我正在我的应用程序中配置安全性。我正在使用Spring-4.0安全性 下面是我的安全配置
<http use-expressions="true" entry-point-ref="restAuthenticationEntryPoint">
<intercept-url pattern="/api/**" />
<sec:form-login authentication-success-handler-ref="mySuccessHandler"
authentication-failure-handler-ref="myFailureHandler" />
<logout />
</http>
<!-- Connect the custom authentication success handler -->
<beans:bean id="mySuccessHandler" class="com.zertones.system.security.AuthenticationSuccessHandler" />
<!-- Using default failure handler -->
<beans:bean id="myFailureHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler" />
<!-- Authentication manager -->
<authentication-manager alias="authenticationManager">
<authentication-provider>
<user-service>
<user name="temporary" password="temporary" authorities="ROLE_ADMIN" />
<user name="user" password="userPass" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
<!-- Enable the annotations for defining the secure role -->
<global-method-security secured-annotations="enabled" />
的web.xml
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/api/*</url-pattern>
</filter-mapping>
restAuthenticationEntryPoint
@Component("restAuthenticationEntryPoint")
public class RestAuthenticationEntryPoint implements AuthenticationEntryPoint
{
@Override
public void commence(HttpServletRequest request, HttpServletResponse response,
AuthenticationException authException) throws IOException
{
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");
}
}
但是当我尝试点击http://localhost:8080/CollegeApp/j_spring_security_check或http://localhost:8080/CollegeApp/login时,它会给我404状态