参考文档说url的匹配顺序与声明的顺序相同,但最后声明的一个匹配在之前声明的一些之前匹配。
这是我的声明:
<intercept-url pattern="/static/**" filters="none" />
<intercept-url pattern="/login.jsp*" filters="none" />
<intercept-url pattern="/logout.jsp*" filters="none" />
<intercept-url pattern="/forgotpassword*" filters="none" />
<intercept-url pattern="/WEB-INF/jsp/forgotpassword*" filters="none" />
<intercept-url pattern="**/ordersearch*" access="hasRole('ROLE_VIEW_ORDER_STATUS')" />
<intercept-url pattern="**/creditstatus*" access="hasRole('ROLE_VIEW_CREDIT_STATUS')" />
<intercept-url pattern="**/shop*" access="hasRole('ROLE_INTERNAL') and hasRole('ROLE_CREATE_SALES_ORDER')" />
<intercept-url pattern="/**" access="hasAnyRole('ROLE_INTERNAL','ROLE_EXTERNAL')" />
它尝试按顺序匹配所有filters="none",但随后跳转到最后一个模式/**。因此/appname/ordersearch之类的网址被/**而不是**/ordersearch*拦截。知道我做错了吗?
答案 0 :(得分:3)
**/ordersearch*与/appname/ordersearch不符,您需要/**/ordersearch*。