我正在尝试使用Spring Security创建一个简单的登录系统。当我从登录表单发布时,我在j_spring_security_check上获得了404。
这是我的春天安全:
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-4.0.xsd">
<http use-expressions="true">
<intercept-url pattern="/dashboard/**" access="hasRole('ROLE_USER')" />
<form-login
login-page="/login"
default-target-url="/dashboard/home"
authentication-failure-url="/login?error"
username-parameter="username"
password-parameter="pass" />
<logout logout-success-url="/mp" />
<!-- enable csrf protection -->
<csrf/>
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="user" password="secret" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
我的登录控制器:
@Controller
public class LoginController {
@RequestMapping(value = "/login", method = RequestMethod.GET)
public ModelAndView login(@RequestParam(value = "error", required = false) String error,
@RequestParam(value = "logout", required = false) String logout) {
ModelAndView modelAndView = new ModelAndView();
if (error != null) {
modelAndView.addObject("error", "Are you sure you got the correct username/password....");
}
if (logout != null) {
modelAndView.addObject("msg", "We are sorry to see you go....");
}
modelAndView.setViewName(Views.LOGIN_VIEW);
return modelAndView;
}
}
我的登录视图:
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Login</title>
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"
integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7"
crossorigin="anonymous">
<!-- Optional theme -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap-theme.min.css"
integrity="sha384-fLW2N01lMqjakBkx3l/M9EahuwpSfeNvV63J5ezn3uZzapT0u7EYsXMjQV+0En5r"
crossorigin="anonymous">
<!-- Latest compiled and minified JavaScript -->
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"
integrity="sha384-0mSbJDEHialfmuBBQP6A4Qrprq5OVfW37PRR3j5ELqxss1yVqOtnepnHVP9aJ7xS"
crossorigin="anonymous"></script>
<spring:url value="resources/styles/mundane.css" var="coreCss" />
<c:url value="j_spring_security_check" var="loginUrl" />
<link href="${coreCss}" rel="stylesheet" />
</head>
<body>
<c:if test="${not empty error}">
<div class="alert alert-danger" role="alert">
<strong>Oh snap!</strong> ${error}.
</div>
</c:if>
<c:if test="${not empty msg}">
<div class="alert alert-danger" role="alert">
<strong>Oh snap!</strong> ${msg}
</div>
</c:if>
<form name='loginForm'
action="${loginUrl}" method='POST'>
<fieldset class="form-group">
<label>Username</label>
<input type="text" class="form-control" name="username" id="username" />
</fieldset>
<fieldset class="form-group">
<label>Password</label>
<input type="password" class="form-control" name="pass" id="pass" />
</fieldset>
<input type="hidden" name="${_csrf.parameterName}"
value="${_csrf.token}" />
<button type="submit" class="btn btn-lg btn-primary">Login</button>
</form>
</body>
</html>