我正在使用spring-security-4.2.6v。
问题是,当我进入登录页面并输入有效凭据并提交时,服务器返回404错误和警告消息:
WARN [PageNotFound] No mapping found for HTTP request with URI [/cilcache/j_spring_security_check] in DispatcherServlet with name 'DispatcherServlet'
下面您可以看到我的配置文件和代码。
spring-security-config.xml
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<http auto-config="true">
<intercept-url pattern="/admin**" access="ROLE_USER" />
<form-login
login-page="/login"
default-target-url="/admin"
login-processing-url="/j_spring_security_check"
authentication-failure-url="/login?login_error=1"
username-parameter="username"
password-parameter="password" />
<logout logout-success-url="/login?logout" />
<csrf disabled="true" />
<port-mappings>
<port-mapping http="#{configurationService.configuration.getProperty('tomcat.http.port')}"
https="#{configurationService.configuration.getProperty('tomcat.ssl.port')}"/>
<port-mapping http="80" https="443"/>
</port-mappings>
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name=“admin” password=“example” authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
spring-mvc-config.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd">
<context:component-scan base-package="com.mycompany" scope-resolver="de.mycompany.platform.spring.IgnoreTenantScopeMetadataResolver" />
<mvc:annotation-driven/>
<bean id="annotationHandler" class="org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping">
<property name="order" value="0"/>
</bean>
<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="order" value="1"/>
<property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/>
<property name="prefix" value="/WEB-INF/views/"/>
<property name="suffix" value=".jsp"/>
<property name="redirectHttp10Compatible" value="false"/>
</bean>
<bean id="messageSource" class="org.springframework.context.support.ReloadableResourceBundleMessageSource">
<property name="basenames">
<list>
<value>/WEB-INF/localization/messages</value>
</list>
</property>
<property name="defaultEncoding" value="UTF-8"/>
</bean>
<bean id="localeResolver" class="org.springframework.web.servlet.i18n.SessionLocaleResolver">
<property name="defaultLocale" value="en"/>
</bean>
<bean id="cacheWebService" class="com.mycompany.cacheweb.service.CacheWebService" factory-method="getInstance"/>
</beans>
web-spring.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-3.1.xsd">
<bean id="cachewebPlatformFilterChain" class="de.mycompany.platform.servicelayer.web.PlatformFilterChain">
<constructor-arg>
<list>
<ref bean="log4jFilter"/>
<ref bean="dynamicTenantActivationFilter"/>
<ref bean="sessionFilter"/>
<ref bean="cachewebSecureMediaFilter"/>
</list>
</constructor-arg>
</bean>
<bean id="cachewebSecureMediaFilter" class="de.mycompany.platform.servicelayer.web.SecureMediaFilter">
<property name="mediaPermissionService" ref="mediaPermissionService"/>
<property name="modelService" ref="modelService"/>
<property name="userService" ref="userService"/>
<property name="mediaService" ref="mediaService"/>
</bean>
<import resource="config/spring-security-config.xml"/>
<import resource="config/spring-mvc-config.xml"/>
</beans>
web.xml
<?xml version="1.0" encoding="iso-8859-1"?>
<web-app id="cilcache" version="3.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
metadata-complete="true">
<absolute-ordering />
<display-name>cilcache</display-name>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<filter>
<filter-name>XSSFilter</filter-name>
<filter-class>de.mycompany.platform.servicelayer.web.XSSFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>XSSFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>characterEncodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter>
<description>
ResourceFilter
Filter used to server file resources by bypassing the other filters.
</description>
<filter-name>resourceFilter</filter-name>
<filter-class>com.mycompany.web.filters.StaticResourceFilter</filter-class>
</filter>
<!--
Enabling Spring managed Delegating Filter Proxy for mycompany Filter Stack.
-->
<filter>
<filter-name>cachewebPlatformFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>characterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>resourceFilter</filter-name>
<url-pattern>/_ui/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>cachewebPlatformFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--
Enabling a Spring web application context with 'session' and 'request' scope.
- The 'contextConfigLocation' param specifies where your configuration files are located.
- The mycompanyContextLoaderListener extends the usual SpringContextLoaderListener (which loads
the context from specified location) by adding the global application context of
the platform as parent context.
- The RequestContextListener is needed for exposing the 'request' scope to the context.
Furthermore it is needed when overriding the 'jalosession' bean for your web application.
-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>WEB-INF/cacheweb-web-spring.xml</param-value>
</context-param>
<listener>
<listener-class>de.mycompany.platform.spring.mycompanyContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<!-- Servlets -->
<servlet>
<description>
DispatcherServlet
Spring MVC dispatcher servlet. This is the entry point for the Spring MVC application.
