Java Spring安全,始终重定向到登录页面
我有一个严重的问题。。。 我试图在WebLogic11g上创建一个应用程序,使用Spring3、Hibernate3和AngularJS。 两天来,我一直很难让我的应用程序正常运行。 最后,我终于成功了 但是,问题是当我对自己进行身份验证时,我在应用程序上导航,在每个页面上, spring security在登录页面上重定向我。。。我真的不知道为什么 Web.xml:Java Spring安全,始终重定向到登录页面,java,spring,hibernate,spring-mvc,weblogic11g,Java,Spring,Hibernate,Spring Mvc,Weblogic11g,我有一个严重的问题。。。 我试图在WebLogic11g上创建一个应用程序,使用Spring3、Hibernate3和AngularJS。 两天来,我一直很难让我的应用程序正常运行。 最后,我终于成功了 但是,问题是当我对自己进行身份验证时,我在应用程序上导航,在每个页面上, spring security在登录页面上重定向我。。。我真的不知道为什么 Web.xml: <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:jsp="http://java.sun.com/xml/ns/javaee/jsp" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/spring.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>com.bla.Init</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring/spring.xml
</param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encodingFilter</filter-name>
<servlet-name>dispatcher</servlet-name>
</filter-mapping>
<jsp-config>
<jsp-property-group>
<url-pattern>*.jsp</url-pattern>
<page-encoding>UTF-8</page-encoding>
<trim-directive-whitespaces>true</trim-directive-whitespaces>
</jsp-property-group>
</jsp-config>
</web-app>
调度员
org.springframework.web.servlet.DispatcherServlet
上下文配置位置
/WEB-INF/spring/spring.xml
1.
调度员
/
org.springframework.web.context.ContextLoaderListener
com.bla.Init
上下文配置位置
/WEB-INF/spring/spring.xml
springSecurityFilterChain
org.springframework.web.filter.DelegatingFilterProxy
springSecurityFilterChain
/*
编码滤波器
org.springframework.web.filter.CharacterEncodingFilter
编码
UTF-8
强制编码
真的
编码滤波器
调度员
*.jsp
UTF-8
真的
Spring.xml
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/task/spring-context-3.0.xsd">
<!-- Basic Configurations -->
<context:annotation-config/>
<context:component-scan base-package="test.model"/>
<context:component-scan base-package="test.repository"/>
<context:component-scan base-package="test.service"/>
<context:component-scan base-package="test.controller"/>
<!-- SpringMVC -->
<import resource="spring-mvc.xml"/>
<!-- SpringData -->
<import resource="spring-jpa.xml"/>
<!-- SpringSecurity -->
<import resource="spring-security.xml"/>
</beans>
spring security.xml:
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
<security:global-method-security secured-annotations="enabled" />
<security:http auto-config="true" use-expressions="true" access-denied-page="/login?error=403">
<security:intercept-url pattern="/" access="permitAll" />
<security:intercept-url pattern="/protected/**" access="isFullyAuthenticated()" />
<security:form-login login-page="/login" authentication-failure-url="/login?error=403" default-target-url="/protected/home" />
<security:logout invalidate-session="true" logout-success-url="/login" logout-url="/logout" />
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:jdbc-user-service
data-source-ref="myRapportDataSource"
users-by-username-query="select nni, password, enabled from system_user where nni = ?"
authorities-by-username-query="select u.nni as login, u.user_role as role from system_user u where u.nni = ?" />
</security:authentication-provider>
</security:authentication-manager>
</beans>
我还添加了spring mvc.xml:
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd">
<mvc:annotation-driven/>
<mvc:default-servlet-handler/>
<!-- Login Interceptor -->
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/protected/**"/>
<bean class="gram.interceptor.LoginInterceptor"/>
</mvc:interceptor>
<!-- workaround to fix IE8 problem -->
<bean id="webContentInterceptor"
class="org.springframework.web.servlet.mvc.WebContentInterceptor">
<property name="cacheSeconds" value="0"/>
<property name="useExpiresHeader" value="true"/>
<property name="useCacheControlHeader" value="true"/>
<property name="useCacheControlNoStore" value="true"/>
</bean>
</mvc:interceptors>
</beans>
起初,这个应用程序在Tomcat6上运行良好,但我必须在WebLogic10.3.6上迁移它
有什么想法吗?我几乎绝望了
非常感谢各位来看看我的问题
只有与/
匹配的URL才具有权限
访问权限。所以你需要的实际上是:
带有
只有与/
匹配的URL才具有权限
访问权限。所以你需要的实际上是:
试试pattern=“/**”access=“permitAll”
。我的上帝sp00m,你救了我!我只是。。。非常感谢你!试试pattern=“/**”access=“permitAll”
。我的上帝sp00m,你救了我!我只是。。。非常感谢你!