我正在尝试使用Spring Security和JSP在我的应用程序中实现安全性。但是,我收到了上述错误。我在互联网上查看,有一篇文章说,当登录路径url有另一个级别时,我们收到此错误消息,例如'auth / login',这是我的情况。 我的登录路径是http://localhost:8080/temp/login/login.mvc。建议的解决方案是添加一个' /'在login.jsp中的j_spring_security_check'前面。 这将确保Spring使用url正确处理登录。 但是,我仍然遇到同样的错误。
下面是我的login.jsp,spring-security.xml和控制器代码。
的Login.jsp:
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html id="login">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title><spring:message code="login.title" /></title>
</head>
<body>
<div class="container spaceless">
<form name='loginForm' action="<c:url value='/j_spring_security_check' />" method='POST'>
<table id="albums" cellspacing="0px" style="width: 100%;">
<tr>
<td width="32%" align="right" style="padding-right:13px;"><spring:message code="login.email" /></td>
<td style="padding-right: 22px;"><input type="text" name="j_username" size="29" style="width: 100%;"></td>
</tr>
<tr class="spaceUnderLess">
<td width="32%" align="right" style="padding-right:13px;"><spring:message code="login.password" /></td>
<td style="padding-right: 22px;"><input type="password" name="j_password" size="29" style="width: 100%;"></td>
</tr>
<tr class="spaceUnderLess" >
<td width="32%" ></td>
<td>
<input type="checkbox" name="checkbox" id="checkbox_id" value="value">
<label for="checkbox_id"><spring:message code="login.remember" /></label>
</td>
</tr>
<tr class="spaceUnderLess" >
<td colspan="2" align="right" style="padding-right: 19px;">
<span style="padding-right:13px;" class="colorText"><spring:message code="login.forget.password" /></span>
<button class="btn btn-primary dropdown-toggle" type="submit" style="width:120px;"><spring:message code="login.btn.access" /></button>
</td>
</tr>
</table>
</form>
</div>
</body>
</html>
弹簧security.xml文件
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd">
<http auto-config="true">
<intercept-url pattern="/admin**" access="ROLE_USER" />
<form-login
login-processing-url="/j_spring_security_check"
login-page="/login"
default-target-url="/welcome"
authentication-failure-url="/login?error"
username-parameter="username"
password-parameter="password" />
<logout logout-success-url="/login?logout" />
<!-- enable csrf protection -->
<csrf/>
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="user" password="1234" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
控制器:
@RequestMapping(value = "/login.mvc")
public ModelAndView getLogin(Model model) {
return new ModelAndView("login");
}
或者我可能需要在web.xml中添加任何内容? web.xml中:
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<display-name>Archetype Created Web Application</display-name>
<!-- Le dispatcher de servlet de spring -->
<servlet>
<servlet-name>TempMvc</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>
classpath:applicationContext.xml,
classpath:TempMvc-servlet.xml
</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>TempMvc</servlet-name>
<url-pattern>*.mvc</url-pattern>
</servlet-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:application-context-webservice.xml,classpath:applicationContext.xml,
classpath:TempMvc-servlet.xml</param-value>
</context-param>
<!-- Le dispatcher de servlet de cxf -->
<servlet>
<servlet-name>CXFServlet</servlet-name>
<servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class>
<init-param>
<param-name>contextConfigLocationCXf</param-name>
<param-value>
classpath:application-context-webservice.xml
</param-value>
</init-param>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>CXFServlet</servlet-name>
<url-pattern>/ws/*</url-pattern>
</servlet-mapping>
<!-- The Welcome File List -->
<welcome-file-list>
<welcome-file>/login/login.mvc</welcome-file>
</welcome-file-list>
</web-app>