1

我正在将项目升级到 spring 3.2 和 spring security 3.1 的过程中。站点网格在 2.4.2 版本中。行为是下一个。如果我写下一个 url http://localhost:8081/erp-web/ ,服务器会给我唯一的登录页面。页面未由 sitemesh 修饰

但如果我写下一个 url http://localhost:8081/erp-web/login.mavi,服务器会给我正确装饰的登录页面。像这样页面装饰得当。

这是我的安全会议

<security:intercept-url pattern="/decorators/**" access="permitAll"/>
<security:intercept-url pattern="/resources/**" access="permitAll" />      
<security:intercept-url pattern="/login.do" access="permitAll" />

<security:form-login login-page="/login.do"
    default-target-url="/home.do" authentication-failure-url="/login.do?login_error=1" />
<security:logout logout-success-url="/logout.do" delete-cookies="JSESSIONID"/>

并在 web.xml

<!-- SECURITY -->
<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

<!-- SITEMESH -->
<filter>
    <filter-name>sitemesh</filter-name>
    <filter-class>com.opensymphony.module.sitemesh.filter.PageFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>sitemesh</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>ERROR</dispatcher>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>INCLUDE</dispatcher>
</filter-mapping>

这是视图解析器。

        <bean
            class="org.springframework.web.servlet.view.InternalResourceViewResolver"
            p:viewClass="org.springframework.web.servlet.view.JstlView"
            p:prefix="/WEB-INF/jsp/" p:suffix=".jsp" />

干杯。

4

1 回答 1

3

好的。解决方案很简单。我刚刚添加到我的decorators.xml这一行

<pattern>/</pattern>

现在看起来像这样。

<decorator name="login" page="login.jsp">
    <pattern>/</pattern>
    <pattern>/login.do</pattern>
    <pattern>/spring_security_login</pattern>
</decorator>
于 2013-08-23T15:45:02.153 回答