Spring Security expired-url不起作用

时间:2015-07-20 22:03:45

标签: spring-security

我遇到Spring安全问题,我尝试在用户会话过期时重定向到登录页面,但它不起作用。当我的jsp页面中的用户会话到期时,我收到此消息:

  

Etat HTTP 500 - 请求处理失败;嵌套异常是java.lang.NullPointerException

输入Rapport d''exception

消息请求处理失败;嵌套异常是java.lang.NullPointerException

描述Le serveuranrencontréuneerreur interne qui l''aempêchédesatisfairelarequête。

例外 org.springframework.web.util.NestedServletException:请求处理失败;嵌套异常是java.lang.NullPointerException     org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:973)     org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:852)     javax.servlet.http.HttpServlet.service(HttpServlet.java:620)     org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:837)     javax.servlet.http.HttpServlet.service(HttpServlet.java:727)     org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)     org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:330)     org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:118)     org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)     org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:342)     org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)     org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:342)     org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103)     org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:342)

这是我的spring-security.xml:

`

    <security:access-denied-handler error-page="/403"/>
    <security:session-management session-fixation-protection="none">
    <security:concurrency-control expired-url="/login?login_error=2"   />
    </security:session-management>
    <security:intercept-url pattern="/" access="hasAnyRole('ROLE_USER','ROLE_ADMIN','ROLE_RH')" />
    <security:intercept-url pattern="/choix" access="hasAnyRole('ROLE_USER','ROLE_ADMIN','ROLE_RH')" />
    <security:intercept-url pattern="/list" access="hasAnyRole('ROLE_ADMIN','ROLE_RH')" />
    <security:intercept-url pattern="/listDemandeConge" access="hasRole('ROLE_USER','ROLE_RH','ROLE_ADMIN')" />
    <security:intercept-url pattern="/addcategorie" access="hasRole('ROLE_ACHAT')" />
    <security:form-login login-page="/login" login-processing-url="/login.do" 
    default-target-url="/" always-use-default-target="true" 
    username-parameter="username" password-parameter="password" authentication-failure-url="/login?error=1"/>

</security:http>

<security:authentication-manager>
  <security:authentication-provider>
  <security:password-encoder hash="md5"></security:password-encoder>
  <security:jdbc-user-service data-source-ref="dataSource"  
        users-by-username-query="select Login, Password, CASE ENABLED WHEN 'active' THEN 'true' ELSE 'false' END 'ENABLED' from Utilisateur where Login=?"  
        authorities-by-username-query="select us.Login, ur.Libelle_Profil from Utilisateur us, Profil ur
          where us.id_utilisateur = ur.id_utilisateur and us.Login =?   " />


  </security:authentication-provider>
</security:authentication-manager>

`

0 个答案:

没有答案
相关问题
最新问题