403重定向错误 - Spring Google App Engine安全性

时间:2015-06-11 21:25:42

标签: java spring google-app-engine spring-mvc

我正在使用示例代码通过Google App Engine进行身份验证,但我无法将Spring重定向到我的注册页面,而不会收到403错误。

这是错误的堆栈跟踪。

Maps

这是我的

的applicationContext-security.xml文件 

21:13:34,576 DEBUG [org.springframework.security.web.util.matcher.AntPathRequestMatcher] - Checking match of request : '/home.jsp'; against '/register.jsp*'
21:13:34,576 DEBUG [org.springframework.security.web.access.intercept.FilterSecurityInterceptor] - Secure object: FilterInvocation: URL: /home.jsp; Attributes: [hasRole('USER')]
21:13:34,576 DEBUG [org.springframework.security.web.access.intercept.FilterSecurityInterceptor] - Secure object: FilterInvocation: URL: /home.jsp; Attributes: [hasRole('USER')]
21:13:34,576 DEBUG [org.springframework.security.web.access.intercept.FilterSecurityInterceptor] - Previously Authenticated: GaeUserAuthentication{principal=GaeUser{userId='185804764220139124118', nickname='test@example.com', forename='null', surname='null', authorities=[NEW_USER], email=test@example.com}, isEnabled=true}, details=org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null, authenticated=true}
21:13:34,576 DEBUG    [org.springframework.security.web.access.intercept.FilterSecurityInterceptor] - Previously Authenticated: GaeUserAuthentication{principal=GaeUser{userId='185804764220139124118', nickname='test@example.com', forename='null', surname='null', authorities=[NEW_USER], email=test@example.com}, isEnabled=true}, details=org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null, authenticated=true}
21:13:34,584 DEBUG [org.springframework.security.access.vote.AffirmativeBased] - Voter: org.springframework.security.web.access.expression.WebExpressionVoter@415edbff, returned: -1
21:13:34,584 DEBUG [org.springframework.security.access.vote.AffirmativeBased] - Voter: org.springframework.security.web.access.expression.WebExpressionVoter@415edbff, returned: -1
21:13:34,586 DEBUG [org.springframework.security.web.access.ExceptionTranslationFilter] - Access is denied (user is not anonymous); delegating to AccessDeniedHandler

register.jsp页面将NEW_USER作为该经过身份验证的用户的角色。

有人能告诉我我做错了吗?

1 个答案:

答案 0 :(得分:0)

我认为HTTP缺少<security:access-denied-handler ref="accessDeniedHandler" />及其实现 <bean id="accessDeniedHandler" class="com.ddd.AccessDeniedHandler"> <property name="strAccessDeniedUrl" value="access_denied_login.jsp" /> </bean>

您需要扩展AccessDeniedHandler类来处理您的逻辑

相关问题
最新问题