【问题标题】:spring security 4.0.1 - HTTP Status 405 - Request method 'POST' not supportedspring security 4.0.1 - HTTP 状态 405 - 不支持请求方法“POST”
【发布时间】:2015-09-02 04:01:34
【问题描述】:

我正在使用 Spring MVC (4.1.6 RELEASE) 和 Spring Security (4.0.1 RELEASE)。

当我尝试提交登录表单时,我收到“HTTP 状态 405 - 不支持请求方法‘POST’。”错误。

web.xml

<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>classpath:/jpaContext.xml</param-value>
</context-param>
<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>/WEB-INF/config/security-config.xml</param-value>
</context-param>
<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
    <servlet-name>ISMServlet</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <init-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/config/servlet-config.xml</param-value>
    </init-param>
</servlet>
<servlet-mapping>
    <servlet-name>ISMServlet</servlet-name>
    <url-pattern>*.html</url-pattern>
</servlet-mapping>

spring-security.xml

<context:annotation-config />
<context:component-scan  base-package="com.sam"/>

<security:http auto-config='true' >    
    <security:intercept-url pattern="/index.jsp" access="permitAll" />
    <security:intercept-url pattern="/login.html" access="permitAll" />
    <security:intercept-url pattern="/**" access="hasRole('USER')" />
    <security:access-denied-handler error-page="/403.html"/>
    <security:form-login login-page="/login.html"   authentication-failure-url="/error.html" default-target-url="/home.html" /> 
    <security:logout logout-success-url="/index.jsp" delete-cookies="JSESSIONID"/>
</security:http>

<security:authentication-manager>
    <security:authentication-provider>
        <security:password-encoder hash="bcrypt" />
        <security:jdbc-user-service data-source-ref="dataSource" />
    </security:authentication-provider>
</security:authentication-manager>

<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
    <property name="driverClassName" value="com.mysql.jdbc.Driver" />
    <property name="url" value="jdbc:mysql://localhost:3306/ism" />
    <property name="username" value="root" />
    <property name="password" value="" />
</bean>

form.html

<form  action="j_spring_security_check" name="f" method="post" >

            <input name="j_username" type="text" />
            <input name="j_password" type="password"/>
            <input name="submit" id="button" type="submit" value="enter" />
    </form>

【问题讨论】:

  • 您能发布您的控制器类(例如定义的映射)吗?

标签: spring spring-security


【解决方案1】:

登录提交操作的默认登录端点是 /login。您在 login.html 中有端点 j_spring_security_check,spring 不知道它如何处理此映射。因此,也可以尝试使用带有 ids/names 用户名/密码的输入元素:

<form  action="/login" name="f" method="post" >
    <input id="username" name="username" type="text" />
    <input id="password" name="password" type="password"/>
    <input name="submit" id="button" type="submit" value="enter" />
</form>

请修改 中的两个条目(servlet-config.xml、spring-security.xml)。 将 url-mapping 更改为:

<servlet-mapping>
    <servlet-name>ISMServlet</servlet-name>
    <url-pattern>/</url-pattern>
</servlet-mapping>

【讨论】:

  • 我做了,但它给出了这个错误 HTTP Status 404 - /login
  • 您还有其他日志、信息、堆栈跟踪吗?
  • 我做了,但它再次给出了这个错误 HTTP Status 404 - /login
  • 请给我一些更多信息,例如:登录后的网址(在浏览器中),来自例如的网络信息firebug(可能是重定向到另一个 url...),tomcat 日志。您能否在发送登录公式后验证您是否已登录?
  • localhost:8085/ISM/login.html - 登录页面地址,点击后进入登录表单,即出现 404 错误的地址 localhost:8085/login
【解决方案2】:

我认为在sprng-security 4中默认启用了csrf保护。所以在你的登录表单中添加这一行

<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>

【讨论】:

    【解决方案3】:

    servlet-config.xml

    <context:component-scan base-package="com.sam.controller"/>
    
    <bean class="org.springframework.web.servlet.view.ContentNegotiatingViewResolver">
        <property name="order" value="1" />
        <property name="contentNegotiationManager">
            <bean class="org.springframework.web.accept.ContentNegotiationManager">
                <constructor-arg>
                    <bean class="org.springframework.web.accept.PathExtensionContentNegotiationStrategy">
                        <constructor-arg>
                            <map>
                                <entry key="json" value="application/json" />
                                <entry key="xml" value="application/xml" />
                            </map>
                        </constructor-arg>
                    </bean>
                </constructor-arg>
            </bean>
        </property>
    
        <property name="defaultViews">
            <list>
                <bean class="org.springframework.web.servlet.view.json.MappingJackson2JsonView" />
                <bean class="org.springframework.web.servlet.view.xml.MarshallingView">
                    <constructor-arg>
                        <bean class="org.springframework.oxm.xstream.XStreamMarshaller">
                            <property name="autodetectAnnotations" value="true" />
                        </bean>
                    </constructor-arg>
                </bean>
            </list>
        </property>
    </bean>
    
    <mvc:interceptors>
        <bean class="org.springframework.web.servlet.i18n.LocaleChangeInterceptor" p:paramName="language"/>
    </mvc:interceptors>
    
    <bean id="localeResolver" class="org.springframework.web.servlet.i18n.SessionLocaleResolver" p:defaultLocale="fa"/>
    
    <bean id="messageSource" 
              class="org.springframework.context.support.ResourceBundleMessageSource" 
              p:basename="messages">
    </bean>
    
    <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver" 
              p:prefix="/WEB-INF/jsp/" p:suffix=".jsp" p:order="2"/>
    
    <bean class="org.springframework.web.servlet.view.BeanNameViewResolver" p:order="0"/>
    

    contoller.java

    @Controller
    public class UserController {
    
        @RequestMapping(value = "home", method = RequestMethod.GET)
        public String goHomePage(Model model) throws IOException {
            return "home";
        }
    }
    

    【讨论】:

      猜你喜欢
      • 2015-05-01
      • 2016-04-30
      • 2015-07-31
      • 2015-01-31
      • 1970-01-01
      • 2012-06-24
      • 2015-04-09
      • 2016-03-29
      • 2014-09-24
      相关资源
      最近更新 更多