我使用Spring和Spring安全性开发了一个webapp(称为" wander")。当我在我的开发PC上运行我的web应用程序或在我托管我的网站的tomcat服务器上部署webapp时,webapp工作正常并重定向到URL为http:// localhost:8080 / wander到http:// localhost:当我没有登录时,8080 / wander / login。正如预期的那样,我在登录时将其重定向到root http://localhost:8080/wander作为项目根目录。
但是,调整我的vhosts文件以使用自定义域,当我以项目根目录访问www.customdomain.com/wander时,如果我没有登录,则在此处,"登录"被添加到URL中,其中www.customdomain.com/wanderlogin显示为URL,然后我得到404缺页错误。当我访问www.customdomain.com/wander或者我没有登录时,为什么会出现此错误,为什么"登录"得到附加而不是去www.customdomain.com/wander/login?我不确定这个错误是在我的webapp本身还是在部署服务器上,以及我如何配置它。任何建议都会非常有用,因为我是webapp开发的新手。我检查了我的Tomcat和Apache日志,似乎没有错误相关。
Dispatcher Servlet:
<context:component-scan base-package="com.togetherwander.web.controllers">
</context:component-scan>
<mvc:annotation-driven />
<bean class="org.springframework.context.support.ResourceBundleMessageSource"
id="messageSource">
<property value="com.togetherwander.web.messages.messages"
name="basename" />
</bean>
<bean id="tilesViewResolver"
class="org.springframework.web.servlet.view.tiles2.TilesViewResolver">
</bean>
<bean id="tilesConfigurer"
class="org.springframework.web.servlet.view.tiles2.TilesConfigurer">
<property name="definitions">
<list>
<value>/WEB-INF/layouts/default.xml</value>
</list>
</property>
</bean>
安全-conext.xml:
<security:authentication-manager>
<security:authentication-provider>
<security:jdbc-user-service
data-source-ref="dataSource"
authorities-by-username-query='select username, authority from users where binary username = ?'
users-by-username-query='select username, password, enabled from users where binary username = ?'
id="jdbcUserService" />
</security:authentication-provider>
</security:authentication-manager>
<security:http use-expressions="true">
<security:intercept-url pattern="/admin"
access="hasRole('ROLE_ADMIN')" />
<security:intercept-url pattern="/"
access="isAuthenticated()" />
<security:intercept-url pattern="/createevent"
access="permitAll" />
<security:intercept-url pattern="/docreateevent"
access="permitAll" />
<security:intercept-url pattern="/createwander"
access="isAuthenticated()" />
<security:intercept-url pattern="/editevent"
access="isAuthenticated()" />
<security:intercept-url pattern="/doeditevent"
access="isAuthenticated()" />
<security:intercept-url pattern="/removetraveler"
access="isAuthenticated()" />
<security:intercept-url pattern="/docreate"
access="isAuthenticated()" />
<security:intercept-url pattern="/showwander"
access="permitAll" />
<security:intercept-url pattern="/home"
access="permitAll" />
<security:intercept-url pattern="/removewander"
access="permitAll" />
<security:intercept-url pattern="/removeevent"
access="permitAll" />
<security:intercept-url pattern="/loggedout"
access="permitAll" />
<security:intercept-url pattern="/newaccount"
access="permitAll" />
<security:intercept-url pattern="/createaccount"
access="permitAll" />
<security:intercept-url pattern="/accountcreated"
access="permitAll" />
<security:intercept-url pattern="/static/**"
access="permitAll" />
<security:intercept-url pattern="/login"
access="permitAll" />
<security:intercept-url pattern="/**" access="denyAll" />
<security:form-login login-page="/login"
authentication-failure-url="/login?error=true" />
<security:logout logout-success-url="/loggedout" />
<security:access-denied-handler
error-page="/denied" />
<security:remember-me key="offersAppKey"
user-service-ref="jdbcUserService" />
</security:http>
<security:global-method-security
secured-annotations="enabled"></security:global-method-security>
<bean id="passwordEncoder"
class="org.springframework.security.crypto.password.StandardPasswordEncoder">
</bean>
的LoginController:
package com.togetherwander.web.controllers;
import javax.validation.Valid;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.dao.DuplicateKeyException;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import com.togetherwander.web.dao.FormValidationGroup;
import com.togetherwander.web.dao.User;
import com.togetherwander.web.service.UsersService;
@Controller
public class LoginController {
private UsersService usersService;
@RequestMapping("/loggedout")
public String showLoggedOut() {
return "login";
}
@Autowired
public void setUsersService(UsersService usersService) {
this.usersService = usersService;
}
@RequestMapping("/login")
public String showLogin() {
return "login";
}
@RequestMapping("/newaccount")
public String showNewAccount(Model model) {
model.addAttribute("user", new User());
return "newaccount";
}
@RequestMapping(value="/createaccount", method=RequestMethod.POST)
public String createAccount(@Validated(FormValidationGroup.class) User user, BindingResult result) {
if(result.hasErrors()) {
return "newaccount";
}
user.setAuthority("user");
user.setEnabled(true);
if(usersService.exists(user.getUsername())){
result.rejectValue("username", "DuplicateKey.user.username", "This username already exists!");
return "newaccount";
}
try {
usersService.create(user);
} catch (DuplicateKeyException e) {
result.rejectValue("username", "DuplicateKey.user.username");
return "newaccount";
}
return "home";
}
}
答案 0 :(得分:0)
好的,所以这总是简单的答案。当我的登录控制器重定向到登录jsp时,与我的其他webapps不同,我似乎需要在root之后的代理传递中使用正斜杠:&#34; / wander /&#34;我仍然不知道为什么我的Spring项目需要这个,而不是我的标准jsp和servlet项目。
<VirtualHost *:80>
ServerName example.com
ProxyRequests On
ProxyPass /wander/ http://localhost:8080/wander/
ProxyPassReverse /wander/ http://localhost:8080/wander/
<Location "/sample">
Order allow,deny
Allow from all
</Location>