0

我正在尝试使用弹簧安全性创建登录用例(我指的是这个例子)。

输入用户名和密码后,如果单击login按钮,则请求

j_spring_security_check.htm

url 并获得 HTTP 状态 404 - 对于上述 URL。

我正在使用 netbeans IDE。我不知道哪里出错了。请帮忙。

这里是内容web.xml

<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/applicationContext.xml</param-value>
    </context-param>
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>
    <servlet>
        <servlet-name>dispatcher</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <load-on-startup>2</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>dispatcher</servlet-name>
        <url-pattern>*.htm</url-pattern>
    </servlet-mapping>

    <session-config>
        <session-timeout>
            30
        </session-timeout>
    </session-config>
    <welcome-file-list>
        <welcome-file>redirect.jsp</welcome-file>
    </welcome-file-list>
</web-app>

这是登录表单的代码login.jsp

<c:if test="${not empty error}">
                <div class="errorblock">
        Your login attempt was not successful, try again.<br /> Caused :
        ${sessionScope["SPRING_SECURITY_LAST_EXCEPTION"].message}
                </div>
</c:if>


            <form name='f' action="<c:url value='j_spring_security_check.htm' />" method="POST">

                <div style="margin-left: 27%">
                    <input type="text" name="j_username" value="" placeholder="Username" class="login_hint" id="username" title="Username" />
                    <br/>
                    <input type="password" name="j_password" value="" placeholder="Password" class="login_hint" id="password" title="Password" />
                    <br />
                    <input type ="submit" value ="Login" class ="btn btn-primary loginBtn"/>
                 </div>
            </form>

这里是内容applicationContext-security.xml

<beans:beans xmlns="http://www.springframework.org/schema/security"
        xmlns:beans="http://www.springframework.org/schema/beans" 
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
        http://www.springframework.org/schema/security
        http://www.springframework.org/schema/security/spring-security-3.0.3.xsd">

        <http auto-config="true">
                <intercept-url pattern="/admin*" access="ROLE_USER" />
                <form-login login-page="/login" default-target-url="/admin/home.htm"
                        authentication-failure-url="/loginfailed" />
                <logout logout-success-url="/logout" />
        </http>

        <authentication-manager>
          <authentication-provider>
                <user-service>
                        <user name="admin" password="root" authorities="ROLE_USER" />
                </user-service>
          </authentication-provider>
        </authentication-manager>

</beans:beans>
4

2 回答 2

2

UsernamePasswordAuthenticationFilter拦截请求发送到(默认情况下/j_spring_security_check),所以很可能您只需.htm要从以下操作 URL 中删除结尾login.jsp

<form name='f' action="<c:url value='j_spring_security_check'/>" method="POST">

哦,好吧,似乎也缺少一些东西web.xml。您将需要设置安全过滤器链:

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>
于 2013-06-03T08:23:47.860 回答
1 
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">

  <display-name>Sample</display-name>
  <servlet>
    <servlet-name>appServlet</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <init-param>
      <param-name>contextConfigLocation</param-name>
      <param-value>
                /WEB-INF/spring/appServlet/servlet-context.xml
            </param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
  </servlet>
  <servlet-mapping>
    <servlet-name>appServlet</servlet-name>
    <url-pattern>*.htm</url-pattern>
  </servlet-mapping>
  <context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>
            /WEB-INF/spring/root-context.xml,
            /WEB-INF/spring/spring-security.xml
            </param-value>
  </context-param>
  <listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
  </listener>
  <filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>*</url-pattern>
  </filter-mapping>
  <welcome-file-list>
        <welcome-file>index.jsp</welcome-file>
    </welcome-file-list>

</web-app>

只需将 servlet - url 映射为 *.htm 并将过滤器映射 url 模式作为 *

试试这个。它会工作。希望这可以帮助

于 2013-06-29T04:47:21.660 回答