Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/spring/13.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java 将行添加到安全配置后出现错误\u太多\u重定向_Java_Spring_Spring Security - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java 将行添加到安全配置后出现错误\u太多\u重定向

Java 将行添加到安全配置后出现错误\u太多\u重定向

java spring spring-security

Java 将行添加到安全配置后出现错误\u太多\u重定向,java,spring,spring-security,Java,Spring,Spring Security,我添加行 <intercept-url pattern="/*" access="isAuthenticated()"/> security_config.xml <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.or

我添加行

<intercept-url pattern="/*" access="isAuthenticated()"/>
security_config.xml

<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
    http://www.springframework.org/schema/security
    http://www.springframework.org/schema/security/spring-security-3.1.xsd">

    <http use-expressions="true">
<!--        <intercept-url pattern="/*" access="permitAll" /> -->
        <intercept-url pattern="/*" access="isAuthenticated()"/> 
        <form-login login-page="/home.jsp"
            authentication-failure-url="/loginFailed" default-target-url="/index" />
        <logout logout-success-url="/logOut" />
    </http>
    <authentication-manager>
<!--        <authentication-provider ref="provider" /> -->
<authentication-provider>
    <user-service>
    <user name="name" authorities="ROLE_USER"/>
    </user-service>
</authentication-provider>
    </authentication-manager>

</beans:beans>
home.jsp:

<%@ page language="java" contentType="text/html; charset=utf8"
    pageEncoding="utf8"%>
<%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>
<%@taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
<%@ taglib prefix="sec"
    uri="http://www.springframework.org/security/tags"%>
<html>
<head>
<title>Home</title>
</head>
<body>
    <h1>
        Hello,
        <sec:authentication property="principal" />!
    </h1>
    <c:set var="username">
        <sec:authentication property="principal" />
    </c:set>
    <p style="color:#ff0000">${message}</p>

    <c:if test="${username != 'anonymousUser'}">
        <form method="POST" action="j_spring_security_logout">
            <input type="submit" value="log out">
        </form>
        <jsp:include page="WEB-INF/views/menu.jsp" flush="true" />
    </c:if>
    <form method="POST" action="<c:url value="/j_spring_security_check" />" <c:if test="${username != 'anonymousUser'}">hidden="true"</c:if>>
        <table>
            <tr>
                <td align="right">login</td>
                <td><input type="text" name="j_username" id="login"
                    onkeyup="validate()" /></td>
            </tr>
            <tr>
                <td align="right">password</td>
                <td><input type="password" name="j_password" id ="passwordId" onkeyup="validate()" /></td>
            </tr>
            <tr>
                <td align="right">remember me</td>
                <td><input type="checkbox" name="_spring_security_remember_me" /></td>
            </tr>
            <tr>
                <td colspan="2" align="right"><input type="submit"
                    value="Login" id="idSubmit" disabled /> <input type="reset"
                    value="Reset" /></td>
            </tr>
        </table>
    </form>

</body>
<script type="text/javascript">
    function validate() {
        element = document.getElementById("idSubmit");
        element1 = document.getElementById("login");
        resultMatch = element1.value.match('([a-zA-Z0-9])+(_){1}([a-zA-Z0-9])+')
        if (resultMatch == null){
            element.setAttribute("disabled", "disabled");
            return
        }
        if(resultMatch[0] == element1.value && document.getElementById("passwordId").value !="" ){
            element.removeAttribute("disabled");
            return
        }
        else
            element.setAttribute("disabled", "disabled");

    }
    window.onload = "validate()";
</script>
</html>


家
你好
!

${message}

登录
密码
记得我吗
函数验证(){
元素=document.getElementById(“idSubmit”);
element1=document.getElementById(“登录”);
resultMatch=element1.value.match(“([a-zA-Z0-9])+({1}([a-zA-Z0-9])+”)
if(resultMatch==null){
setAttribute(“禁用”、“禁用”);
返回
}
if(resultMatch[0]==element1.value&&document.getElementById(“passwordId”).value!=“”){
元素。删除属性(“禁用”);
返回
}
其他的
setAttribute(“禁用”、“禁用”);
}
window.onload=“validate()”;
但如果我这样写的话

<intercept-url pattern="/*" access="permitAll" />
它工作得很好

你能帮我吗?



<intercept-url pattern="/*" access="isAuthenticated()"/>
意味着所有URL都需要身份验证。这包括您的登录URL。发生的情况是,您点击了一个URL,spring看到需要auth,因此它重定向到登录URL,但是您无法访问登录URL,除非您进行了身份验证,因此它将您重定向到登录URL-因此是一个无限重定向循环

Spring按照您定义的顺序计算拦截URL,因此您可以通过在catch all上方添加一行来解决此问题,告诉Spring登录URL不需要auth。您还应该在注销和登录失败后为转发到的URL添加一行,否则它只会要求您再次登录

<intercept-url pattern="/home.jsp" access="permitAll" /> 
<intercept-url pattern="/*" access="isAuthenticated()" />
当您具有以下配置时,注销阶段也可能发生同样的情况: 
http.logout().logout成功URL(“/logout”).permitAll()原因:Spring security首次运行
HttpSecurity
class
getHttp
方法,在该方法中初始化
http
对象。稍后,当您通过
configure(HttpSecurity-http)
方法自定义此对象时,实际上您正在覆盖这些字段。默认情况下,
/logout
用作注销url,如果成功,则重定向到注销成功url。如图所示:


但如果注销成功url的配置与
/logout
相同,则无限重定向循环正在等待。今天我打开了这个潘多拉盒子


<intercept-url pattern="/home.jsp" access="permitAll" /> 
<intercept-url pattern="/*" access="isAuthenticated()" />