0

我有一个自定义登录页面,它使用自定义 UserDetailsS​​ervice bean 对用户进行身份验证。在 spring 安全调试日志中,我看到身份验证进行得很好,并且授予权限的列表包含 ROLE_USER。

根据配置,页面应该重定向到它所做的welcomePage.html。但是welcomePage.html 的响应是login.html 页面。日志表明身份验证已成功进行。

我在我的 servlet xml 文件中使用注释驱动的配置。

  1. 为什么没有调用welcomePage.html 的请求处理程序?
  2. 如何获取要调用的请求处理程序?它曾经在 Spring 安全集成之前工作。在 Spring 安全集成之后,也不会调用其他请求处理程序。
  3. 顺便说一句,spring security 如何知道安全配置应该将所有请求转发给我的 servlet。应用程序中可能有更多的 servlet。form-login 的 login-page 属性是否咨询 web.xml 以找到合适的处理程序?那么为什么它不咨询web.xml,也找不到我对welcomePage.html 的请求映射呢?我正在使用 Spring MVC DispatcherServlet。
  4. 这有关系吗? http://mark.koli.ch/2010/07/spring-3-and-spring-security-setting-your-own-custom-j-spring-security-check-filter-processes-url.html

以下是 Spring 安全日志:

19:03:49,645 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/welcomepage.html'; against '/**/*.css'
19:03:49,645 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/welcomepage.html'; against '/**/*.js'
19:03:49,645 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/welcomepage.html'; against '/**/*.png'
19:03:49,646 DEBUG FilterChainProxy:337 - /welcomePage.html at position 1 of 10 in additional filter chain; firing Filter: 'SecurityContextPersistence
Filter'
19:03:49,646 DEBUG HttpSessionSecurityContextRepository:158 - Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.secu
rity.core.context.SecurityContextImpl@afe7c13e: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@afe7c1
3e: Principal: security.V2VUserDetails@4a97111c; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authenticati
on.WebAuthenticationDetails@1c07a: RemoteIpAddress: 127.0.0.1; SessionId: E5639123A984EE19E0CEFCA19C37DA42; Granted Authorities: admin, ROLE_USER'
19:03:49,646 DEBUG FilterChainProxy:337 - /welcomePage.html at position 2 of 10 in additional filter chain; firing Filter: 'LogoutFilter'
19:03:49,646 DEBUG FilterChainProxy:337 - /welcomePage.html at position 3 of 10 in additional filter chain; firing Filter: 'UsernamePasswordAuthentica
tionFilter'
19:03:49,646 DEBUG FilterChainProxy:337 - /welcomePage.html at position 4 of 10 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
19:03:49,646 DEBUG FilterChainProxy:337 - /welcomePage.html at position 5 of 10 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
19:03:49,647 DEBUG FilterChainProxy:337 - /welcomePage.html at position 6 of 10 in additional filter chain; firing Filter: 'SecurityContextHolderAware
RequestFilter'
19:03:49,647 DEBUG FilterChainProxy:337 - /welcomePage.html at position 7 of 10 in additional filter chain; firing Filter: 'AnonymousAuthenticationFil
ter'
19:03:49,647 DEBUG AnonymousAuthenticationFilter:107 - SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springf
ramework.security.authentication.UsernamePasswordAuthenticationToken@afe7c13e: Principal: security.V2VUserDetails@4a97111c; Credentials: [PROTECTED]; 
Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@1c07a: RemoteIpAddress: 127.0.0.1; SessionId: E
5639123A984EE19E0CEFCA19C37DA42; Granted Authorities: admin, ROLE_USER'
19:03:49,647 DEBUG FilterChainProxy:337 - /welcomePage.html at position 8 of 10 in additional filter chain; firing Filter: 'SessionManagementFilter'
19:03:49,647 DEBUG FilterChainProxy:337 - /welcomePage.html at position 9 of 10 in additional filter chain; firing Filter: 'ExceptionTranslationFilter
'
19:03:49,647 DEBUG FilterChainProxy:337 - /welcomePage.html at position 10 of 10 in additional filter chain; firing Filter: 'FilterSecurityInterceptor
'
19:03:49,648 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/welcomepage.html'; against '/login.html*'
19:03:49,648 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/welcomepage.html'; against '/welcomepage.html*'
