Java 未加载Spring security自定义表单(未找到通过页面)
我一直在使用ApacheVelocity开发SpringMVC,现在一直在使用SpringSecurity集成。 我浏览了mkyong提供的文档和示例: 问题:其他每一个请求都将发送到控制器,但“/login”未到达控制器,因为控制台未显示模型对象的sysout值 以下是我的spring-security.xml:Java 未加载Spring security自定义表单(未找到通过页面),java,spring-mvc,spring-security,velocity,Java,Spring Mvc,Spring Security,Velocity,我一直在使用ApacheVelocity开发SpringMVC,现在一直在使用SpringSecurity集成。 我浏览了mkyong提供的文档和示例: 问题:其他每一个请求都将发送到控制器,但“/login”未到达控制器,因为控制台未显示模型对象的sysout值 以下是我的spring-security.xml: <http auto-config="true" use-expressions="true"> <form-login login-page="/logi
<http auto-config="true" use-expressions="true">
<form-login login-page="/login" default-target-url="/sample.html" authentication-failure-url="/login?error" username-parameter="userName" password-parameter="password" />
<intercept-url pattern="/login*" access="isAnonymous()" />
<logout invalidate-session="true" logout-success-url="/login?success" />
<csrf />
</http>
<beans xmlns="http://www......>
<mvc:annotation-driven />
<context:component-scan base-package="com.anksys.bgms"></context:component-scan>
<mvc:default-servlet-handler />
<!-- This bean sets up the Velocity environment for us based on a root path
for templates. Optionally, a properties file can be specified for more control
over the Velocity environment, but the defaults are pretty same for file
based template loading. -->
<bean id="velocityConfig"
class="org.springframework.web.servlet.view.velocity.VelocityConfigurer">
<property name="resourceLoaderPath" value="/WEB-INF/views/velocity/" />
</bean>
<!-- Velocity template resolver -->
<bean
class="org.springframework.web.servlet.view.velocity.VelocityLayoutViewResolver">
<property name="viewClass"
value="org.springframework.web.servlet.view.velocity.VelocityLayoutView" />
<property name="layoutUrl" value="base_template.vm"></property>
<property name="cache" value="true" />
<property name="prefix" value="" />
<property name="suffix" value=".vm" />
<property name="order" value="1" />
<property name="attributesMap">
<map>
<entry key="authz"><bean class="com.anksys.bgms.security.VelocityUserDetails"></bean></entry>
</map>
</property>
</bean>
<!-- JSP resolver -->
<bean id="viewResolver"
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/views/" />
<property name="suffix" value=".jsp" />
<property name="order" value="2" />
</bean>
web.xml url映射标记出错。能否将访问控制表达式从isAnonymouse()更改为permitAll。如果您仍然无法访问登录表单,请共享更多信息。与spring安全日志(调试级别)或更好的版本类似,一个简单的应用程序也有同样的问题。即使日志是空的……除了拒绝用户访问之外,没有任何错误/**根据我的理解,以下是日志中的最后几行……我发现请求没有通过映射“/login”正确发送到控制器
<beans xmlns="http://www......>
<mvc:annotation-driven />
<context:component-scan base-package="com.anksys.bgms"></context:component-scan>
<mvc:default-servlet-handler />
<!-- This bean sets up the Velocity environment for us based on a root path
for templates. Optionally, a properties file can be specified for more control
over the Velocity environment, but the defaults are pretty same for file
based template loading. -->
<bean id="velocityConfig"
class="org.springframework.web.servlet.view.velocity.VelocityConfigurer">
<property name="resourceLoaderPath" value="/WEB-INF/views/velocity/" />
</bean>
<!-- Velocity template resolver -->
<bean
class="org.springframework.web.servlet.view.velocity.VelocityLayoutViewResolver">
<property name="viewClass"
value="org.springframework.web.servlet.view.velocity.VelocityLayoutView" />
<property name="layoutUrl" value="base_template.vm"></property>
<property name="cache" value="true" />
<property name="prefix" value="" />
<property name="suffix" value=".vm" />
<property name="order" value="1" />
<property name="attributesMap">
<map>
<entry key="authz"><bean class="com.anksys.bgms.security.VelocityUserDetails"></bean></entry>
</map>
</property>
</bean>
<!-- JSP resolver -->
<bean id="viewResolver"
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/views/" />
<property name="suffix" value=".jsp" />
<property name="order" value="2" />
</bean>
2015-01-28 10:02:25 DEBUG DefaultRedirectStrategy:36 - Redirecting to 'http://localhost:8081/BGMS/login'
2015-01-28 10:02:25 DEBUG HttpSessionSecurityContextRepository:300 - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2015-01-28 10:02:25 DEBUG SecurityContextPersistenceFilter:97 - SecurityContextHolder now cleared, as request processing completed
2015-01-28 10:02:25 DEBUG FilterChainProxy:337 - /login at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2015-01-28 10:02:25 DEBUG HttpSessionSecurityContextRepository:148 - HttpSession returned null object for SPRING_SECURITY_CONTEXT
2015-01-28 10:02:25 DEBUG HttpSessionSecurityContextRepository:90 - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@243b81d0. A new one will be created.
