我想在我的项目中使用Spring Security 4.0.3,但我真的不知道如何与其他技术结合使用:
我读了一些关于Vaadin和Spring Security的文章,但我没有找到任何关于将其与官方Vaadin Spring Addon集成的内容。
因为我是Vaadin的新手,所以我跟着Vaadins official Spring tutorial和Spring Security documentation。我想设置我的项目没有Spring Boot !目前我得到以下内容:
@WebListener
public class MyContextLoaderListener extends ContextLoaderListener
{
}
@WebServlet(value = "/*", asyncSupported = true)
public class Servlet extends SpringVaadinServlet
{
}
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter
{
@Autowired
UserDetailsService userDetailsService;
@Bean
public PasswordEncoder passwordEncoder()
{
PasswordEncoder encoder = new BCryptPasswordEncoder();
return encoder;
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception
{
auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
}
@Override
protected void configure(HttpSecurity http) throws Exception
{
// @formatter:off
http
.authorizeRequests()
.antMatchers("/VAADIN/**", "/UIDL/**", "/login**", "/resources/**").permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage("/login").defaultSuccessUrl("/#!", true).permitAll()
.and()
.logout().permitAll()
.and()
.csrf().disable();
// @formatter:on
// TODO plumb custom HTTP 403 and 404 pages
/* http.exceptionHandling().accessDeniedPage("/access?error"); */
}
}
public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer
{
}
我的pom.xml看起来像这样:
[...]
<spring.version>4.2.1.RELEASE</spring.version>
<spring.security.version>4.0.3.RELEASE</spring.security.version>
[...]
<dependencies>
[...]
<dependency>
<groupId>com.vaadin</groupId>
<artifactId>vaadin-spring</artifactId>
<version>1.0.0</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-orm</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aop</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aspects</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>${spring.security.version}</version>
</dependency>
</dependencies>
[...]
现在我问自己是否以正确的方式实施了它。我最好不想使用web.xml,而是想使用Java配置。
服务器启动时没有错误,但是当我打开URL时,我收到以下错误消息:
HTTP状态404 - 任何已注册的处理程序都未处理请求。
任何人都可以帮助我吗?
修改
我不知道我是否正确的方式,但我在SpringVaadinServlet的注释中添加了一个星号“/ *”: @WebServlet(value =“/ **”,asyncSupported = true)
现在,在浏览器重定向到http://localhost:8080/myApp/login之后,我得到一个正常的404 Not Found而没有任何内容...