19:03:49,648 DEBUG FilterSecurityInterceptor:194 - Secure object: FilterInvocation: URL: /welcomePage.html; Attributes: [hasRole('ROLE_USER')]
19:03:49,649 DEBUG FilterSecurityInterceptor:310 - Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticatio
nToken@afe7c13e: Principal: security.V2VUserDetails@4a97111c; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web
.authentication.WebAuthenticationDetails@1c07a: RemoteIpAddress: 127.0.0.1; SessionId: E5639123A984EE19E0CEFCA19C37DA42; Granted Authorities: admin, R
OLE_USER
19:03:49,649 DEBUG AffirmativeBased:65 - Voter: org.springframework.security.web.access.expression.WebExpressionVoter@4481f947, returned: 1
19:03:49,650 DEBUG FilterSecurityInterceptor:215 - Authorization successful
19:03:49,650 DEBUG FilterSecurityInterceptor:227 - RunAsManager did not change Authentication object
19:03:49,651 DEBUG FilterChainProxy:323 - /welcomePage.html reached end of additional filter chain; proceeding with original chain
19:03:49,660 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/web-inf/jsp/login.jsp'; against '/**/*.css'
19:03:49,660 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/web-inf/jsp/login.jsp'; against '/**/*.js'
19:03:49,661 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/web-inf/jsp/login.jsp'; against '/**/*.png'
19:03:49,661 DEBUG FilterChainProxy:337 - /WEB-INF/jsp/login.jsp at position 1 of 10 in additional filter chain; firing Filter: 'SecurityContextPersis
tenceFilter'
19:03:49,661 DEBUG FilterChainProxy:337 - /WEB-INF/jsp/login.jsp at position 2 of 10 in additional filter chain; firing Filter: 'LogoutFilter'
19:03:49,661 DEBUG FilterChainProxy:337 - /WEB-INF/jsp/login.jsp at position 3 of 10 in additional filter chain; firing Filter: 'UsernamePasswordAuthe
nticationFilter'
19:03:49,661 DEBUG FilterChainProxy:337 - /WEB-INF/jsp/login.jsp at position 4 of 10 in additional filter chain; firing Filter: 'BasicAuthenticationFi
lter'
19:03:49,661 DEBUG FilterChainProxy:337 - /WEB-INF/jsp/login.jsp at position 5 of 10 in additional filter chain; firing Filter: 'RequestCacheAwareFilt
er'
19:03:49,662 DEBUG FilterChainProxy:337 - /WEB-INF/jsp/login.jsp at position 6 of 10 in additional filter chain; firing Filter: 'SecurityContextHolder
AwareRequestFilter'
19:03:49,662 DEBUG FilterChainProxy:337 - /WEB-INF/jsp/login.jsp at position 7 of 10 in additional filter chain; firing Filter: 'AnonymousAuthenticati
onFilter'
19:03:49,662 DEBUG AnonymousAuthenticationFilter:107 - SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springf
ramework.security.authentication.UsernamePasswordAuthenticationToken@afe7c13e: Principal: security.V2VUserDetails@4a97111c; Credentials: [PROTECTED]; 
Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@1c07a: RemoteIpAddress: 127.0.0.1; SessionId: E
5639123A984EE19E0CEFCA19C37DA42; Granted Authorities: admin, ROLE_USER'
19:03:49,662 DEBUG FilterChainProxy:337 - /WEB-INF/jsp/login.jsp at position 8 of 10 in additional filter chain; firing Filter: 'SessionManagementFilt
er'
19:03:49,662 DEBUG FilterChainProxy:337 - /WEB-INF/jsp/login.jsp at position 9 of 10 in additional filter chain; firing Filter: 'ExceptionTranslationF
ilter'
19:03:49,663 DEBUG FilterChainProxy:337 - /WEB-INF/jsp/login.jsp at position 10 of 10 in additional filter chain; firing Filter: 'FilterSecurityInterc
eptor'
19:03:49,663 DEBUG FilterChainProxy:323 - /WEB-INF/jsp/login.jsp reached end of additional filter chain; proceeding with original chain
19:03:49,665 DEBUG ExceptionTranslationFilter:115 - Chain processed normally
19:03:49,665 DEBUG ExceptionTranslationFilter:115 - Chain processed normally
19:03:49,665 DEBUG SecurityContextPersistenceFilter:97 - SecurityContextHolder now cleared, as request processing completed
