1

我有基本的Spring MVC + Hibernate应用程序。这是我的web.xml

 <?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
          http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
           version="2.5">

    <welcome-file-list>
        <welcome-file>index.jsp</welcome-file>
    </welcome-file-list>
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener
        </listener-class>
    </listener>
    <servlet>
        <servlet-name>dispatcher</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet
        </servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>dispatcher</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>
</web-app>

一切都很好。然后我尝试通过添加以下内容来为应用程序添加基本的Spring Securityweb.xml支持:

<filter>
   <filter-name>springSecurityFilterChain</filter-name>
   <filter-class>org.springframework.web.filter.DelegatingFilterProxy
   </filter-class>
   <init-param>
      <param-name>contextConfigLocation</param-name>
      <param-value>/WEB-INF/security-context.xml</param-value>
   </init-param>
</filter>

<filter-mapping>
   <filter-name>springSecurityFilterChain</filter-name>
   <url-pattern>/*</url-pattern>
</filter-mapping>

我的/WEB-INF/security-context.xml样子如下:

<?xml version="1.0" encoding="UTF-8" ?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
             xmlns:beans="http://www.springframework.org/schema/beans"
             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xsi:schemaLocation="http://www.springframework.org/schema/beans
             http://www.springframework.org/schema/beans/spring-beans-3.0.xsd 
             http://www.springframework.org/schema/security 
        http://www.springframework.org/schema/security/spring-security-3.0.xsd"> 

    <http>
        <intercept-url pattern="/index*" access="ROLE_USER"/>
        <form-login login-page="/login.jsp" default-target-url="/index" 
             authentication-failure-url="/login.jsp?error=true"/>
        <logout logout-url="/logout" logout-success-url="/index"/>
        <remember-me/>
    </http>

    <authentication-manager>
        <authentication-provider>
            <user-service>
                <user name="user" password="pass" authorities="ROLE_USER"/>
            </user-service>
        </authentication-provider>
    </authentication-manager>

</beans:beans>

添加这些东西后,应用程序就会崩溃。它只是显示“链接不起作用。尝试在 Google 中搜索它。 ”在 Chrome 中。我错过了什么?有任何想法吗?提前致谢。

4

2 回答 2

1

谢谢大家。刚刚解决了。问题是我http://www.springframework.org/schema/security/spring-security-3.0.xsd/WEB-INF/security-context.xml命名空间中使用了 3.1.2.RELEASE 版本的 spring-security 库。

于 2012-09-26T15:29:48.637 回答
1 
 <?xml version="1.0" encoding="UTF-8" ?> 
 <beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:security="http://www.springframework.org/schema/security"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
    http://www.springframework.org/schema/security
    http://www.springframework.org/schema/security/spring-security-3.0.xsd">
   <security:http>         
        <security:intercept-url pattern="/index*" access="ROLE_USER"/>         
        <security:form-login login-page="/login.jsp" default-target-url="/index"               authentication-failure-url="/login.jsp?error=true"/>         
    <security:logout logout-url="/logout" logout-success-url="/index"/>         <security:remember-me/>     
    </security:http>      
    <security:authentication-manager>         
    <security:authentication-provider>             
    <security:user-service>                 
    <security:user name="user" password="pass" authorities="ROLE_USER"/>             </security:user-service>         
    </security:authentication-provider>     
    </security:authentication-manager>  
    </beans>

尝试使用上面的 security-context.xml 代码。

于 2012-09-26T14:23:50.043 回答