</description>
<servlet-name>DispatcherServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<description>
Specifies the location for Spring MVC to load an additional XML configuration file.
We will be using the application context so we must set this param value to EMPTY in
order to prevent loading of the default /WEB-INF/applicationContext.xml file.
</description>
<param-name>contextConfigLocation</param-name>
<param-value></param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>DispatcherServlet</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<!-- JSP Configuration -->
<jsp-config>
<jsp-property-group>
<url-pattern>*.jsp</url-pattern>
<!-- Disable JSP scriptlets and expressions -->
<scripting-invalid>true</scripting-invalid>
<!-- Remove additional whitespace due to JSP directives -->
<trim-directive-whitespaces>true</trim-directive-whitespaces>
</jsp-property-group>
</jsp-config>
</web-app>
控制器:
package com.mycompany.web.controllers;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;
@Controller
public class HelloController {
@RequestMapping(value = "/admin**", method = RequestMethod.GET)
public ModelAndView adminPage() {
ModelAndView model = new ModelAndView();
model.addObject("title", "Spring Security Custom Login Form");
model.addObject("message", "This is protected page!");
model.setViewName("admin");
return model;
}
@RequestMapping(value = "/login", method = RequestMethod.GET)
public ModelAndView login(
@RequestParam(value = "error", required = false) String error,
@RequestParam(value = "logout", required = false) String logout) {
ModelAndView model = new ModelAndView();
if (error != null) {
model.addObject("error", "Invalid username and password!");
}
if (logout != null) {
model.addObject("msg", "You've been logged out successfully.");
}
model.setViewName("login");
return model;
}
}
Login.jsp:
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<html>
<head>
<title>Login Page</title>
<style>
.error {
padding: 15px;
margin-bottom: 20px;
border: 1px solid transparent;
border-radius: 4px;
color: #a94442;
background-color: #f2dede;
border-color: #ebccd1;
}
.msg {
padding: 15px;
margin-bottom: 20px;
border: 1px solid transparent;
border-radius: 4px;
color: #31708f;
background-color: #d9edf7;
border-color: #bce8f1;
}
#login-box {
width: 300px;
padding: 20px;
margin: 100px auto;
background: #fff;
-webkit-border-radius: 2px;
-moz-border-radius: 2px;
border: 1px solid #000;
}
</style>
</head>
<body onload='document.loginForm.username.focus();'>
<h1>Spring Security Custom Login Form (XML)</h1>
<div id="login-box">
<h2>Login</h2>
<c:if test="${not empty error}">
<div class="error">${error}</div>
</c:if>
<c:if test="${not empty msg}">
<div class="msg">${msg}</div>
</c:if>
<c:url value='/j_spring_security_check' var="loginURL" />
<form name='loginForm' action="${loginURL}" method='POST'>
<table>
<tr>
<td>Username:</td>
<td><input type='text' name='username' value=''></td>
</tr>
<tr>
<td>Password:</td>
<td><input type='password' name='password' /></td>
</tr>
<tr>
<td colspan='2'>
<input name="submit" type="submit" value="submit" />
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
</td>
</tr>
</table>
</form>
</div>
</body>
</html>
admin.jsp:
<%@taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@page session="true"%>
<html>
<body>
<h1>Title : ${title}</h1>
<h1>Message : ${message}</h1>
<c:url value="/j_spring_security_logout" var="logoutUrl" />
<!-- csrt for log out-->
<form action="${logoutUrl}" method="post" id="logoutForm">
<input type="hidden"
name="${_csrf.parameterName}"
value="${_csrf.token}" />
</form>
<script>
function formSubmit() {
document.getElementById("logoutForm").submit();
}
</script>
<c:if test="${pageContext.request.userPrincipal.name != null}">
<h2>
Welcome : ${pageContext.request.userPrincipal.name} | <a
href="javascript:formSubmit()"> Logout</a>
</h2>
</c:if>
</body>
</html>
答案 0 :(得分:0)
非常感谢您提出的问题。 "message": "PreparedStatementCallback; uncategorized SQLException for SQL.
已被deprecated替换为j_spring_security_check
例如,您的JSP不应
/login
但是它应该做
<c:url value="/j_spring_security_logout" var="logoutUrl" />
答案 1 :(得分:0)
正如M.Deinum在评论中提到的那样,我错过了向web.xml添加配置的操作:
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping><filter-name>springSecurityFilterChain</filter-name><url-pattern>/j_spring_security_check</url-pattern></filter-mapping>
<filter-mapping><filter-name>springSecurityFilterChain</filter-name><url-pattern>*.jsp</url-pattern></filter-mapping>