19:03:49,915 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/css/jquery-ui-1.8.16.custom.css'; against '/**/*.css'
19:03:49,916 DEBUG FilterChainProxy:180 - /css/jquery-ui-1.8.16.custom.css has an empty filter list
19:03:49,915 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/datatables/media/css/jquery.datatables.css'; against '/**/*.css'
19:03:49,916 DEBUG FilterChainProxy:180 - /plugins/DataTables/media/css/jquery.dataTables.css has an empty filter list
19:03:49,916 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/datatables/media/css/jquery.datatables_themeroller.css'; against 
'/**/*.css'
19:03:49,917 DEBUG FilterChainProxy:180 - /plugins/DataTables/media/css/jquery.dataTables_themeroller.css has an empty filter list
19:03:49,961 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/css/redmond.custom/redmond.custom.css'; against '/**/*.css'
19:03:49,961 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/js/jquery-1.8.1.min.js'; against '/**/*.css'
19:03:49,961 DEBUG FilterChainProxy:180 - /css/redmond.custom/redmond.custom.css has an empty filter list
19:03:49,962 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/jquery-ui/js/jquery-ui-1.8.23.custom.min.js'; against '/**/*.css'
19:03:49,962 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/jquery-ui/js/jquery-ui-1.8.23.custom.min.js'; against '/**/*.js'
19:03:49,962 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/js/jquery-1.8.1.min.js'; against '/**/*.js'
19:03:49,962 DEBUG FilterChainProxy:180 - /jquery-ui/js/jquery-ui-1.8.23.custom.min.js has an empty filter list
19:03:49,963 DEBUG FilterChainProxy:180 - /js/jquery-1.8.1.min.js has an empty filter list
19:03:49,970 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/jqueryui-multiselect/jquery.multiselect.css'; against '/**/*.css'
19:03:49,971 DEBUG FilterChainProxy:180 - /plugins/jqueryui-multiselect/jquery.multiselect.css has an empty filter list
19:03:49,972 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/jqueryui-multiselect/jquery.multiselect.filter.css'; against '/**
/*.css'
19:03:49,972 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/datatables/extras/tabletools/media/css/tabletools.css'; against '
/**/*.css'
19:03:49,972 DEBUG FilterChainProxy:180 - /plugins/jqueryui-multiselect/jquery.multiselect.filter.css has an empty filter list
19:03:49,973 DEBUG FilterChainProxy:180 - /plugins/DataTables/extras/TableTools/media/css/TableTools.css has an empty filter list
19:03:49,973 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/datatables/extras/tabletools/media/css/tabletools_jui.css'; again
st '/**/*.css'
19:03:49,973 DEBUG FilterChainProxy:180 - /plugins/DataTables/extras/TableTools/media/css/TableTools_JUI.css has an empty filter list
19:03:50,018 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/datatables/extras/colvis/media/css/colvis.css'; against '/**/*.cs
s'
19:03:50,019 DEBUG FilterChainProxy:180 - /plugins/DataTables/extras/ColVis/media/css/ColVis.css has an empty filter list
19:03:50,021 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/css/common.css'; against '/**/*.css'
19:03:50,021 DEBUG FilterChainProxy:180 - /css/common.css has an empty filter list
19:03:50,062 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/css/toppanel.css'; against '/**/*.css'
19:03:50,063 DEBUG FilterChainProxy:180 - /css/topPanel.css has an empty filter list
19:03:50,063 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/css/login.css'; against '/**/*.css'
19:03:50,063 DEBUG FilterChainProxy:180 - /css/login.css has an empty filter list
19:03:50,065 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/datatables/media/js/jquery.datatables.js'; against '/**/*.css'
