我试图在Spring MVC(4.2.5版本)web应用程序中添加安全性。实际上,我已经开发了使用外部API的登录,以匹配用户名和密码键入我的网页表单与正确的,它的工作是正确的。
现在,我想添加Spring Security(4.1.3版本),以便只向授权用户授予对站点的完全访问权限。相反,匿名用户应该只访问索引页(带有登录表单的页)。
不幸的是,当我添加springSecurityFilterChain时,在每个uri上都会出现404错误,即使是在localhost:8080/betex/上也是如此,因此web.xml中的welcome文件都不能正常工作(如果没有springSecurityFilterChain,它也不能正常工作)。
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
id="WebApp_ID" version="3.0">
<display-name>BetEx</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<!-- Spring MVC -->
<servlet>
<servlet-name>betex-controller</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>betex-controller</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<!-- Spring Security Configuration File -->
<context-param>
<param-name>contextClass</param-name>
<param-value>
org.springframework.web.context.support.AnnotationConfigWebApplicationContext
</param-value>
</context-param>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring-security.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
spring-security.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:beans="http://www.springframework.org/schema/beans"
xsi:schemaLocation="
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-4.0.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.2.xsd">
<http use-expressions="true">
<intercept-url pattern="/index*" access="isAnonymous()" />
<intercept-url pattern="/**" access="isAuthenticated()"/>
<form-login
login-page='/index.html'
default-target-url="/home.html"
authentication-failure-url="/index.html?error=true" />
<logout logout-success-url="/index.html" />
</http>
<authentication-manager>
<authentication-provider user-service-ref="customUserDetailsService" >
<password-encoder hash="bcrypt" />
</authentication-provider>
</authentication-manager>
</beans:beans>
betex-controller-servlet.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-4.3.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd">
<context:component-scan base-package="controller" />
<mvc:annotation-driven/>
<mvc:resources mapping="/resources/**" location="/resources/"/>
<bean id="templateResolver"
class="org.thymeleaf.templateresolver.ServletContextTemplateResolver">
<property name="prefix" value="/WEB-INF/html/" />
<property name="suffix" value=".html" />
<property name="templateMode" value="HTML5" />
</bean>
<bean id="templateEngine" class="org.thymeleaf.spring4.SpringTemplateEngine">
<property name="templateResolver" ref="templateResolver" />
</bean>
<bean class="org.thymeleaf.spring4.view.ThymeleafViewResolver">
<property name="templateEngine" ref="templateEngine" />
<property name="order" value="1" />
</bean>
</beans>
@Controller
public class LoginController {
@RequestMapping(value = "/index", method = RequestMethod.GET)
public ModelAndView showLoginForm() {
Customer user = new Customer();
return new ModelAndView("index", "user", user);
}
@RequestMapping(value = "/index", method = RequestMethod.POST)
public ModelAndView doLogin(@ModelAttribute("user") @Valid Customer user, BindingResult bindingResult) {
if(bindingResult.hasErrors()) {
return new ModelAndView("index");
}
else {
/* Send http request and read http response */
/* Set username and password to user object */
/* Auth security service */
UserAuthenticationService userAuthService = new UserAuthenticationService();
userAuthService.addUserInfo(user);
return new ModelAndView("users/home", "user", user);
}
}
@RequestMapping(value = "/logout")
public ModelAndView doLogout() {
this.request = new HttpPostRequest();
request.sendRequest(LOGOUT_END_POINT, APP_KEY, new JsonRequest(), token);
return new ModelAndView("redirect:index");
}
}
GRAVE: Exception starting filter springSecurityFilterChain
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'springSecurityFilterChain' is defined
at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanDefinition(DefaultListableBeanFactory.java:698)
at org.springframework.beans.factory.support.AbstractBeanFactory.getMergedLocalBeanDefinition(AbstractBeanFactory.java:1175)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:284)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:202)
at org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1060)
at org.springframework.web.filter.DelegatingFilterProxy.initDelegate(DelegatingFilterProxy.java:326)
at org.springframework.web.filter.DelegatingFilterProxy.initFilterBean(DelegatingFilterProxy.java:235)
at org.springframework.web.filter.GenericFilterBean.init(GenericFilterBean.java:199)
at org.apache.catalina.core.ApplicationFilterConfig.initFilter(ApplicationFilterConfig.java:279)
at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:260)
at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:105)
at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:4828)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5508)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1575)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1565)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
我似乎没有注意到您是如何从应用程序上下文中加载其他bean的?尝试在同一配置中包含两个上下文。像这样:
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/betex-controller-servlet.xml,
/WEB-INF/spring-security.xml</param-value>
</context-param>
<!-- Processes application requests -->
<servlet>
<servlet-name>betex-controller</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value></param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
编辑
而不是这样:
<context-param>
<param-name>contextClass</param-name>
<param-value>
org.springframework.web.context.support.AnnotationConfigWebApplicationContext
</param-value>
</context-param>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring-security.xml</param-value>
</context-param>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring-security.xml</param-value>
</context-param>
<!-- Processes application requests -->
<servlet>
<servlet-name>betex-controller</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value></param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
我有一个Spring 4.1.0 MVC项目托管在WildFly 10服务器中。并且我无法在没有得到404的情况下向其发送请求。这是我的控制器和方法声明之一: 我在用邮递员把请求发到http://localhost:8080/rest/message/register.我回复“404-未找到”。我可以成功导航到http://localhost:8080查看WildFly的启动屏幕。我还可以在控制器
我是Spring的新手,我尝试了一个带有java配置的简单mvc示例。我在请求主页时收到HTT 404错误。 Spring 4,Tomcat 8.5,Eclipse我的代码来了 pom.xml 分配器ervlet.java 网络配置类 现在我的控制器。。。 我的主页。位于WEB-INF/views中的jsp 最后,我可以在Eclipse控制台中看到什么 火星2017年3月3日下午4:05:48。阿
这是我的nginx配置文件。 默认情况下。conf,第一个位置用于访问/usr/share/nginx/html目录,当我访问http://47.91.152.99.但是,当我为目录/usr/share/nginx/public directory添加一个新位置时,nginx会在我访问时返回404页http://47.91.152.99/test. 那么,到底是怎么回事呢?我误用nginx的指令吗
我在使用SpringMVC实现RESTfulAPI时遇到了一个问题。 我使用postman来测试这样一种方法: http://localhost:8080/Test/countryController/getAllCountries 测试是项目名称 国控器是控制器类的@刚需映射的值 getAll国家是get方法 然而,我得到了一个错误消息: 源服务器找不到目标资源的当前表示形式,或者不愿意透露存在
我是Spring MVC的新手,正在尝试在Spring MVC中创建我的第一个项目。请帮助我解决以下错误:- 控制台中出现以下错误:- web.xml dispatcher-servlet.xml 控制器类别 索引1.jsp Eclipse项目层次结构
当我试图将一个项目翻译成Spring Boot时,我遇到了一个错误——我无法理解我做错了什么。将后缀和前缀添加到属性文件中,试图更改jsp的位置,debager显示在控制器的方法中。我做错了什么?如果有任何帮助,我将不胜感激 错误: 此应用程序没有针对/错误的显式映射,因此您将其视为回退。 2018年7月17日星期二00:45:23出现意外错误(类型=未找到,状态=404)/批准jsp Sprin