我正在努力让hasIpAddress('192.168.0.129')
hasIpAddress('192.168.0.0/24')
hasIpAddress('192.168.0/24')
致力于Spring Security。我已经阅读了我在网上找到的所有内容,但没有解决我的问题......
我试过了:
hasIpAddress我只能在没有SpringSecurityConfig.xml ...
在<http use-expressions="true">
<intercept-url pattern="/init.do" access="isAnonymous() and hasIpAddress('192.168.0/24')" />
<form-login login-page="/login" />
<logout />
</http>
:
09/15/2016 16:19:19 [http-listener-1(5)]:springframework.security.web.context.SecurityContextPersistenceFilter.doFilter()119 SecurityContextHolder now cleared, as request processing completed
09/15/2016 16:19:19 [http-listener-1(1)]:org.springframework.security.web.FilterChainProxy.doFilter()325 /init.do at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
09/15/2016 16:19:19 [http-listener-1(1)]:springframework.security.web.context.HttpSessionSecurityContextRepository.readSecurityContextFromSession()186 HttpSession returned null object for SPRING_SECURITY_CONTEXT
09/15/2016 16:19:19 [http-listener-1(1)]:springframework.security.web.context.HttpSessionSecurityContextRepository.loadContext()116 No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@4636ced1. A new one will be created.
09/15/2016 16:19:19 [http-listener-1(1)]:org.springframework.security.web.FilterChainProxy.doFilter()325 /init.do at position 2 of 12 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
09/15/2016 16:19:19 [http-listener-1(1)]:org.springframework.security.web.FilterChainProxy.doFilter()325 /init.do at position 3 of 12 in additional filter chain; firing Filter: 'HeaderWriterFilter'
09/15/2016 16:19:19 [http-listener-1(1)]:org.springframework.security.web.FilterChainProxy.doFilter()325 /init.do at position 4 of 12 in additional filter chain; firing Filter: 'CsrfFilter'
09/15/2016 16:19:19 [http-listener-1(1)]:org.springframework.security.web.FilterChainProxy.doFilter()325 /init.do at position 5 of 12 in additional filter chain; firing Filter: 'LogoutFilter'
09/15/2016 16:19:19 [http-listener-1(1)]:security.web.util.matcher.AntPathRequestMatcher.matches()137 Request 'GET /init.do' doesn't match 'POST /logout
09/15/2016 16:19:19 [http-listener-1(1)]:org.springframework.security.web.FilterChainProxy.doFilter()325 /init.do at position 6 of 12 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
09/15/2016 16:19:19 [http-listener-1(1)]:security.web.util.matcher.AntPathRequestMatcher.matches()137 Request 'GET /init.do' doesn't match 'POST /login
09/15/2016 16:19:19 [http-listener-1(1)]:org.springframework.security.web.FilterChainProxy.doFilter()325 /init.do at position 7 of 12 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
09/15/2016 16:19:19 [http-listener-1(1)]:springframework.security.web.savedrequest.DefaultSavedRequest.propertyEquals()322 pathInfo: both null (property equals)
09/15/2016 16:19:19 [http-listener-1(1)]:springframework.security.web.savedrequest.DefaultSavedRequest.propertyEquals()322 queryString: both null (property equals)
09/15/2016 16:19:19 [http-listener-1(1)]:springframework.security.web.savedrequest.DefaultSavedRequest.propertyEquals()339 requestURI: arg1=/gestionprod/; arg2=/gestionprod/ (property equals)
09/15/2016 16:19:19 [http-listener-1(1)]:springframework.security.web.savedrequest.DefaultSavedRequest.propertyEquals()339 serverPort: arg1=8080; arg2=8080 (property equals)
09/15/2016 16:19:19 [http-listener-1(1)]:springframework.security.web.savedrequest.DefaultSavedRequest.propertyEquals()339 requestURL: arg1=http://localhost:8080/gestionprod/; arg2=http://localhost:8080/gestionprod/ (property equals)
09/15/2016 16:19:19 [http-listener-1(1)]:springframework.security.web.savedrequest.DefaultSavedRequest.propertyEquals()339 scheme: arg1=http; arg2=http (property equals)
09/15/2016 16:19:19 [http-listener-1(1)]:springframework.security.web.savedrequest.DefaultSavedRequest.propertyEquals()339 serverName: arg1=localhost; arg2=localhost (property equals)
