"/>
<authentication-provider user-service-ref="iapUserDetailsService">
<password-encoder ref="iapPasswordEncoder"/>
</authentication-provider>
</beans:beans>
我调试了身份验证,一切似乎都运行正常。尝试渲染目标网址时出现问题。但是,如果在auth经过之后,我尝试点击应用程序的URL,它会重定向到正确的位置(目标URL),但会显示错误页面。好像它已经卡在了某个地方。
如果您需要更多信息(以及哪种类型),请告诉我,我会添加它。谢谢!
答案 0 :(得分:0)
我终于开始工作了。我将所有记录器设置为ALL所以我可以看到发生了什么,并找出我得到的异常来自Spring security,说我的用户没有所需的角色。我解决了这个问题,它现在正在工作。谢谢CodeChimp!