0

我正在使用 Spring Security 开发登录页面,但是当我启动我的项目时会自动重定向到登录页面。我的 web.xml 中有一个重定向到 index.xhtml,为什么重定向到 login.xhtml?

web.xml

<web-app >
<display-name>AirTour</display-name>

<welcome-file-list>
    <welcome-file>index.xhtml</welcome-file>
</welcome-file-list>

<!-- SPRING -->

<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>
        /WEB-INF/conf/applicationContext.xml
     </param-value>
</context-param>

<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
    <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>

<!-- SPRING SECURITY  -->


<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>



<!-- JSF -->

<context-param>
    <param-name>javax.faces.PROJECT_STAGE</param-name>
    <param-value>Development</param-value>
</context-param>

<servlet>
    <servlet-name>Faces Servlet</servlet-name>
    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
</web-app>

应用程序上下文.xml

<bean id="userDetailsManager" class="org.springframework.security.provisioning.JdbcUserDetailsManager">
    <property name="dataSource" ref="dataSource"></property>
</bean>

<bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.ShaPasswordEncoder"/>

<bean id="saltSource" class="org.springframework.security.authentication.dao.ReflectionSaltSource">
    <property name="userPropertyToUse" value="username"/>
</bean>



<security:authentication-manager alias="authenticationManager">
        <security:authentication-provider user-service-ref="userDetailsManager">
        <security:password-encoder ref="passwordEncoder">
            <security:salt-source ref="saltSource"/>
        </security:password-encoder>
       </security:authentication-provider>
</security:authentication-manager>

<security:http  >
    <security:intercept-url pattern="/user/*" access="ROLE_USER"/>
    <security:intercept-url pattern="/comp/*" access="ROLE_COMP"/>
    <security:intercept-url pattern="/admin/*" access="ROLE_ADMIN"/>
    <security:intercept-url pattern="/*" access="ROLE_ANONIMOUS,ROLE_USER,ROLE_COMP,ROLE_ADMIN"/>

    <security:form-login login-page="/login"/>
</security:http>
4

2 回答 2

0

将您的最后一个更改intercept-url为:

<security:intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />

auto-config用于security:http.

<security:http auto-config="true">
于 2013-01-02T14:05:20.950 回答
0

看起来您在 spring 安全配置中犯了拼写错误。替换ROLE_ANONIMOUSROLE_ANONYMOUS

<security:intercept-url pattern="/*" access="ROLE_ANONYMOUS,ROLE_USER,ROLE_COMP,ROLE_ADMIN"/>
于 2013-01-02T10:30:00.523 回答