09/15/2016 16:19:19 [http-listener-1(1)]:springframework.security.web.savedrequest.DefaultSavedRequest.propertyEquals()339 contextPath: arg1=/gestionprod; arg2=/gestionprod (property equals)
09/15/2016 16:19:19 [http-listener-1(1)]:springframework.security.web.savedrequest.DefaultSavedRequest.propertyEquals()339 servletPath: arg1=/init.do; arg2=/init.do (property equals)
09/15/2016 16:19:19 [http-listener-1(1)]:springframework.security.web.savedrequest.HttpSessionRequestCache.removeRequest()82 Removing DefaultSavedRequest from session if present
09/15/2016 16:19:19 [http-listener-1(1)]:org.springframework.security.web.FilterChainProxy.doFilter()325 /init.do at position 8 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
09/15/2016 16:19:19 [http-listener-1(1)]:org.springframework.security.web.FilterChainProxy.doFilter()325 /init.do at position 9 of 12 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
09/15/2016 16:19:19 [http-listener-1(1)]:springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter()100 Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@6faa3d44: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@ffff4c9c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: e2c51e45dac31339aa97b4863285; Granted Authorities: ROLE_ANONYMOUS'
09/15/2016 16:19:19 [http-listener-1(1)]:org.springframework.security.web.FilterChainProxy.doFilter()325 /init.do at position 10 of 12 in additional filter chain; firing Filter: 'SessionManagementFilter'
09/15/2016 16:19:19 [http-listener-1(1)]:org.springframework.security.web.FilterChainProxy.doFilter()325 /init.do at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
09/15/2016 16:19:19 [http-listener-1(1)]:org.springframework.security.web.FilterChainProxy.doFilter()325 /init.do at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
09/15/2016 16:19:19 [http-listener-1(1)]:security.web.util.matcher.AntPathRequestMatcher.matches()157 Checking match of request : '/init.do'; against '/init.do'
09/15/2016 16:19:19 [http-listener-1(1)]:security.web.access.intercept.FilterSecurityInterceptor.beforeInvocation()219 Secure object: FilterInvocation: URL: /init.do; Attributes: [isAnonymous() and hasIpAddress('192.168.0/24')]
09/15/2016 16:19:19 [http-listener-1(1)]:security.web.access.intercept.FilterSecurityInterceptor.authenticateIfRequired()348 Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@6faa3d44: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@ffff4c9c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: e2c51e45dac31339aa97b4863285; Granted Authorities: ROLE_ANONYMOUS
09/15/2016 16:19:19 [http-listener-1(1)]:springframework.security.access.vote.AffirmativeBased.decide()66 Voter: org.springframework.security.web.access.expression.WebExpressionVoter@36f219a, returned: -1
09/15/2016 16:19:19 [http-listener-1(1)]:springframework.security.web.access.ExceptionTranslationFilter.handleSpringSecurityException()174 Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
在我的日志中:
Cell A | Cell B | Cell C (result)
=============================
My Name | this | My Name 1
-------------------------------
my Name | you | My Name 2
My name | our | My name 3
答案 0 :(得分:1)
您的客户端IP地址错误0:0:0:0:0:0:0:1,请参阅:
09/15/2016 16:19:19 [http-listener-1(1)]:security.web.access.intercept.FilterSecurityInterceptor.authenticateIfRequired()348 Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@6faa3d44: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@ffff4c9c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: e2c51e45dac31339aa97b4863285; Granted Authorities: ROLE_ANONYMOUS
0:0:0:0:0:0:0:1是loopback的IPv6地址,请参阅RFC 4291:
单播地址0:0:0:0:0:0:0:1称为环回地址。
请勿使用localhost来呼叫您的服务器,这是一个环回,请参阅Wikipedia:
将名称 localhost 解析为一个或多个IP地址由操作系统主机文件中的以下行配置:
127.0.0.1 localhost ::1 localhost