j_spring_security_check - 请求的资源不可用

时间:2015-08-11 19:04:34

标签: java spring spring-mvc spring-security

发送我的登录表单无效。 在发送登录表单时,我收到消息“请求的资源不可用”,该表单使用标准过滤器访问/ j_spring_security_check。

我的application-servlet.xml:

model.matrix

spring-database.xml如下所示:

<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-4.0.xsd">

<!-- enable use-expressions -->
<http auto-config="true" use-expressions="true">

    <intercept-url pattern="/inside**" access="hasRole('ROLE_USER')" />

    <!-- access denied page -->
    <access-denied-handler error-page="/403" />

    <form-login 
        login-page="/login" 
        default-target-url="/welcome" 
        authentication-failure-url="/login?error" 
        username-parameter="username"
        password-parameter="password" />

    <logout logout-success-url="/login?logout"  />

    <!-- enable csrf protection -->
    <csrf/>
</http>

<!-- Select users and user_roles from database -->
<authentication-manager>
  <authentication-provider>
    <jdbc-user-service data-source-ref="dataSource"
      users-by-username-query=
        "select email,password from users where username=?" />
  </authentication-provider>
</authentication-manager>

<http auto-config="false" entry-point-ref="authenticationProcessingFilterEntryPoint">

    <intercept-url pattern="/resettingPassword.do**" access="ROLE_ADMIN" />
    <intercept-url pattern="/resetPassword.do**" access="ROLE_ADMIN" />
    <logout logout-success-url="/index.jsp" invalidate-session="true" />
</http>

我的spring-security.xml就像这样:

<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd">

<bean id="daoImpl" class="com.afterguard.sailplanner.dao.DaoImpl">
    <property name="dataSource" ref="dataSource" />
</bean>

<bean id="dataSource"
    class="org.springframework.jdbc.datasource.DriverManagerDataSource">

    <property name="driverClassName" value="com.mysql.jdbc.Driver" />
    <property name="url" value="jdbc:mysql://localhost:3306/sailplanner" />
    <property name="username" value="sailplanner" />
    <property name="password" value="sailplanner2" />
</bean>

我有以下web.xml:

<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-4.0.xsd">

<!-- enable use-expressions -->
<http auto-config="true" use-expressions="true">

    <intercept-url pattern="/inside**" access="hasRole('ROLE_USER')" />

    <!-- access denied page -->
    <access-denied-handler error-page="/403" />

    <form-login 
        login-page="/login" 
        default-target-url="/welcome" 
        authentication-failure-url="/login?error" 
        username-parameter="username"
        password-parameter="password" />

    <logout logout-success-url="/login?logout"  />

    <!-- enable csrf protection -->
    <csrf/>
</http>

<!-- Select users and user_roles from database -->
<authentication-manager>
  <authentication-provider>
    <jdbc-user-service data-source-ref="dataSource"
      users-by-username-query=
        "select email,password from users where username=?" />
  </authentication-provider>
</authentication-manager>

<http auto-config="false" entry-point-ref="authenticationProcessingFilterEntryPoint">

    <intercept-url pattern="/resettingPassword.do**" access="ROLE_ADMIN" />
    <intercept-url pattern="/resetPassword.do**" access="ROLE_ADMIN" />
    <logout logout-success-url="/index.jsp" invalidate-session="true" />
</http>

我的设置如下: enter image description here

1 个答案:

答案 0 :(得分:3)

看起来你错过了...... 

login-processing-url="/j_spring_security_check"

<form-login

请参阅Spring 3 -> 4 Migration Guide for XML。重复的xml代码看起来也很可疑。

相关问题
最新问题