0

亲爱的大家, Spring Security 是新功能。我已将服务器配置为使用 Spring Security 检查登录。现在我将它部署在某个服务器上并通过域名访问它。我可以访问除 SpringSecurity 之外的所有 url。它是否也检查网址?我怎样才能改变它?

    <intercept-url pattern="/login.do" access="fullyAuthenticated" />
    <form-login login-page="/index.do" always-use-default-target="false" default-target-url="/login.do" />
    <anonymous />
    <logout invalidate-session="true" logout-success-url="/index.do" logout-url="/j_spring_security_logout" />
    <custom-filter before="FORM_LOGIN_FILTER" ref="springSocialSecurityAuthenticationFilter" />
    <remember-me services-ref="springSocialSecurityRememberMeServices" key="springSocialSecurity" />
</http>

谢谢,欧普

4

1 回答 1

0

First of all, in intercept-url, you have to write access="isFullyAuthenticated()" or use the spring security constants : IS_AUTHENTICATED_FULLY

your declaration is <intercept-url pattern="/login.do" access="fullyAuthenticated" /> Meaning that you have to be logged in for accessing the login.do page.

I don't think it is what you want.

here some examples of how intercept-url works:

    <intercept-url pattern="/index.jsp" access="permitAll" />   
    <intercept-url pattern="/secure/extreme/**" access="hasRole('supervisor')" />
    <intercept-url pattern="/secure/**" access="isAuthenticated()" />
    <intercept-url pattern="/listAccounts.html" access="isAuthenticated()" />
    <intercept-url pattern="/post.html" access="hasAnyRole('supervisor','regularuser')" />
    <intercept-url pattern="/**" access="denyAll" />

you have to define levels of authorization based on the url of your application. to access the login page, you need to let the login page be permitAll access... so the user can login.

if a user try to access a isAuthenticated() page without being logged in, there will be a redirection to the login page.

you can put multiple access to a pattern. For example, you can decide that a page could be accessed with authentification OR a anonymous role:

<intercept-url pattern='/page2.jsp' access='ROLE_ANONYMOUS,ROLE_USER'/>
于 2013-03-29T10:34:57.460 回答