Java 404在升级到spring security 4后尝试登录时_Java_Xml_Spring_Spring Security

Java 404在升级到spring security 4后尝试登录时

java xml spring spring-security

Java 404在升级到spring security 4后尝试登录时,java,xml,spring,spring-security,Java,Xml,Spring,Spring Security,我有带spring的Java web应用程序。在我使用SpringSecurity3之前，没有任何问题。我升级到了SpringSecurity 4 我可以构建和部署我的应用程序，不会引发异常。唯一的问题是当我尝试登录时，我从应用程序得到404响应。所有其他页面都可以工作，包括使用我的Mongo数据库中的数据的页面到目前为止，我尝试的是：使用'/j\u spring\u security\u check'和'/login'登录。我始终使用POST 将放入安全xml中我检查过我没有 we

我有带spring的Java web应用程序。在我使用SpringSecurity3之前，没有任何问题。我升级到了SpringSecurity 4

我可以构建和部署我的应用程序，不会引发异常。唯一的问题是当我尝试登录时，我从应用程序得到404响应。所有其他页面都可以工作，包括使用我的Mongo数据库中的数据的页面

到目前为止，我尝试的是：

使用

'/j\u spring\u security\u check'

和

'/login'

将
放入安全xml中
我检查过我没有

web.xml：

<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
    id="WebApp_ID" version="3.0">
    <display-name>conference-application</display-name>

    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>classpath:/META-INF/spring/applicationContext.xml</param-value>
    </context-param>

    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>

    <filter>
        <filter-name>encodingFilter</filter-name>
        <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
        <init-param>
            <param-name>encoding</param-name>
            <param-value>UTF-8</param-value>
        </init-param>
    </filter>

    <filter>
        <filter-name>requestContextFilter</filter-name>
        <filter-class>org.springframework.web.filter.RequestContextFilter</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>requestContextFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <filter-mapping>
        <filter-name>encodingFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <!-- Spring Security -->
    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <!-- Spring dispatcher -->
    <servlet>
        <servlet-name>rest</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>classpath:/META-INF/spring/rest-servlet.xml</param-value>
        </init-param>
        <load-on-startup>1</load-on-startup>
    </servlet>

    <servlet-mapping>
        <servlet-name>rest</servlet-name>
        <url-pattern>/rest/*</url-pattern>
    </servlet-mapping>

</web-app>

您可能缺少以下标记-

    <security:intercept-url pattern='Your login url' />

启用spring安全调试日志并查看日志。如果您使用的是log4j，请在您的配置中添加类似的内容：log4j.org.springframework.security=debug我正在查看日志，您知道我应该查找什么吗？

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:security="http://www.springframework.org/schema/security"
    xmlns:p="http://www.springframework.org/schema/p" xmlns:context="http://www.springframework.org/schema/context"
    xsi:schemaLocation="
        http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.0.xsd
        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd
        http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.0.xsd">
                                                                                        <!-- spring-security 3.2 -> 4.0  -->
    <!-- Has to be defined in same context where beans are scanned -->
    <security:global-method-security secured-annotations="enabled"
        authentication-manager-ref="customAuthenticationManager" />

    <context:property-placeholder location="classpath:*.properties" ignore-unresolvable="true"
        order="1" />

    <mvc:annotation-driven />

    <mvc:resources mapping="/scripts/**" location="/scripts/" cache-period="300" />
    <mvc:resources mapping="/styles/**" location="/styles/" cache-period="300" />
    <mvc:resources mapping="/partials/**" location="/partials/" cache-period="300" />
    <mvc:resources mapping="/images/**" location="/images/" cache-period="300" />
    <mvc:resources mapping="/assets/**" location="/assets/" cache-period="300" />

    <bean id="jacksonMessageConverter" class="org.springframework.web.servlet.view.json.MappingJackson2JsonView"></bean>
    <bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver" />

    <!-- init -->
    <context:component-scan base-package="com.myal.repository" />
    <context:component-scan base-package="com.myal.rest" />

</beans>

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:security="http://www.springframework.org/schema/security" xmlns:p="http://www.springframework.org/schema/p"
    xmlns:context="http://www.springframework.org/schema/context"
    xsi:schemaLocation="
        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd
        http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.0.xsd">
                                                                                        <!-- spring-security 3.2 -> 4.0  -->
    <security:http pattern="/rest/**" auto-config="false" use-expressions="true" entry-point-ref="response403EntryPoint"/>

    <security:http auto-config="false" use-expressions="true" entry-point-ref="authenticationEntryPoint">
        <security:access-denied-handler error-page="/#/not-authorized"/>
        <security:logout logout-url="/logout" invalidate-session="true" logout-success-url="/" />
        <security:custom-filter ref="jsonAuthenticationProcessingFilter" position="FORM_LOGIN_FILTER" />
        <security:csrf disabled="true"/><!-- just put this here!! -->
    </security:http>

    <bean id="customAuthenticationManager" class="com.myal.security.CustomAuthenticationManager" p:username="admin"
        p:password="admin" />

    <bean id="customAuthenticationFailureHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler"
        p:defaultFailureUrl="/rest/security/login-failed" />

    <bean id="customAuthenticationSuccessHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler"
        p:defaultTargetUrl="/rest/security/check" />

    <bean id="authenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
        <constructor-arg value="/#/login" />
    </bean>

    <bean id="response403EntryPoint" class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint"/>

    <bean id="jsonAuthenticationProcessingFilter" class="com.myal.security.JsonAuthenticationProcessingFilter"
        p:authenticationManager-ref="customAuthenticationManager" p:authenticationFailureHandler-ref="customAuthenticationFailureHandler"
        p:authenticationSuccessHandler-ref="customAuthenticationSuccessHandler" />

    <security:authentication-manager />
</beans>

11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.filterChains': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.filterChainProxy': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.web.PortMapperImpl#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.web.PortResolverImpl#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.authentication.ProviderManager#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.web.context.HttpSessionSecurityContextRepository#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.web.savedrequest.HttpSessionRequestCache#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.access.vote.AffirmativeBased#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.authentication.AnonymousAuthenticationProvider#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.userDetailsServiceFactory': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.web.DefaultSecurityFilterChain#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.web.PortMapperImpl#1': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.web.PortResolverImpl#1': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#1': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.authentication.ProviderManager#1': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.web.context.HttpSessionSecurityContextRepository#1': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86)     - Rejected bean name 'org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy#1': no URL paths

    <security:intercept-url pattern='Your login url' />