我正在从Spring Security 3迁移到4并且返回页面的标题类型存在问题 - 默认情况下它是text / plain,因此我只看到html文本而不是真实页面。在Spring Security 3中,一切都运行良好
<http pattern="/images/**" security="none"/>
<http pattern="/css/**" security="none"/>
<http pattern="/xml/**" security="none"/>
<http pattern="/**" use-expressions="true"
authentication-manager-ref="authenticationManager"
disable-url-rewriting="true" entry-point-ref="loginUrlAuthenticationEntryPoint">
<access-denied-handler ref="accessDeniedHandler"/>
<form-login login-page="/pages/home/login.html"
default-target-url="/pages/home/entry.html" authentication-failure-handler-ref="authenticationFailureHandler"
always-use-default-target="true"
authentication-details-source-ref="authenticationDetailsSource"/>
<logout logout-success-url="/pages/home/login.html" invalidate-session="true"/>
<intercept-url pattern="/pages/home/**" access="hasRole('ROLE_CLIENT') or hasRole('ROLE_ANONYMOUS_CLIENT')"/>
<intercept-url pattern="/pages/admin/**" access="hasRole('ROLE_ADMIN')"/>
<session-management invalid-session-url="/pages/home/login.html"/>
<anonymous enabled="false"/>
<custom-filter ref="anonymousAuthenticationFilter" position="ANONYMOUS_FILTER"/>
<custom-filter before="CAS_FILTER" ref="oauthFilter"/>
</http>
<beans:bean id="accessDeniedHandler" class="org.springframework.security.web.access.AccessDeniedHandlerImpl">
<beans:property name="errorPage" value="/pages/home/login.html"/>
</beans:bean>
<beans:bean id="authenticationFailureHandler"
class="org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler">
<beans:property name="defaultFailureUrl" value="/pages/home/login.html"/>
</beans:bean>