通用匹配模式(' / **')在过滤器链中的其他模式之前定义,导致它们被忽略

时间:2016-07-16 00:14:11

标签: java spring jsp spring-mvc spring-security

Spring Security基本示例提供了此异常。

org.springframework.beans.factory.BeanCreationException: Error creating bean 
with name 'org.springframework.security.filterChainProxy': Invocation of init 
method failed; nested exception is java.lang.IllegalArgumentException: A 
universal match pattern ('/**') is defined  before other patterns in the 
filter chain, causing them to be ignored. Please check the ordering in your 
<security:http> namespace or FilterChainProxy bean configuration

的web.xml 

    <?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">

    <!-- The definition of the Root Spring Container shared by all Servlets and Filters -->
    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>
            /WEB-INF/spring/root-context.xml
            /WEB-INF/spring/security.xml
            /WEB-INF/spring/data.xml
        </param-value>

    </context-param>

    <!-- Creates the Spring Container shared by all Servlets and Filters -->
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>

    <!-- Processes application requests -->
    <servlet>
        <servlet-name>appServlet</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>/WEB-INF/spring/appServlet/dispatcher-servlet.xml</param-value>
        </init-param>
        <load-on-startup>1</load-on-startup>
    </servlet>

    <servlet-mapping>
        <servlet-name>appServlet</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

</web-app>

security.xml文件 

    <?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd">

        <http auto-config="true" use-expressions="true">
            <intercept-url pattern="/views/*" access="ROLE_USER" />

            <form-login
            login-page="/login"
            authentication-failure-url="/login?error=true"
            default-target-url="/user"
            username-parameter="user_login"
            password-parameter="password_login"/>
        </http>

        <authentication-manager>
            <authentication-provider>
                <user-service>
                    <user name="user" password="upass" authorities="ROLE_USER"/>
                </user-service>
            </authentication-provider>
        </authentication-manager>

</beans:beans>

文件结构

http://prntscr.com/btgtg6

我正在使用这些版本 - Spring 3.2.8.RELEASE / Spring security 3.2.5.RELEASE / Tomcat 7 / Java 1.7。

0 个答案:

没有答案
相关问题
最新问题