我在春天写了一个小应用程序来学习java配置,因为我已经被同行唠叨了一段时间来升级我们的应用程序;-),一个简单的todo列表应用程序,它具有安全性和web mvc配置,JPA for持久性,全部通过java配置。我在尝试运行应用程序时遇到了问题。 scurity配置和JPA等工作正常,但在成功拦截受保护的URL
后我得到一个空视图主网络应用初始化程序类扩展了AbstractAnnotationConfigDispatcherServletInitializer
public class WiggleWebApplicationInitializer extends
AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class<?>[] getRootConfigClasses() {
return new Class<?>[] { WiggleApplicationConfig.class };
}
@Override
protected Class<?>[] getServletConfigClasses() {
return new Class<?>[] { WiggleWebAppConfig.class };
}
@Override
protected String[] getServletMappings() {
return new String[] { "/" };
}
@Override
protected void registerDispatcherServlet(ServletContext servletContext) {
super.registerDispatcherServlet(servletContext);
servletContext.addListener(new HttpSessionEventPublisher());
}
@Override
protected Filter[] getServletFilters() {
CharacterEncodingFilter characterEncodingFilter = new CharacterEncodingFilter();
characterEncodingFilter.setEncoding("UTF-8");
characterEncodingFilter.setForceEncoding(true);
return new Filter[] { characterEncodingFilter };
}
}
WiggleApplicationConfig导入安全性,JPA和社交
@Configuration
@ComponentScan(basePackages = { "wiggle.app.services.*" })
@Import({ WigglePersistenceConfig.class, WiggleSecurityConfig.class,
WiggleSocialConfig.class })
public class WiggleApplicationConfig {
@Bean
public DateFormat dateFormat() {
return new SimpleDateFormat("dd-MM-yyyy");
}
}
然后,Web配置会添加默认处理程序等
@Configuration
@EnableWebMvc
@ComponentScan(basePackages = { "wiggle.app.controllers.*" })
public class WiggleWebAppConfig extends WebMvcConfigurerAdapter {
private static final String VIEW_RESOLVER_PREFIX = "/WEB-INF/jsp/";
private static final String VIEW_RESOLVER_SUFFIX = ".jsp";
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/static/**").addResourceLocations(
"/static/");
}
@Override
public void configureDefaultServletHandling(
DefaultServletHandlerConfigurer configurer) {
configurer.enable();
}
@Bean
public SimpleMappingExceptionResolver exceptionResolver() {
SimpleMappingExceptionResolver exceptionResolver = new SimpleMappingExceptionResolver();
Properties exceptionMappings = new Properties();
exceptionMappings.put("java.lang.Exception", "error/error");
exceptionMappings.put("java.lang.RuntimeException", "error/error");
exceptionResolver.setExceptionMappings(exceptionMappings);
Properties statusCodes = new Properties();
statusCodes.put("error/404", "404");
statusCodes.put("error/error", "500");
exceptionResolver.setStatusCodes(statusCodes);
return exceptionResolver;
}
@Bean
public ViewResolver viewResolver() {
InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
viewResolver.setViewClass(JstlView.class);
viewResolver.setPrefix(VIEW_RESOLVER_PREFIX);
viewResolver.setSuffix(VIEW_RESOLVER_SUFFIX);
return viewResolver;
}
}
所有这些都位于包wiggle.app.config中,我的配置/**受到保护并且应该重定向到/ login,这对所有人开放,安全过滤器链确实可以正常工作,我看到了访问被拒绝之后有重定向到/ wiggle / login如何在我访问主页后使用以下日志条目获得404,即http://localhost:8080/wiggle/
Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@6faeba70: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffbcba8: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 8A7C29831E56336A6FDF1A0E19200E70; Granted Authorities: ROLE_ANONYMOUS
Voter: org.springframework.security.web.access.expression.WebExpressionVoter@c01ac1b, returned: 1
Authorization successful
RunAsManager did not change Authentication object
/login reached end of additional filter chain; proceeding with original chain
DispatcherServlet with name 'dispatcher' processing GET request for [/wiggle/login]
Looking up handler method for path /login
Did not find handler method for [/login]
Matching patterns for request [/login] are [/**]
URI Template variables for request [/login] are {}
Mapping [/login] to HandlerExecutionChain with handler [org.springframework.web.servlet.resource.DefaultServletHttpRequestHandler@688a42b5] and 1 interceptor
Last-Modified value for [/wiggle/login] is: -1
SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
Null ModelAndView returned to DispatcherServlet with name 'dispatcher': assuming HandlerAdapter completed request handling
Successfully completed request
Chain processed normally
SecurityContextHolder now cleared, as request processing completed
我通常会将以下内容放在XML中来处理映射
<beans:bean class="org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping" />
<!-- Enables annotated POJO @Controllers -->
<beans:bean class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter">
和
<!-- Scans within the base package of the application for @Components to configure as beans -->
<context:component-scan base-package="com.code.controller" />
我无法找到我缺少的东西,以便在Java配置中启用类似的行为。
答案 0 :(得分:3)
原来我错过了一份重要文件w.r.t.此配置,来自Spring Framework Docs
的 16.16.8 mvc:default-servlet-handler 部分重写&#34; /&#34; Servlet映射是必须通过名称而不是路径来检索默认Servlet的RequestDispatcher。 DefaultServletHttpRequestHandler将尝试使用大多数主要Servlet容器(包括Tomcat,Jetty,GlassFish,JBoss,Resin,WebLogic和WebSphere)的已知名称列表,在启动时自动检测容器的默认Servlet。如果使用不同的名称自定义配置了默认Servlet,或者在默认Servlet名称未知的情况下使用了不同的Servlet容器,则必须显式提供默认的Servlet名称,如下例所示:
@Configuration
@EnableWebMvc
public class WebConfig extends WebMvcConfigurerAdapter {
@Override
public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) {
configurer.enable("myCustomDefaultServlet");
}
}
因此我改为
@Override
public void configureDefaultServletHandling(
DefaultServletHandlerConfigurer configurer) {
configurer.enable("wiggleServlet");
}
还有另一个错误配置
@Configuration
@EnableWebMvc
@ComponentScan(basePackages = { "wiggle.app.controllers.*" })
public class WiggleWebAppConfig extends WebMvcConfigurerAdapter {
应该是
@Configuration
@EnableWebMvc
@ComponentScan(basePackages = { "wiggle.app.controllers" })
public class WiggleWebAppConfig extends WebMvcConfigurerAdapter {