我正在使用spring-mvc的spring-security web身份验证,到目前为止一切都很顺利,但现在我正在开发我的应用程序的移动版本,我为移动网站设计了一套不同的页面,其中包括不同的登录页面。现在我的配置
有问题这是我的applicationContext-security.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<http auto-config="true" lowercase-comparisons="false">
<intercept-url pattern="/images/**" filters="none" />
<intercept-url pattern="/Stylesheets/**" filters="none" />
<intercept-url pattern="/JavaScript/**" filters="none" />
<intercept-url pattern="/scripts/**" filters="none" />
<intercept-url pattern="/favicon.ico" access="ROLE_ANONYMOUS" />
<intercept-url pattern="/**" access="ROLE_USER,ROLE_ADMIN"/>
<intercept-url pattern="/mobile/**" access="ROLE_USER,ROLE_ADMIN"/>
<form-login login-page="/login.htm" authentication-success-handler-ref="customHandler"
authentication-failure-url="/login.htm?error=true" default-target-url="/home.htm"
login-processing-url="/j_security_check" />
<remember-me user-service-ref="userDAO" key="e37f4b31-0c46-11dd-bd0b-0800200c9a66"/>
</http>
<beans:bean id="customHandler" class="com.example.auth.AuthenticationHandler">
</beans:bean>
<authentication-manager>
<authentication-provider user-service-ref="userDAO">
<!--
TODO skipped to allow password emailing instead of password change and security
TODO question hell..
-->
<!-- <password-encoder ref="passwordEncoder"/> -->
</authentication-provider>
</authentication-manager>
</beans:beans>
现在我如何根据不同的请求拥有多个登录页面,我的意思是如果移动文件夹的页面比用户应该显示移动登录页面。 我在stackoverflow上看到了类似的问题,但那些是根据不同角色的登录页面,但在我的情况下,我想要不同页面的diff登录。
嗨,感谢您的解决方案,它似乎对我来说很好。我现在已经切换到spring security 3.1但它给了我一个例外。能帮我解决这个问题。
Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChain#4' while setting bean property 'sourceList' with key [4]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#4': Cannot create inner bean '(inner bean)' of type [org.springframework.security.web.authentication.logout.LogoutFilter] while setting constructor argument with key [1]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#6': Cannot resolve reference to bean 'org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices#0' while setting constructor argument with key [1]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices#0': Cannot create inner bean '(inner bean)' while setting bean property 'userDetailsService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#7': Initialization of bean failed; nested exception is org.springframework.beans.factory.BeanInitializationException: Property 'sessionFactory' is required for bean '(inner bean)#7'
答案 0 :(得分:0)
如果您可以切换t spring security 3.1,则可以简单地定义2个http元素1。如果无法切换,则无法通过命名空间完全配置,但必须注册entry-point-ref和somd <sec:custom-filter>元素。
答案 1 :(得分:0)
您必须提供自定义authentication entry point并在那里做出决定。这个SO answer可以作为您可以使用的起点。