Java Spring安全登录问题
我是Spring Security的新手,在Spring MVC应用程序中配置了Spring Security 在提交登录页面后,我得到以下错误Java Spring安全登录问题,java,spring-mvc,spring-security,Java,Spring Mvc,Spring Security,我是Spring Security的新手,在Spring MVC应用程序中配置了Spring Security 在提交登录页面后,我得到以下错误 请求的资源(/j\u spring\u security\u check)不可用。 我无法理解这种行为 请帮忙 spring security.xml <security:http auto-config="true" use-expressions="true" access-denied-page="/appln/denied">
请求的资源(/j\u spring\u security\u check)不可用。
我无法理解这种行为
请帮忙
spring security.xml
<security:http auto-config="true" use-expressions="true" access-denied-page="/appln/denied">
<security:intercept-url pattern="/appln/login" access="permitAll" />
<security:intercept-url pattern="/appln/index" access="hasRole('ROLE_ADMIN')" />
<security:intercept-url pattern="/appln/run" access="hasRole('ROLE_ADMIN')" />
<security:intercept-url pattern="/appln/common" access="hasRole('ROLE_USER')" />
<security:form-login login-page="/appln/login"
authentication-failure-url="/appln/login?error=true"
default-target-url="/appln/run"
authentication-success-handler-ref="AuthHandlr" />
<security:logout invalidate-session="true"
logout-success-url="/appln/login"
delete-cookies="JSESSIONID" />
</security:http>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>servlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
Web.xml
<security:http auto-config="true" use-expressions="true" access-denied-page="/appln/denied">
<security:intercept-url pattern="/appln/login" access="permitAll" />
<security:intercept-url pattern="/appln/index" access="hasRole('ROLE_ADMIN')" />
<security:intercept-url pattern="/appln/run" access="hasRole('ROLE_ADMIN')" />
<security:intercept-url pattern="/appln/common" access="hasRole('ROLE_USER')" />
<security:form-login login-page="/appln/login"
authentication-failure-url="/appln/login?error=true"
default-target-url="/appln/run"
authentication-success-handler-ref="AuthHandlr" />
<security:logout invalidate-session="true"
logout-success-url="/appln/login"
delete-cookies="JSESSIONID" />
</security:http>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>servlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
springSecurityFilterChain
org.springframework.web.filter.DelegatingFilterProxy
springSecurityFilterChain
/*
servlet
org.springframework.web.servlet.DispatcherServlet
1.
org.springframework.web.context.ContextLoaderListener
解决了这个问题
在我的loginpage.jsp中,action属性定义为
action=../../j\u spring\u security\u check
我正在玩上面的游戏,并将其更改为
action=/j\u spring\u security\u check
而且它没有任何问题
尽管问题已经解决,但任何人都可以详细说明为什么路径更改会起作用。表单操作可以是“j_-spring\u-security\u-check”或“j_-spring\u-security\u-check” 这是Spring中的默认安全设置,无法更改
类似地,表单字段必须是'j_username'和'j_password'一个spring安全配置片段(以及相关的web.xml片段)将非常有用。您检查了日志文件了吗?该消息通常表示服务器没有正常启动。某个地方应该有日志错误/堆栈跟踪。