2015-01-28 10:02:25 DEBUG FilterChainProxy:337 - /login at position 2 of 12 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2015-01-28 10:02:25 DEBUG FilterChainProxy:337 - /login at position 3 of 12 in additional filter chain; firing Filter: 'CsrfFilter'
2015-01-28 10:02:25 DEBUG FilterChainProxy:337 - /login at position 4 of 12 in additional filter chain; firing Filter: 'LogoutFilter'
2015-01-28 10:02:25 DEBUG AntPathRequestMatcher:127 - Request 'GET /login' doesn't match 'POST /j_spring_security_logout
2015-01-28 10:02:25 DEBUG FilterChainProxy:337 - /login at position 5 of 12 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2015-01-28 10:02:25 DEBUG FilterChainProxy:337 - /login at position 6 of 12 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
2015-01-28 10:02:25 DEBUG FilterChainProxy:337 - /login at position 7 of 12 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2015-01-28 10:02:25 DEBUG DefaultSavedRequest:309 - pathInfo: both null (property equals)
2015-01-28 10:02:25 DEBUG DefaultSavedRequest:309 - queryString: both null (property equals)
2015-01-28 10:02:25 DEBUG DefaultSavedRequest:331 - requestURI: arg1=/BGMS/user/sample.html; arg2=/BGMS/login (property not equals)
2015-01-28 10:02:25 DEBUG HttpSessionRequestCache:75 - saved request doesn't match
2015-01-28 10:02:25 DEBUG FilterChainProxy:337 - /login at position 8 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2015-01-28 10:02:25 DEBUG FilterChainProxy:337 - /login at position 9 of 12 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2015-01-28 10:02:25 DEBUG AnonymousAuthenticationFilter:102 - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@6faa1b5a: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@ffff6a82: RemoteIpAddress: 127.0.0.1; SessionId: 8373E425131980C1C5DF87CB932C8AB0; Granted Authorities: ROLE_ANONYMOUS'
2015-01-28 10:02:25 DEBUG FilterChainProxy:337 - /login at position 10 of 12 in additional filter chain; firing Filter: 'SessionManagementFilter'
2015-01-28 10:02:25 DEBUG FilterChainProxy:337 - /login at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2015-01-28 10:02:25 DEBUG FilterChainProxy:337 - /login at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2015-01-28 10:02:25 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/login'; against '/user/**'
2015-01-28 10:02:25 DEBUG FilterSecurityInterceptor:185 - Public object - authentication not attempted
2015-01-28 10:02:25 DEBUG FilterChainProxy:323 - /login reached end of additional filter chain; proceeding with original chain
2015-01-28 10:02:25 DEBUG HttpSessionSecurityContextRepository:300 - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2015-01-28 10:02:25 DEBUG ExceptionTranslationFilter:115 - Chain processed normally
2015-01-28 10:02:25 DEBUG SecurityContextPersistenceFilter:97 - SecurityContextHolder now cleared, as request processing completed