19:03:50,065 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/datatables/media/js/jquery.datatables.js'; against '/**/*.js'
19:03:50,065 DEBUG FilterChainProxy:180 - /plugins/DataTables/media/js/jquery.dataTables.js has an empty filter list
19:03:50,066 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/datatables/extras/tabletools/media/js/tabletools.min.js'; against
 '/**/*.css'
19:03:50,067 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/datatables/extras/tabletools/media/js/tabletools.min.js'; against
 '/**/*.js'
19:03:50,067 DEBUG FilterChainProxy:180 - /plugins/DataTables/extras/TableTools/media/js/TableTools.min.js has an empty filter list
19:03:50,069 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/datatables/extras/fixedcolumns/media/js/fixedcolumns.min.js'; aga
inst '/**/*.css'
19:03:50,069 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/datatables/extras/fixedcolumns/media/js/fixedcolumns.min.js'; aga
inst '/**/*.js'
19:03:50,069 DEBUG FilterChainProxy:180 - /plugins/DataTables/extras/FixedColumns/media/js/FixedColumns.min.js has an empty filter list
19:03:50,070 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/datatables/extras/colvis/media/js/colvis.min.js'; against '/**/*.
css'
19:03:50,070 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/datatables/extras/colvis/media/js/colvis.min.js'; against '/**/*.
js'
19:03:50,071 DEBUG FilterChainProxy:180 - /plugins/DataTables/extras/ColVis/media/js/ColVis.min.js has an empty filter list
19:03:50,071 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/slidingmessage/jquery.slidingmessage.js'; against '/**/*.css'
19:03:50,072 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/slidingmessage/jquery.slidingmessage.js'; against '/**/*.js'
19:03:50,072 DEBUG FilterChainProxy:180 - /plugins/slidingmessage/jquery.slidingmessage.js has an empty filter list
19:03:50,073 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/barcode/jquery-barcode-2.0.2.min.js'; against '/**/*.css'
19:03:50,074 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/barcode/jquery-barcode-2.0.2.min.js'; against '/**/*.js'
19:03:50,074 DEBUG FilterChainProxy:180 - /plugins/barcode/jquery-barcode-2.0.2.min.js has an empty filter list
19:03:50,092 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/printarea/jquery.printarea.js'; against '/**/*.css'
19:03:50,093 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/printarea/jquery.printarea.js'; against '/**/*.js'
19:03:50,093 DEBUG FilterChainProxy:180 - /plugins/printarea/jquery.PrintArea.js has an empty filter list
19:03:50,095 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/js/common.js'; against '/**/*.css'
19:03:50,095 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/js/fnreloadajax.datatables.js'; against '/**/*.css'
19:03:50,095 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/js/common.js'; against '/**/*.js'
19:03:50,095 DEBUG FilterChainProxy:180 - /js/common.js has an empty filter list
19:03:50,095 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/js/fnreloadajax.datatables.js'; against '/**/*.js'
19:03:50,096 DEBUG FilterChainProxy:180 - /js/fnReloadAjax.dataTables.js has an empty filter list
19:03:50,096 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/js/fnstandingredraw.datatables.js'; against '/**/*.css'
19:03:50,097 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/js/fnstandingredraw.datatables.js'; against '/**/*.js'
19:03:50,097 DEBUG FilterChainProxy:180 - /js/fnStandingRedraw.dataTables.js has an empty filter list
19:03:50,098 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/jqueryui-multiselect/jquery.multiselect.min.js'; against '/**/*.c
