Java 404在升级到spring security 4后尝试登录时
我有带spring的Java web应用程序。在我使用SpringSecurity3之前,没有任何问题。我升级到了SpringSecurity 4 我可以构建和部署我的应用程序,不会引发异常。唯一的问题是当我尝试登录时,我从应用程序得到404响应。所有其他页面都可以工作,包括使用我的Mongo数据库中的数据的页面 到目前为止,我尝试的是:Java 404在升级到spring security 4后尝试登录时,java,xml,spring,spring-security,Java,Xml,Spring,Spring Security,我有带spring的Java web应用程序。在我使用SpringSecurity3之前,没有任何问题。我升级到了SpringSecurity 4 我可以构建和部署我的应用程序,不会引发异常。唯一的问题是当我尝试登录时,我从应用程序得到404响应。所有其他页面都可以工作,包括使用我的Mongo数据库中的数据的页面 到目前为止,我尝试的是: 使用'/j\u spring\u security\u check'和'/login'登录。我 始终使用POST 将放入安全xml中 我检查过我没有 we
- 使用
和'/j\u spring\u security\u check'
登录。我 始终使用POST'/login'
- 将
放入安全xml中 - 我检查过我没有
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
id="WebApp_ID" version="3.0">
<display-name>conference-application</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:/META-INF/spring/applicationContext.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter>
<filter-name>requestContextFilter</filter-name>
<filter-class>org.springframework.web.filter.RequestContextFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>requestContextFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>encodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Spring dispatcher -->
<servlet>
<servlet-name>rest</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:/META-INF/spring/rest-servlet.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>rest</servlet-name>
<url-pattern>/rest/*</url-pattern>
</servlet-mapping>
</web-app>
您可能缺少以下标记-
<security:intercept-url pattern='Your login url' />
启用spring安全调试日志并查看日志。如果您使用的是log4j,请在您的配置中添加类似的内容:log4j.org.springframework.security=debug我正在查看日志,您知道我应该查找什么吗?
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:security="http://www.springframework.org/schema/security"
xmlns:p="http://www.springframework.org/schema/p" xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.0.xsd">
<!-- spring-security 3.2 -> 4.0 -->
<!-- Has to be defined in same context where beans are scanned -->
<security:global-method-security secured-annotations="enabled"
authentication-manager-ref="customAuthenticationManager" />
<context:property-placeholder location="classpath:*.properties" ignore-unresolvable="true"
order="1" />
<mvc:annotation-driven />
<mvc:resources mapping="/scripts/**" location="/scripts/" cache-period="300" />
<mvc:resources mapping="/styles/**" location="/styles/" cache-period="300" />
<mvc:resources mapping="/partials/**" location="/partials/" cache-period="300" />
<mvc:resources mapping="/images/**" location="/images/" cache-period="300" />
<mvc:resources mapping="/assets/**" location="/assets/" cache-period="300" />
<bean id="jacksonMessageConverter" class="org.springframework.web.servlet.view.json.MappingJackson2JsonView"></bean>
<bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver" />
<!-- init -->
<context:component-scan base-package="com.myal.repository" />
<context:component-scan base-package="com.myal.rest" />
</beans>
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security" xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.0.xsd">
<!-- spring-security 3.2 -> 4.0 -->
<security:http pattern="/rest/**" auto-config="false" use-expressions="true" entry-point-ref="response403EntryPoint"/>
<security:http auto-config="false" use-expressions="true" entry-point-ref="authenticationEntryPoint">
<security:access-denied-handler error-page="/#/not-authorized"/>
<security:logout logout-url="/logout" invalidate-session="true" logout-success-url="/" />
<security:custom-filter ref="jsonAuthenticationProcessingFilter" position="FORM_LOGIN_FILTER" />
<security:csrf disabled="true"/><!-- just put this here!! -->
</security:http>
<bean id="customAuthenticationManager" class="com.myal.security.CustomAuthenticationManager" p:username="admin"
p:password="admin" />
<bean id="customAuthenticationFailureHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler"
p:defaultFailureUrl="/rest/security/login-failed" />
<bean id="customAuthenticationSuccessHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler"
p:defaultTargetUrl="/rest/security/check" />
<bean id="authenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
<constructor-arg value="/#/login" />
</bean>
<bean id="response403EntryPoint" class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint"/>
<bean id="jsonAuthenticationProcessingFilter" class="com.myal.security.JsonAuthenticationProcessingFilter"
p:authenticationManager-ref="customAuthenticationManager" p:authenticationFailureHandler-ref="customAuthenticationFailureHandler"
p:authenticationSuccessHandler-ref="customAuthenticationSuccessHandler" />
<security:authentication-manager />
</beans>
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.filterChains': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.filterChainProxy': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.web.PortMapperImpl#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.web.PortResolverImpl#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.authentication.ProviderManager#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.web.context.HttpSessionSecurityContextRepository#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.web.savedrequest.HttpSessionRequestCache#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.access.vote.AffirmativeBased#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.authentication.AnonymousAuthenticationProvider#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.userDetailsServiceFactory': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.web.DefaultSecurityFilterChain#0': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.web.PortMapperImpl#1': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.web.PortResolverImpl#1': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.config.authentication.AuthenticationManagerFactoryBean#1': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.authentication.ProviderManager#1': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.web.context.HttpSessionSecurityContextRepository#1': no URL paths identified
11-28@14:14:00 DEBUG (AbstractDetectingUrlHandlerMapping.java:86) - Rejected bean name 'org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy#1': no URL paths
<security:intercept-url pattern='Your login url' />