0

我正在尝试将 Spring Security 添加到项目中。在 web.xml 中添加代码块后,所有 url 都给出 404。

怎么了?

这是一个 Maven 项目,Spring MVC,hibernate,postgres。

(我不知道哪些信息与描述场景相关)

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">

    <!-- The definition of the Root Spring Container shared by all Servlets 
        and Filters -->
    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/spring/root-context.xml</param-value>
    </context-param>  

    <!-- Creates the Spring Container shared by all Servlets and Filters -->
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>

    <!-- Processes application requests -->
    <servlet>
        <servlet-name>appServlet</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>/WEB-INF/spring/appServlet/servlet-context.xml</param-value>
        </init-param>
        <load-on-startup>1</load-on-startup>
    </servlet>

    <servlet-mapping>
        <servlet-name>appServlet</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

    <filter>
        <filter-name>encodingFilter</filter-name>
        <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
        <init-param>
            <param-name>encoding</param-name>
            <param-value>UTF-8</param-value>
        </init-param>
        <init-param>
            <param-name>forceEncoding</param-name>
            <param-value>true</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>encodingFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <!-- After insert this block, all URL's return 404 error -->
    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>


</web-app>

更新:

Grave: Exception starting filter springSecurityFilterChain
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'springSecurityFilterChain' is defined
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanDefinition(DefaultListableBeanFactory.java:529)
    at org.springframework.beans.factory.support.AbstractBeanFactory.getMergedLocalBeanDefinition(AbstractBeanFactory.java:1094)
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:276)
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:196)
    at org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1079)
    at org.springframework.web.filter.DelegatingFilterProxy.initDelegate(DelegatingFilterProxy.java:217)
    at org.springframework.web.filter.DelegatingFilterProxy.initFilterBean(DelegatingFilterProxy.java:145)
    at org.springframework.web.filter.GenericFilterBean.init(GenericFilterBean.java:179)
    at org.apache.catalina.core.ApplicationFilterConfig.initFilter(ApplicationFilterConfig.java:277)
    at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:258)
    at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:382)
    at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:103)
    at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:4638)
    at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5294)
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
    at org.apache.catalina.startup.HostConfig.checkResources(HostConfig.java:1366)
    at org.apache.catalina.startup.HostConfig.check(HostConfig.java:1454)
    at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:295)
    at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
    at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:90)
    at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1379)
    at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1537)
    at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1547)
    at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1526)
    at java.lang.Thread.run(Thread.java:722)
4

3 回答 3

0

在 web.xml 中定义过滤器

    <filter>  
     <filter-name>springSecurityFilterChain</filter-name>  
     <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>  
   </filter>  
   <filter-mapping>  
     <filter-name>springSecurityFilterChain</filter-name>  
     <url-pattern>/*</url-pattern>  
   </filter-mapping>

制作如下所示的 spring-security.xml bean 文件。

<?xml version="1.0" encoding="UTF-8"?>  
 <beans:beans xmlns="http://www.springframework.org/schema/security"  
        xmlns:beans="http://www.springframework.org/schema/beans"  
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  
        xsi:schemaLocation="http://www.springframework.org/schema/beans  
 http://www.springframework.org/schema/beans/spring-beans-3.0.xsd  
 http://www.springframework.org/schema/security  
 http://www.springframework.org/schema/security/spring-security-3.0.xsd">  
   <beans:import resource="login-service.xml"/>  
   <http>  
     <intercept-url pattern="/home*" access="ROLE_USER,ROLE_ADMIN" />  
     <intercept-url pattern="/admin*" access="ROLE_ADMIN" />  
     <form-login login-page="/login.jsp" default-target-url="/home" authentication-failure-url="/login.jsp?error=true"/>  
     <logout logout-success-url="/login.jsp" />  
     <anonymous username="guest" granted-authority="ROLE_GUEST"/>  
     <remember-me/>  
   </http>  
   <authentication-manager>  
     <authentication-provider>  
       <!--<user-service>-->  
         <!--<user name="admin" password="secret" authorities="ROLE_ADMIN,ROLE_USER" />-->  
         <!--<user name="user1" password="1111" authorities="ROLE_USER" />-->  
       <!--</user-service>-->  
       <jdbc-user-service data-source-ref="dataSource"  
           users-by-username-query="select username,password, 'true' as enabled from USER_DETAILS where username=?"  
           authorities-by-username-query="select USER_DETAILS.username , USER_AUTH.AUTHORITY as authorities from USER_DETAILS,USER_AUTH  
            where USER_DETAILS.username = ? AND USER_DETAILS.username=USER_AUTH.USERNAME "/>  
     </authentication-provider>  
   </authentication-manager>  
 </beans:beans>

根据您的要求更改属性。你可以在这里找到一些示例项目:http: //blog.rajithdelantha.com/2012/07/spring-security-part-1-sample-login.html

于 2013-01-02T07:58:04.550 回答
0

您需要定义过滤器。

像这样:

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
  <filter-name>springSecurityFilterChain</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>
于 2012-07-06T20:56:33.037 回答
0

看来您没有配置springSecurityFilterChainbean。

也许这个链接可以帮助你。在那里,这个家伙只是在spring 上下文中像这样配置 bean :

<beans:bean id="springSecurityFilterChain" class="org.springframework.security.util.FilterChainProxy">
    <filter-chain-map path-type="ant">
        <filter-chain pattern="/**" filters="sif"/>
    </filter-chain-map>
</beans:bean>

<beans:bean id="sif"
        class="org.springframework.security.context.HttpSessionContextIntegrationFilter" />

名字真的很重要

来自 Spring文档

请注意,过滤器实际上是一个 DelegatingFilterProxy,而不是实际实现过滤器逻辑的类。DelegatingFilterProxy 所做的是将过滤器的方法委托给从 Spring 应用程序上下文获取的 bean。这使 bean 能够从 Spring Web 应用程序上下文生命周期支持和配置灵活性中受益。bean 必须实现 javax.servlet.Filter 并且它必须与 filter-name 元素中的名称相同。阅读 DelegatingFilterProxy 的 Javadoc 了解更多信息

于 2012-07-06T21:11:45.533 回答