Question

的login.jsp

<div id="login" class="animate form">
                    <form action="${loginUrl}" method="POST">
                        <h1>Log in</h1>

                        <c:url var="loginUrl" value="/login" />
                        <c:if test="${param.error != null}">
                            <input type="text" class="alert-danger" id="danger" name="danger"
                                placeholder="Invalid username and password." disabled />
                            <br />
                        </c:if>
                        <c:if test="${param.logout != null}">
                            <input type="text" class="alert-success" id="success"
                                name="success"
                                placeholder="You have been logged out successfully." disabled />
                            <br />
                        </c:if>


                        <p>
                            <label for="username" class="uname" data-icon="u"> Your
                                email </label> <input id="username" name="login" required="required"
                                type="text" placeholder="mymail@atos.net" />
                        </p>
                        <p>
                            <label for="password" class="youpasswd" data-icon="p">
                                Your password </label> <input id="password" name="password"
                                required="required" type="password" placeholder="eg. X8df!90EO" />
                        </p>
                        <p class="keeplogin">
                            <input type="checkbox" name="remember-me" id="rememberme"
                                value="rememberme" /> <label for="rememberme">Remember
                                Me</label>
                        </p>
                        <p class="login button">
                            <input type="submit" value="Login" />
                        </p>
                        <p class="change_link"></p>
                    </form>
                </div>

userlist.jsp

<div class="generic-container">
        <%@include file="authheader.jsp" %>   
        <div class="panel panel-default">
              <!-- Default panel contents -->
            <div class="panel-heading"><span class="lead">List of Users </span></div>
            <table class="table table-hover">
                <thead>
                    <tr>
                        <th>Prenom</th>
                        <th>Nom</th>
                        <th>Matricule</th>
                        <th>Login</th>
                        <sec:authorize access="hasRole('ADMIN') or hasRole('READ')">
                            <th width="100"></th>
                        </sec:authorize>
                        <sec:authorize access="hasRole('ADMIN')">
                            <th width="100"></th>
                        </sec:authorize>

                    </tr>
                </thead>
                <tbody>
                <c:forEach items="${users}" var="user">
                    <tr>
                        <td>${user.prenom}</td>
                        <td>${user.nom}</td>
                        <td>${user.matricule}</td>
                        <td>${user.login}</td>
                        <sec:authorize access="hasRole('ADMIN') or hasRole('READ')">
                            <td><a href="<c:url value='/edit-user-${user.login}' />" class="btn btn-success custom-width">edit</a></td>
                        </sec:authorize>
                        <sec:authorize access="hasRole('ADMIN')">
                            <td><a href="<c:url value='/delete-user-${user.login}' />" class="btn btn-danger custom-width">delete</a></td>
                        </sec:authorize>
                    </tr>
                </c:forEach>
                </tbody>
            </table>
        </div>
        <sec:authorize access="hasRole('ADMIN')">
            <div class="well">
                <a href="<c:url value='/newuser' />">Add New User</a>
            </div>
        </sec:authorize>
    </div>

AppController.java

@Controller
@RequestMapping("/")
@SessionAttributes("roles")
public class AppController {

    @Autowired
    IService_User<USER> userService;

    @Autowired
    IService<COMPTE> compteService;

    @Autowired
    MessageSource messageSource;

    @Autowired
    PersistentTokenBasedRememberMeServices persistentTokenBasedRememberMeServices;

    @Autowired
    AuthenticationTrustResolver authenticationTrustResolver;

@RequestMapping(value = { "/", "/list" }, method = { RequestMethod.GET, RequestMethod.POST })
    public String listUsers(ModelMap model) {

        List<USER> users = userService.findAllOBJECTS();
        model.addAttribute("users", users);
        model.addAttribute("loggedinuser", getPrincipal());
        return "userslist";
    }

@RequestMapping(value = {"/login"}, method = { RequestMethod.GET, RequestMethod.POST })
    public String loginPage() {
        if (isCurrentAuthenticationAnonymous()) {
            return "login";
        } else {
            return "redirect:/list";
        }
    }
}

有2个页面：login.jsp - 包含用登录名和密码填写的表单的起始页面 - userlist.jsp结果列表＆＃34;显示所有用户持久保存在DB＆＃34; .. 首先显示登录页面，当我点击提交按钮时出现此错误： org.springframework.web.servlet.PageNotFound - 请求方法＆＃39; POST＆＃39;不支持

Answer 1

在post注释中添加@RequestMapping方法，如下所示;）

@RequestMapping(value = {"/login"}, method = {RequestMethod.GET, RequestMethod.POST})
public String loginPage() {
    if (isCurrentAuthenticationAnonymous()) {
        return "login";
    } else {
        return "redirect:/list";
    }
}

Answer 2

在您的login.jsp中，您正在使用http方法POST

<form action="${loginUrl}" method="POST">

并且在控制器中，您正在使用http方法GET

@RequestMapping(value = {"/login"}, method = RequestMethod.GET)
    public String loginPage() {
        if (isCurrentAuthenticationAnonymous()) {
            return "login";
        } else {
            return "redirect:/list";
        }
    }

在您的控制器中更改method = RequestMethod.POST之后，问题将会解决，如此

@RequestMapping(value = {"/login"}, method = RequestMethod.POST)
    public String loginPage() {
        if (isCurrentAuthenticationAnonymous()) {
            return "login";
        } else {
            return "redirect:/list";
        }
    }

Answer 3

在您的登录表单中，您明确发出了POST请求...并且在您的控制器中，该URL被映射到GET请求..这是问题...请将控制器设置为POST ...就像

@RequestMapping(value = {"/login"}, method = RequestMethod.POST)
    public String loginPage() {
        if (isCurrentAuthenticationAnonymous()) {
            return "login";
        } else {
            return "redirect:/list";
        }
    }

Answer 4

如果您使用的是spring security 4.x.x. ，CSRF默认启用。因此，您必须提供表格中提交的csrf。

将csrf标记添加为隐藏字段可以解决问题：

<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>

请求方法＆＃39; POST＆＃39;不支持 - SPRING

4 个答案: