Java 使用spring安全性创建自定义登录
我正在使用SpringSecurity3.1、PrimeFaces5.0和JSF2.0创建一个自定义登录表单。访问应用程序的URL:测试:8080/TEST 加载应用程序时,将显示登录页面。单击submit时,应该显示hello.xhtml页面。(URL:testing:8080/TEST/welcome)。当前显示的是http状态404,而不是hello.xhtml。我认为这个问题与URL有关。有人能帮忙吗 spring-security.xmlJava 使用spring安全性创建自定义登录,java,spring,jsf-2,primefaces,Java,Spring,Jsf 2,Primefaces,我正在使用SpringSecurity3.1、PrimeFaces5.0和JSF2.0创建一个自定义登录表单。访问应用程序的URL:测试:8080/TEST 加载应用程序时,将显示登录页面。单击submit时,应该显示hello.xhtml页面。(URL:testing:8080/TEST/welcome)。当前显示的是http状态404,而不是hello.xhtml。我认为这个问题与URL有关。有人能帮忙吗 spring-security.xml <beans xmlns="http:/
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd">
<security:http auto-config="true" use-expressions="true">
<security:intercept-url pattern="/login"
access="permitAll" />
<security:intercept-url pattern="/loginfailed"
access="permitAll" />
<security:intercept-url pattern="/welcome"
access="permitAll" />
<security:intercept-url pattern="/admin**"
access="hasAnyRole('ROLE_USER')" />
<security:form-login login-page="/login"
default-target-url="/welcome" always-use-default-target="true"
authentication-failure-url="/login?error" username-parameter="username"
password-parameter="password" />
<security:logout logout-success-url="/login?logout" />
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="admin" password="admin"
authorities="ROLE_USER" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="
http://www.springframework.org/schema/mvc http://www.springframework.org/schema /mvc/spring-mvc-3.1.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
<import resource="classpath:spring-context.xml" />
<context:annotation-config />
</beans>
请附加异常堆栈跟踪我没有任何异常堆栈跟踪。它只给我Http状态404发布您的Springbeans配置文件查看编辑的版本。applicationContext.xml我不明白你的意思。据我所知,model.setViewName(“hello”)正在将其映射到hello.xhtmlcorrect,当您在控制器类中定义这个@RequestMapping(value=“/welcome”,method=RequestMethod.POST)时,url将显示…/welcome not/helloyes this good。但是为什么它不显示hello.xhtml的内容而显示状态404呢?从逻辑上讲,它在model.setViewName(“hello”)内部进行映射
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:c="http://java.sun.com/jsp/jstl/core"
xmlns:p="http://primefaces.org/ui">
<f:view>
<h:head>
<title>Login Page</title>
</h:head>
<h:body>
<h1>Spring Security Custom Login Form (XML)</h1>
<div id="login-box">
<h3>Login with Username and Password</h3>
<c:if test="${not empty error}">
<div class="error">${error}</div>
</c:if>
<c:if test="${not empty msg}">
<div class="msg">${msg}</div>
</c:if>
<form name='loginForm' action="j_spring_security_check" method='POST'>
<table>
<tr>
<td>User:</td>
<td><input type='text' name='username' value=''/></td>
</tr>
<tr>
<td>Password:</td>
<td><input type='password' name='password' /></td>
</tr>
<tr>
<td colspan='2'><input name="submit" type="submit"
value="submit" /></td>
</tr>
</table>
</form>
</div>
</h:body>
package mu.sil.managedBeans;
@Controller
public class Login {
@RequestMapping(value = "/welcome", method = RequestMethod.POST)
public ModelAndView welcomePage() {
ModelAndView model = new ModelAndView();
model.addObject("title", "Spring Security Custom Login Form");
model.addObject("message", "This is welcome page!");
model.setViewName("hello");
return model;
}
@RequestMapping(value = "/admin**", method = RequestMethod.GET)
public ModelAndView adminPage() {
ModelAndView model = new ModelAndView();
model.addObject("title", "Spring Security Custom Login Form");
model.addObject("message", "This is protected page!");
model.setViewName("admin");
return model;
}
// Spring Security see this :
@RequestMapping(value = "/login", method = RequestMethod.GET)
public ModelAndView login(
@RequestParam(value = "error", required = false) String error,
@RequestParam(value = "logout", required = false) String logout) {
ModelAndView model = new ModelAndView();
if (error != null) {
model.addObject("error", "Invalid username and password!");
}
if (logout != null) {
model.addObject("msg", "You've been logged out successfully.");
}
model.setViewName("index");
return model;
}
}
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="
http://www.springframework.org/schema/mvc http://www.springframework.org/schema /mvc/spring-mvc-3.1.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
<import resource="classpath:spring-context.xml" />
<context:annotation-config />
</beans>