2

我正在开发一个基于 java 的 Web 应用程序,在 Tomcat 服务器上使用 Spring Security SAML 实现 SSO。此应用程序将扮演服务提供者角色 (SP)。检索此 SP 元数据的默认 Spring URL 是:

https://www.server.com:8080/context/saml/metadata

这工作得很好,按预期返回元数据 XML 文件。但是,当我将DefaultServlet servlet-mappings 添加到 web.xml 时遇到了问题。甚至只是一些基本的东西:

<servlet-mapping>
    <servlet-name>default</servlet-name>
    <url-pattern>*.gif</url-pattern>
</servlet-mapping>

如果 web.xml 中存在一个或多个默认 servlet 映射,则上述 URL 将返回 404。任何人都知道可能导致此问题的原因并有可能的解决方案吗?

更新:我已将上面的确切 servlet 映射放在 Spring Security SAML 示例应用程序中,它还阻止元数据 URL 工作。如果我将其注释掉或删除它,它会按预期工作。下面是 web.xml:

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4" 
xmlns="http://java.sun.com/xml/ns/j2ee" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">

<display-name>Spring Security SAML</display-name>
<description>Sample application demonstrating Spring security SAML integration.</description>

<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>
        /WEB-INF/securityContext.xml
    </param-value>
</context-param>

<servlet>
    <servlet-name>saml</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
    <servlet-name>saml</servlet-name>
    <url-pattern>/saml/web/*</url-pattern>
</servlet-mapping>

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

<!-- This servlet mapping prevents the /saml/metadata URL from working. -->
 <servlet-mapping>
    <servlet-name>default</servlet-name>
    <url-pattern>*.gif</url-pattern>
</servlet-mapping>

<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>

<welcome-file-list>
    <welcome-file>index.jsp</welcome-file>
</welcome-file-list>

<error-page>
    <exception-type>java.lang.Exception</exception-type>
    <location>/error.jsp</location>
</error-page>


</web-app>
4

1 回答 1

2

我已尝试Spring SAML 1.0.0.RELEASE按照以下步骤重现您的问题:

  • 下载的 Spring SAML 源
  • 替换sample/src/main/webapp/WEB-INF/web.xml为你的web.xml
  • 使用启动示例应用程序gradlew build tomcatRun

但是我无法重现您的问题,一切都会继续正常工作。该问题可能特定于某些 Tomcat 版本,请尝试使用我的步骤重现它,并最终尝试更改您的 Tomcat 版本。

更新:

正如您提到的,当直接部署到 Tomcat 时,我能够复制它。defaultservlet 似乎跳过了在定义的过滤器的执行/*。以下配置应该适合您:

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4"
         xmlns="http://java.sun.com/xml/ns/j2ee"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">

    <display-name>Spring Security SAML</display-name>
    <description>Sample application demonstrating Spring security SAML integration.</description>

    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>
            /WEB-INF/securityContext.xml
        </param-value>
    </context-param>

    <servlet>
        <servlet-name>saml</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>

    <servlet-mapping>
        <servlet-name>saml</servlet-name>
        <url-pattern>/*</url-pattern>
    </servlet-mapping>

    <servlet-mapping>
        <servlet-name>jsp</servlet-name>
        <url-pattern>/WEB-INF/*</url-pattern>
    </servlet-mapping>

    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <servlet-mapping>
        <servlet-name>default</servlet-name>
        <url-pattern>/images/*</url-pattern>
    </servlet-mapping>

    <servlet-mapping>
        <servlet-name>default</servlet-name>
        <url-pattern>/css/*</url-pattern>
    </servlet-mapping>

    <servlet-mapping>
        <servlet-name>default</servlet-name>
        <url-pattern>*.gif</url-pattern>
    </servlet-mapping>

    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>

    <welcome-file-list>
        <welcome-file>index.jsp</welcome-file>
    </welcome-file-list>

    <error-page>
        <exception-type>java.lang.Exception</exception-type>
        <location>/error.jsp</location>
    </error-page>


</web-app>

确保更改文件org.springframework.security.saml.web.MetadataController并替换@RequestMapping("/metadata")@RequestMapping("/saml/web/metadata")

于 2014-08-09T17:16:12.633 回答