使用下面的安全配置,向/ j_spring_security_check发送发布请求会引发404错误。有人可以帮我指出我做错了吗?
security.xml文件
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-4.0.xsd">
<!-- Areas of the application which require no secuirty to visit -->
<security:http security="none" pattern="/login/**" />
<security:http security="none" pattern="/css/**" />
<security:http security="none" pattern="/images/**" />
<security:http security="none" pattern="/handler/**" />
<security:http>
<security:intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
<security:form-login login-page="/login/"
default-target-url="/login/successful_login.html"
always-use-default-target="true" />
<security:csrf disabled="true"/>
<security:http-basic />
<security:logout />
</security:http>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider
ref="protrackAuthenticationProvider" />
</security:authentication-manager>
<bean id="protrackAuthenticationProvider"
class="com.example.security.ProtrackAuthenticationProvider">
</bean>
<bean id="authenticationFilter"
class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="filterProcessesUrl" value="/j_spring_security_check" />
</bean>
</beans>
Web.xml中
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0" xmlns="http://java.sun.com/xml/ns/javaee">
<description>ProtrackEntities</description>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/ptentities-spring.xml
/WEB-INF/ptentities-security.xml
</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<!-- Servlets -->
<servlet>
<servlet-name>exportHandler</servlet-name>
<servlet-class>com.myersinfosys.protrack.server.handlers.FileExportHandler</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>exportHandler</servlet-name>
<url-pattern>/exportHandler</url-pattern>
</servlet-mapping>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>gwt-rpc</servlet-name>
<servlet-class>org.spring4gwt.server.SpringGwtRemoteServiceServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>gwt-rpc</servlet-name>
<url-pattern>/rpc/*</url-pattern>
</servlet-mapping>
<!-- Default page to serve -->
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
</web-app>
以下是请求错误:
远程地址:127.0.0.1:59322请求 网址:http://127.0.0.1:59322/j_spring_security_check请求方法:POST 状态代码:404 Not Found
答案 0 :(得分:3)
看起来您使用的是Spring Security 4.0版
我刚从Spring Security 3.2.3升级到4.0.1,看起来登录和注销处理程序的默认URL已从 / j_spring_security_check 更改为 / login 和 / j_spring_security_logout 分别为 / logout 。
看起来您正在使用的URL缺少路径的应用程序上下文组件部分,该路径通常是Web应用程序的名称。它看起来应该更像:
http://127.0.0.1:59322/YourWebapp/j_spring_security_check
或以后的Spring Security版本:
http://127.0.0.1:59322/YourWebapp/login