为什么我的Spring项目在添加过滤器后无法正常工作?

时间:2016-06-28 17:11:32

标签: java spring spring-security

我有完全工作的项目,我想为它添加安全性。将DelegatingFilterProxy添加到web.xml后,它不起作用。这是:

<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>
    /WEB-INF/spring/applicationContext.xml
    /WEB-INF/spring/securityContext.xml
    </param-value>
</context-param>
<servlet>
    <servlet-name>dispatcher</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <init-param>
        <param-name>ContextConfigLocation</param-name>
        <param-value>/WEB-INF/spring/dispatcher-servlet.xml</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
    <servlet-name>dispatcher</servlet-name>
    <url-pattern>/</url-pattern>
</servlet-mapping>
<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>

<filter>
    <display-name>SpringSecurityFilterChain</display-name>
    <filter-name>SpringSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
    <filter-name>SpringSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

我所有与spring-security相关的依赖项都是4.1.0.RELEASE版本。我可以在我的日志中看到过滤器已加载,但没有提供错误,因此我很难弄清楚为什么网页无法加载。这是我的securityContext.xml 

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:security="http://www.springframework.org/schema/security"
    xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.1.xsd
        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">

 <security:authentication-manager>
    <security:authentication-provider>
        <security:user-service>
            <security:user name="testuser" authorities="ROLE_SUPERADMIN" password="password"/>
        </security:user-service>
    </security:authentication-provider>

</security:authentication-manager>


<security:http auto-config="true" use-expressions="true">
    <security:intercept-url pattern="/**" access="denyAll"/>
    <security:intercept-url pattern="/test" access="permitAll"/>
    <security:form-login />
</security:http>

这些是我的日志:

2016-06-28 18:59:40 INFO  ContextLoader:305 - Root WebApplicationContext: initialization started
2016-06-28 18:59:41 INFO  XmlWebApplicationContext:578 - Refreshing Root WebApplicationContext: startup date [Tue Jun 28 18:59:41 CEST 2016]; root of context hierarchy
2016-06-28 18:59:41 INFO  XmlBeanDefinitionReader:317 - Loading XML bean definitions from ServletContext resource [/WEB-INF/spring/applicationContext.xml]
2016-06-28 18:59:41 INFO  XmlBeanDefinitionReader:317 - Loading XML bean definitions from ServletContext resource [/WEB-INF/spring/securityContext.xml]
2016-06-28 18:59:41 INFO  SpringSecurityCoreVersion:74 - You are running with Spring Security Core 4.1.0.RELEASE
2016-06-28 18:59:41 INFO  SecurityNamespaceHandler:78 - Spring Security 'config' module version is 4.1.0.RELEASE
2016-06-28 18:59:41 INFO  FilterInvocationSecurityMetadataSourceParser:173 - Creating access control expression attribute 'denyAll' for /**
2016-06-28 18:59:41 INFO  FilterInvocationSecurityMetadataSourceParser:173 - Creating access control expression attribute 'permitAll' for /test
2016-06-28 18:59:41 INFO  AuthenticationConfigBuilder:539 - No login page configured. The default internal one will be used. Use the 'login-page' attribute to set the URL of the login page.
2016-06-28 18:59:41 INFO  HttpSecurityBeanDefinitionParser:306 - Checking sorted filter chain: [Root bean: class [org.springframework.security.web.context.SecurityContextPersistenceFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 200, Root bean: class [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 400, Root bean: class [org.springframework.security.web.header.HeaderWriterFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 500, Root bean: class [org.springframework.security.web.csrf.CsrfFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 600, Root bean: class [org.springframework.security.web.authentication.logout.LogoutFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 700, <org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#0>, order = 1100, Root bean: class [org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 1300, Root bean: class [org.springframework.security.web.authentication.www.BasicAuthenticationFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 1500, Root bean: class [org.springframework.security.web.savedrequest.RequestCacheAwareFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 1600, Root bean: class [org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 1700, Root bean: class [org.springframework.security.web.authentication.AnonymousAuthenticationFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 2000, Root bean: class [org.springframework.security.web.session.SessionManagementFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 2100, Root bean: class [org.springframework.security.web.access.ExceptionTranslationFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 2200, <org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0>, order = 2300]
2016-06-28 18:59:42 INFO  Version:66 - HCANN000001: Hibernate Commons Annotations {4.0.5.Final}
2016-06-28 18:59:42 INFO  Version:54 - HHH000412: Hibernate Core {4.3.11.Final}
2016-06-28 18:59:42 INFO  Environment:239 - HHH000206: hibernate.properties not found
2016-06-28 18:59:42 INFO  Environment:346 - HHH000021: Bytecode provider name : javassist
2016-06-28 18:59:43 INFO  Dialect:145 - HHH000400: Using dialect: org.hibernate.dialect.MySQLDialect
2016-06-28 18:59:43 INFO  LobCreatorBuilder:97 - HHH000423: Disabling contextual LOB creation as JDBC driver reported JDBC version [3] less than 4
2016-06-28 18:59:43 INFO  TransactionFactoryInitiator:62 - HHH000399: Using default transaction strategy (direct JDBC transactions)
2016-06-28 18:59:43 INFO  ASTQueryTranslatorFactory:47 - HHH000397: Using ASTQueryTranslatorFactory
2016-06-28 18:59:43 INFO  Version:30 - HV000001: Hibernate Validator 5.2.4.Final
2016-06-28 18:59:44 INFO  DefaultSecurityFilterChain:43 - Creating filter chain: Ant [pattern='/'], []
2016-06-28 18:59:44 INFO  DefaultSecurityFilterChain:43 - Creating filter chain: org.springframework.security.web.util.matcher.AnyRequestMatcher@1, [org.springframework.security.web.context.SecurityContextPersistenceFilter@4e8f2204, org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@184da4ba, org.springframework.security.web.header.HeaderWriterFilter@4c0addcf, org.springframework.security.web.csrf.CsrfFilter@60cd8a95, org.springframework.security.web.authentication.logout.LogoutFilter@57e50b8a, org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@22781db8, org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@3886489d, org.springframework.security.web.authentication.www.BasicAuthenticationFilter@3493e43a, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@4b550079, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@29a24176, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@23ea267f, org.springframework.security.web.session.SessionManagementFilter@8f3b40c, org.springframework.security.web.access.ExceptionTranslationFilter@6b462ba3, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@50d46e4c]
2016-06-28 18:59:44 INFO  DefaultFilterChainValidator:154 - Checking whether login URL '/login' is accessible with your configuration
2016-06-28 18:59:44 INFO  ContextLoader:345 - Root WebApplicationContext: initialization completed in 4021 ms
2016-06-28 18:59:44 INFO  XmlWebApplicationContext:960 - Closing Root WebApplicationContext: startup date [Tue Jun 28 18:59:41 CEST 2016]; root of context hierarchy
cze 28, 2016 6:59:45 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 6515 ms

1 个答案:

答案 0 :(得分:-1)

将SpringSecurityFilterChain更改为springSecurityFilterChain后,它可以正常工作。第一个字母必须是小写

相关问题
最新问题