我是春季安全新手,这是我第一次使用APP来安全保护 我的应用程序使用jsf2,primefaces,spring,hibernate开发 在开发它之后,我正在尝试将它与Spring安全框架集成 有两个问题 1-当从应用程序访问任何URL时,我的应用程序不会将他导航到登录页面 2-当一个用户登录并且其他人试图同时访问该应用程序时,他看到有人登录并发生冲突,最后抛出异常意味着没有为第二个用户创建新会话
我的applicationContext-Security.xml是
<context:property-placeholder location="classpath:resources/jdbc.properties" />
<!-- For Spring auto wiring -->
<tx:annotation-driven />
<context:annotation-config />
<context:component-scan base-package="main.com.zc.attSys" />
<tx:annotation-driven transaction-manager="hibernateTransactionManager" />
<http use-expressions="true">
<form-login login-page="/pages/courseFeedBack/ask/login.xhtml"
authentication-failure-url="/pages/courseFeedBack/ask/login.xhtml" />
</http>
<authentication-manager>
<authentication-provider user-service-ref="userDetailsService">
</authentication-provider>
</authentication-manager>
</beans:beans>
我的web.xml是:
<context-param>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>client</param-value>
</context-param>
<!-- Add Support for Spring -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>
org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<listener>
<listener-class>com.sun.faces.conf
ig.ConfigureListener</listener-class>
</listener>
<listener>
<listener-class>
org.springframework.security.web.session.HttpSessionEventPublisher
</listener-class>
</listener>
<welcome-file-list>
<welcome-file>index.xhtml</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsf</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.faces</url-pattern>
</servlet-mapping>
<!-- <context-param> <param-name>primefaces.THEME</param-name> <param-value>none</param-value>
</context-param> -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext.xml
/WEB-INF/applicationContext-security.xml
</param-value>
</context-param>
<session-config>
<session-timeout>1</session-timeout>
</session-config>
</web-app>
有什么帮助吗?