ss'
19:03:50,098 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/jqueryui-multiselect/jquery.multiselect.min.js'; against '/**/*.j
s'
19:03:50,099 DEBUG FilterChainProxy:180 - /plugins/jqueryui-multiselect/jquery.multiselect.min.js has an empty filter list
19:03:50,100 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/jqueryui-multiselect/jquery.multiselect.filter.min.js'; against '
/**/*.css'
19:03:50,100 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/jqueryui-multiselect/jquery.multiselect.filter.min.js'; against '
/**/*.js'
19:03:50,100 DEBUG FilterChainProxy:180 - /plugins/jqueryui-multiselect/jquery.multiselect.filter.min.js has an empty filter list
19:03:50,102 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/toggleradio/toggleradio.js'; against '/**/*.css'
19:03:50,102 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/highlight/highlight.js'; against '/**/*.css'
19:03:50,102 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/toggleradio/toggleradio.js'; against '/**/*.js'
19:03:50,103 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/highlight/highlight.js'; against '/**/*.js'
19:03:50,103 DEBUG FilterChainProxy:180 - /plugins/toggleradio/toggleradio.js has an empty filter list
19:03:50,103 DEBUG FilterChainProxy:180 - /plugins/Highlight/highlight.js has an empty filter list
19:03:50,105 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/jquery-ui-timepicker/jquery-ui-timepicker-addon.js'; against '/**
/*.css'
19:03:50,105 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/plugins/jquery-ui-timepicker/jquery-ui-timepicker-addon.js'; against '/**
/*.js'
19:03:50,105 DEBUG FilterChainProxy:180 - /plugins/jquery-ui-timepicker/jquery-ui-timepicker-addon.js has an empty filter list
19:03:50,229 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/css/redmond.custom/images/ui-icons_6da8d5_256x240.png'; against '/**/*.cs
s'
19:03:50,229 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/css/redmond.custom/images/ui-icons_6da8d5_256x240.png'; against '/**/*.js
'
19:03:50,229 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/css/redmond.custom/images/ui-bg_glass_85_dfeffc_1x400.png'; against '/**/
*.css'
19:03:50,230 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/css/redmond.custom/images/ui-icons_6da8d5_256x240.png'; against '/**/*.pn
g'
19:03:50,230 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/css/redmond.custom/images/ui-bg_glass_85_dfeffc_1x400.png'; against '/**/
*.js'
19:03:50,230 DEBUG FilterChainProxy:180 - /css/redmond.custom/images/ui-icons_6da8d5_256x240.png has an empty filter list
19:03:50,230 DEBUG AntPathRequestMatcher:103 - Checking match of request : '/css/redmond.custom/images/ui-bg_glass_85_dfeffc_1x400.png'; against '/**/
*.png'
19:03:50,231 DEBUG FilterChainProxy:180 - /css/redmond.custom/images/ui-bg_glass_85_dfeffc_1x400.png has an empty filter list

弹簧安全配置:

  <http pattern="/**/*.css" security="none" />
  <http pattern="/**/*.js" security="none" />
  <http pattern="/**/*.png" security="none" />

  <http auto-config="true" use-expressions="true">
    <intercept-url pattern="/login.html*" access="isAnonymous()" />
    <intercept-url pattern="/welcomePage.html*" access="hasRole('ROLE_USER')" />
    <intercept-url pattern="/**" access="isFullyAuthenticated()" />
    <form-login login-page="/login.html"
                default-target-url="/welcomePage.html"
                authentication-failure-url="/login.html"
                always-use-default-target="true" />
  </http>
4

1 回答 1

0

发现问题

我添加了弹簧安全代码,但忘记删除负责身份验证的旧代码的某些部分。我有一个拦截器,它会检查会话中的用户,如果找不到用户,则重定向到登录页面。

删除了旧的拦截器,现在问题已解决。

于 2013-05-10T01:21:04.040 回答