Spring Security 5在登录时返回403

时间:2017-10-16 13:35:45

标签: spring-security

我正在评估Spring 5(MVC)和Spring Security 5。 当我从自定义表单发布用户名和密码时,我得到403返回代码。 当使用而不是Spring默认登录表单时,一切正常。

这是我的applicationContext-security.xml 

<?xml version="1.0" encoding="UTF-8"?>
<b:beans xmlns="http://www.springframework.org/schema/security"
     xmlns:b="http://www.springframework.org/schema/beans"
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
                    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">

<http auto-config='false' use-expressions="true">
    <intercept-url pattern="/assets/**" access="isAnonymous() or hasRole('ROLE_USER')" />
    <intercept-url pattern="/pages/**" access="isAnonymous() or hasRole('ROLE_USER')" />
    <intercept-url pattern="/index.do**" access="isAnonymous() or hasRole('ROLE_USER')" />
    <intercept-url pattern="/app2/**" access="isAnonymous() or hasRole('ROLE_USER')" />
    <intercept-url pattern="/**" access="hasRole('ROLE_USER')" />

    <form-login login-page="/index.do#/login"
                login-processing-url="/login"
                default-target-url="/index.do"/>
</http>

<authentication-manager>
    <authentication-provider>
        <user-service>
            <user name="user" password="password" authorities="ROLE_USER" />
        </user-service>
    </authentication-provider>
</authentication-manager>

0 个答案:

没有答案
相关问题
最新问题