请原谅我可怜的英语,谢谢 这是我的spring-security.xml 通过这种方式,它无法正常工作
<http pattern="/resources/**" security="none" />
***<http pattern="/login" security="none"/>***
<http pattern="/about" security="none"/>
<http auto-config="true" use-expressions="true">
<form-login login-page="/login" default-target-url="/" password-parameter="pwd"/>
<logout logout-success-url="/about" />
<intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
<intercept-url pattern="/user/*" access="hasRole('ROLE_USER')" />
<intercept-url pattern="/admin/*" access="hasRole('ROLE_ADMIN')" />
<custom-filter ref="ipFilter" before="FILTER_SECURITY_INTERCEPTOR" />
<remember-me remember-me-parameter="remember-me" token-validity-seconds="604800" data-source-ref="dataSource" user-service-ref="customjdbcUserService" />
</http>
如果/ login网址配置如下:
***<http pattern="/login" security="none"/>***
,然后登录无法正常工作,它只是响应login.jsp。 但如果/ login已配置为此类型
<http auto-config="true" use-expressions="true">
<form-login login-page="/login" default-target-url="/" password-parameter="pwd" />
<logout logout-success-url="/about" />
***<intercept-url pattern="/login" access="permitAll" />***
...
</http>
效果很好,然后我可以登录我的应用
这是第一种类型(***<http pattern="/login" security="none"/>***)
21:59:10,651 DEBUG AntPathRequestMatcher:151 - Checking match of request : '/login'; against '/login'
21:59:10,652 DEBUG FilterChainProxy:200 - /login has an empty filter list
21:59:10,652 DEBUG DispatcherServlet:861 - DispatcherServlet with name 'springmvc' processing POST request for [/login]
21:59:10,652 DEBUG RequestMappingHandlerMapping:294 - Looking up handler method for path /login
21:59:10,652 DEBUG RequestMappingHandlerMapping:299 - Returning handler method [public void com.bay1ts.controller.BaseController.login()]
21:59:10,652 DEBUG DefaultListableBeanFactory:248 - Returning cached instance of singleton bean 'baseController'
21:59:10,653 DEBUG DispatcherServlet:1241 - Rendering view [org.springframework.web.servlet.view.JstlView: name 'login'; URL [/WEB-INF/jsps/login.jsp]] in DispatcherServlet with name 'springmvc'
21:59:10,653 DEBUG DefaultListableBeanFactory:248 - Returning cached instance of singleton bean 'requestDataValueProcessor'
21:59:10,653 DEBUG JstlView:166 - Forwarding to resource [/WEB-INF/jsps/login.jsp] in InternalResourceView 'login'
21:59:10,661 DEBUG DispatcherServlet:996 - Successfully completed request
这是我的login.jsp文件的主要部分
<form action="login" method=post>
<div class="input-container">
<input type="text" id="Username" name="username" required="required"/>
<label for="用户名">Username</label>
<div class="bar"></div>
</div>
<div class="input-container">
<input type="password" id="Password" name="pwd" required="required"/>
<label for="密码">Password</label>
<div class="bar"></div>
</div>
<div class="checkbox">
<input type="checkbox" id="Remember-me" name="remember-me" required="required"/>
<label for="Remember-me">Remember-me</label>
<div class="checkbox"></div>
</div>
<div class="button-container">
<button><span>Go</span></button>
</div>
<div class="footer"><a href="#">忘记密码?</a></div>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form>
这是baseController
@Controller
public class BaseController {
@RequestMapping("/")
public String index(){
return "index";
}
@RequestMapping("/login")
public void login(){
}
@RequestMapping("/about")
public String about(){
return "about";
}
}
我的春季安全版本是4.0.2
谢谢