Spring mvc Jetty嵌入式服务器与Spring安全集成
我正在尝试使用SpringSecurity登录,当我使用JettyMaven插件时,我的代码已经工作了。但现在我希望它也能在Jetty嵌入式服务器上运行。当我提交登录到spring安全处理链接时,它显示以下警告:Spring mvc Jetty嵌入式服务器与Spring安全集成,spring-mvc,spring-security,embedded-jetty,Spring Mvc,Spring Security,Embedded Jetty,我正在尝试使用SpringSecurity登录,当我使用JettyMaven插件时,我的代码已经工作了。但现在我希望它也能在Jetty嵌入式服务器上运行。当我提交登录到spring安全处理链接时,它显示以下警告: HTTP ERROR: 500 INTERNAL_SERVER_ERROR RequestURI=/auth/login_check Caused by: java.lang.AbstractMethodError at javax.servlet.http.HttpServletRe
HTTP ERROR: 500
INTERNAL_SERVER_ERROR
RequestURI=/auth/login_check
Caused by:
java.lang.AbstractMethodError
at javax.servlet.http.HttpServletRequestWrapper.changeSessionId(HttpServletRequestWrapper.java:290)
at javax.servlet.http.HttpServletRequestWrapper.changeSessionId(HttpServletRequestWrapper.java:290)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:209)
at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:194)
at org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy.applySessionFixation(ChangeSessionIdAuthenticationStrategy.java:48)
at org.springframework.security.web.authentication.session.AbstractSessionFixationProtectionStrategy.onAuthentication(AbstractSessionFixationProtectionStrategy.java:82)
at org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy.onAuthentication(ChangeSessionIdAuthenticationStrategy.java:32)
at org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy.onAuthentication(CompositeSessionAuthenticationStrategy.java:83)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:216)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1115)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:361)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:417)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:324)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:534)
at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:879)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:741)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:213)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:403)
at org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:522)
我猜它与Jetty的jsp-2.1、jsp-api-2.1 jar相冲突。我能做些什么来解决这个问题?这是我的jetty依赖项:
<properties>
<jetty.version>6.1.14</jetty.version>
</properties>
...
<dependency>
<groupId>org.mortbay.jetty</groupId>
<artifactId>jetty</artifactId>
<version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.mortbay.jetty</groupId>
<artifactId>jetty-util</artifactId>
<version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.mortbay.jetty</groupId>
<artifactId>jetty-plus</artifactId>
<version>${jetty.version}</version>
</dependency>
<!--jsp support for jetty, add the 2 following -->
<dependency>
<groupId>org.mortbay.jetty</groupId>
<artifactId>jsp-2.1</artifactId>
<version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.mortbay.jetty</groupId>
<artifactId>jsp-api-2.1</artifactId>
<version>${jetty.version}</version>
</dependency>
6.1.14
...
org.mortbay.jetty
码头
${jetty.version}
org.mortbay.jetty
码头
${jetty.version}
org.mortbay.jetty
jetty plus
${jetty.version}
org.mortbay.jetty
jsp-2.1
${jetty.version}
org.mortbay.jetty
jsp-api-2.1
${jetty.version}
dispatcher servlet xml中的Spring安全配置:
<security:http auto-config="true" use-expressions="true">
<security:form-login login-page="/login"
username-parameter="email" password-parameter="password"
login-processing-url="/auth/login_check" authentication-failure-url="/login?error"
default-target-url="/" always-use-default-target="true" />
<security:logout logout-url="/logout"
logout-success-url="/" delete-cookies="JSESSIONID" />
<security:remember-me token-validity-seconds="1209600"
remember-me-parameter="remember-me" data-source-ref="dataSource" />
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:password-encoder hash="md5" />
<security:jdbc-user-service
data-source-ref="dataSource"
users-by-username-query="select email, password, enabled from users where email=?"
authorities-by-username-query="select username, role from user_roles where username=?" />
</security:authentication-provider>
</security:authentication-manager>
<bean id="dataSource"
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName" value="com.mysql.jdbc.Driver"></property>
<property name="url" value="jdbc:mysql://localhost:3306/chamgroupdb" />
<property name="username" value="root"></property>
<property name="password" value=""></property>
</bean>
<bean id="sessionFactory"
class="org.springframework.orm.hibernate4.LocalSessionFactoryBean">
<property name="dataSource" ref="dataSource" />
<property name="hibernateProperties">
<props>
<prop key="hibernate.dialect">org.hibernate.dialect.DerbyDialect</prop>
<prop key="hibernate.show_sql">true</prop>
<prop key="javax.persistence.validation.factory">validator</prop>
</props>
</property>
<property name="packagesToScan" value="com.chamgroup.model" />
</bean>
org.hibernate.dialogue.derbydialogue
真的
验证器
您需要升级Jetty才能正常工作
是在Servlet3.1中引入的
Jetty 6是Servlet 2.4,在2010年是EOL(寿命终止)
Jetty 7是Servlet 2.5,在2014年是EOL
Jetty 8是Servlet 3.0,在2014年是EOL
Jetty 9.0-9.1是基于Servlet 3.1规范的早期草稿/alpha/beta版本发布的
Jetty 9.2.x是第一个支持最终Servlet3.1规范的版本
Jetty 9.3.2是Jetty的当前稳定版本(需要Java 8)感谢您提供关于每个版本Servlet的信息