我使用spring mvc和spring security开发了java应用程序。
当我在tomcat7上传和部署WAR文件时,它失败并在网址中给我这条消息:
manager/html/upload?org.apache.catalina.filters.CSRF_NONCE=982F861CA67920658BC340994D5B7A32
如何解决问题并正确上传我的网络应用程序?
[EDITED] 我的代码:
<http auto-config="true" use-expressions="true">
<csrf/>
<!-- custom login -->
<form-login login-page="/login" login-processing-url="/login" username-parameter="custom_email"
password-parameter="custom_password" authentication-failure-url="/login?error=true"/>
<remember-me key="remember-me"/>
<!-- css and js-->
<intercept-url pattern="resources/cms/**" access="permitAll"/>
<intercept-url pattern="resources/home/**" access="permitAll"/>
<intercept-url pattern="/wro/**" access="permitAll"/>
<intercept-url pattern="/cms/**" requires-channel="any" access="hasRole('ROLE_ADMIN')"/>
<intercept-url pattern="/account/**" requires-channel="any" access="isAuthenticated()"/>
<intercept-url pattern="/cart/**" requires-channel="any" access="isAuthenticated()"/>
<intercept-url pattern="/checkout/**" requires-channel="any" access="isAuthenticated()"/>
<logout logout-url="/logout" logout-success-url="/login"/>
<!--<csrf disabled="true"/>-->
</http>
<authentication-manager>
<authentication-provider user-service-ref="customUserDetailsService">
<password-encoder ref="passwordEncoder"/>
</authentication-provider>
</authentication-manager>
答案 0 :(得分:0)
编辑Spring-security.xml
<http auto-config="true" use-expressions="true">
...
<csrf disabled="true"/>
</http>