【问题标题】:After Spring Security authentication get HTTP Status 404 error在 Spring Security 身份验证后得到 HTTP 状态 404 错误
【发布时间】:2016-09-11 05:38:17
【问题描述】:

在处理向我的 Web 应用程序注入 Spring Security 时,我遇到问题 HTTP 状态 404 错误。当我首先尝试访问我的页面时,我得到自动配置的登录页面,在输入正确的登录名和密码后,我得到 HTTP 状态 404 错误。代码如下

web.xml

<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xmlns="http://java.sun.com/xml/ns/javaee"
     xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
     id="WebApp_ID" version="2.5">

<filter>
    <filter-name>encodingFilter</filter-name>
    <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
    <init-param>
        <param-name>encoding</param-name>
        <param-value>UTF-8</param-value>
    </init-param>
    <init-param>
        <param-name>forceEncoding</param-name>
        <param-value>true</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>encodingFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>


<servlet>
    <servlet-name>spring</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
    <servlet-name>spring</servlet-name>
    <url-pattern>/*</url-pattern>
</servlet-mapping>

<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>/WEB-INF/application-context.xml, /WEB-INF/application-security.xml</param-value>
</context-param>

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>

应用程序安全性.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
         xmlns:beans="http://www.springframework.org/schema/beans"   
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xsi:schemaLocation="http://www.springframework.org/schema/beans
                http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
                http://www.springframework.org/schema/security
                http://www.springframework.org/schema/security/spring-security-4.1.xsd">

<http auto-config="true" use-expressions="true">
    <intercept-url pattern="/main/**" access="hasRole('ROLE_USER')" />
</http>

<authentication-manager>
    <authentication-provider>
        <user-service>
            <user name="admin" password="adminpassword" authorities="ROLE_USER, ROLE_ADMIN" />
            <user name="user" password="userpassword" authorities="ROLE_USER" />
        </user-service>
    </authentication-provider>
</authentication-manager>

控制器

@Controller
@RequestMapping(value = "/main")
public class MainController {

@Autowired
DeputesAppealService deputesAppealService;

@Autowired
DeputesAppealDao deputesAppealDao;


@RequestMapping(value = "/mainFrame", method = RequestMethod.GET)
public String getMainPage(){
    return "mainPage";
}

@RequestMapping(value = "/resultOfSearching", method = RequestMethod.GET)
public String getSearchResult(Model model, @ModelAttribute("searchChar")String searchResult)  {
    List<DeputesAppeal> deputesAppeals = deputesAppealService.abstractSearch(searchResult);
    model.addAttribute("ListOfAppeals", deputesAppeals);
    return "searchingResultPage";
}

@RequestMapping(value = "/new", method = RequestMethod.GET)
public String getAddNewAppealPage(){
    return "addPage";
}


@RequestMapping(value = "/new", method = RequestMethod.POST)
public String addNewAppeal(@ModelAttribute("Appeal")DeputesAppeal deputesAppeal) {
    deputesAppealService.add(deputesAppeal);
    return "mainPage";
}


@RequestMapping(value = "/deleted", method = RequestMethod.GET)
public String deleteAppeal(@RequestParam(value = "id", required = true) Long id, Model model){
    deputesAppealService.delete(id);
    model.addAttribute("id", id);
    return "deletedPage";
}

@RequestMapping(value = "/editPage", method = RequestMethod.GET)
public String GetEdit(@RequestParam(value = "id", required = true) Long id, Model model){
    model.addAttribute("editedAppeal", deputesAppealService.getById(id));
    return "editPage";
}

@RequestMapping(value = "/editPage", method = RequestMethod.POST)
public String editCurrentAppeal(@ModelAttribute("userAttribute") DeputesAppeal deputesAppeal,
                                @RequestParam(value = "id", required = true)Integer id, Model model) {
    deputesAppeal.setNumber(id);
    deputesAppealService.edit(deputesAppeal);
    model.addAttribute("id", id);
    return "editedPage";
}
}

【问题讨论】:

    标签: java spring spring-mvc spring-security


    【解决方案1】:

    看看你的 web.xml 中是否定义了 springSecurityFilterChain

    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>
    
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
    

    您还需要更改登录 URL

    <c:url value="/j_spring_security_check" var="loginUrl" />
    

    并在您的表单操作中使用它:

    <form action="${loginUrl}" method="post">
    

    【讨论】:

    • 在我的 web.xml 中有它
    • 您还需要更改发出 POST 请求的登录 URL,如下所示: 并在表单中使用它动作:
    • 谢谢,但是表单已配置为 auto。我可以在哪里进行更改?
    • 请查看这篇文章,了解如何在 login.jsp stackoverflow.com/questions/25036781/… 中添加这些行
    • 非常感谢我的问题在下一行 springSecurityFilterChain/* 我更改了清除模式的“/”一切正常
    猜你喜欢
    • 2015-02-04
    • 2013-10-14
    • 2011-02-11
    • 2013-01-11
    • 2018-07-30
    • 2020-04-08
    • 1970-01-01
    • 2018-12-15
    • 2018-11-21
    相关资源
    最近更新 更多