Spring security Spring安全url拦截与正则表达式匹配失败
使用Spring security 3.2,我尝试拦截URL,如下所示:Spring security Spring安全url拦截与正则表达式匹配失败,spring-security,Spring Security,使用Spring security 3.2,我尝试拦截URL,如下所示: <security:http use-expressions="true" path-type="regex" > <security:intercept-url pattern="/jsp/Error_403.jsp" access="hasAnyRole('ROLE_VISITOR','ROLE_ADMIN','ROLE_BRONZE_SUB','ROLE_BRONZE_TEST','R
<security:http use-expressions="true" path-type="regex" >
<security:intercept-url pattern="/jsp/Error_403.jsp" access="hasAnyRole('ROLE_VISITOR','ROLE_ADMIN','ROLE_BRONZE_SUB','ROLE_BRONZE_TEST','ROLE_SILVER_SUB','ROLE_SILVER_TEST','ROLE_GOLD_SUB','ROLE_GOLD_TEST')" />
<security:intercept-url pattern="/jsp/LoggedOut.jsp" access="hasAnyRole('ROLE_VISITOR','ROLE_ADMIN','ROLE_BRONZE_SUB','ROLE_BRONZE_TEST','ROLE_SILVER_SUB','ROLE_SILVER_TEST','ROLE_GOLD_SUB','ROLE_GOLD_TEST')" />
<security:intercept-url pattern="/jsp/home/header.html" access="hasAnyRole('ROLE_VISITOR','ROLE_ADMIN','ROLE_BRONZE_SUB','ROLE_BRONZE_TEST','ROLE_SILVER_SUB','ROLE_SILVER_TEST','ROLE_GOLD_SUB','ROLE_GOLD_TEST')"/>
<security:intercept-url pattern="/unjust?action=statistics" access="hasAnyRole('ROLE_ADMIN','ROLE_GOLD_SUB','ROLE_GOLD_TEST')" />
<security:intercept-url pattern="/unjust?action=browse" access="hasAnyRole('ROLE_ADMIN')" />
<security:intercept-url pattern="/unjust?action=search" access="hasAnyRole('ROLE_ADMIN','ROLE_BRONZE_SUB','ROLE_BRONZE_TEST','ROLE_SILVER_SUB','ROLE_SILVER_TEST','ROLE_GOLD_SUB','ROLE_GOLD_TEST')" />
<security:intercept-url pattern="/unjust?action=home" access="hasAnyRole('ROLE_ADMIN','ROLE_BRONZE_SUB','ROLE_BRONZE_TEST','ROLE_SILVER_SUB','ROLE_SILVER_TEST','ROLE_GOLD_SUB','ROLE_GOLD_TEST')" />
<security:intercept-url pattern="/unjust" access="hasAnyRole('ROLE_VISITOR','ROLE_ADMIN','ROLE_BRONZE_SUB','ROLE_BRONZE_TEST','ROLE_SILVER_SUB','ROLE_SILVER_TEST','ROLE_GOLD_SUB','ROLE_GOLD_TEST')"/>
<security:intercept-url pattern="/**" access="denyAll" />
<access-denied-handler error-page="/jsp/Error_403.jsp"/>
<security:logout />
<security:openid-login login-page="/openidlogin.jsp"
user-service-ref="registeringUserService" authentication-failure-url="/openidlogin.jsp?login_error=true">
<attribute-exchange identifier-match="https://www.google.com/.*">
<openid-attribute name="email"
type="http://axschema.org/contact/email" required="true" count="1" />
<openid-attribute name="firstname"
type="http://axschema.org/namePerson/first" required="true" />
<openid-attribute name="lastname"
type="http://axschema.org/namePerson/last" required="true" />
</attribute-exchange>
<attribute-exchange identifier-match=".*myopenid.com.*">
<openid-attribute name="email"
type="http://schema.openid.net/contact/email" required="true" />
<openid-attribute name="fullname"
type="http://schema.openid.net/namePerson" required="true" />
</attribute-exchange>
</security:openid-login>
<remember-me token-repository-ref="tokenRepo" />
</security:http>
<security:intercept-url pattern="\A^/unjust?action=search.$\Z"
有人能告诉我这种模式匹配的正确设置和语法吗?Spring默认情况下不支持url中的参数匹配。通过使用request matcher=“regex”或path type=“regex”的正则表达式匹配器,您可以使用正则表达式匹配URL。
现在,在您提供的模式中,action=browse“?”表示正则表达式中的特殊符号一次出现或零次出现。你应该逃跑吗?在您的模式中,通过使用
“\\?”<security:intercept-url pattern="\A^/unjust?action=search.$\Z"
/unjust?action=browseUNDT&sEcho=1&iColumns=7&sColumns=&iDisplayStart=0&iDisplayLength=10&mDataProp_0=caseName&mDataProp_1=caseId&mDataProp_2=judgmentDate&mDataProp_3=judgmentType&mDataProp_4=judgmentNo&mDataProp_5=docId&mDataProp_6=displayCase&sSearch=&bRegex=false&sSearch_0=&bRegex_0=false&bSearchable_0=true&sSearch_1=&bRegex_1=false&bSearchable_1=true&sSearch_2=&bRegex_2=false&bSearchable_2=true&sSearch_3=&bRegex_3=false&bSearchable_3=true&sSearch_4=&bRegex_4=false&bSearchable_4=true&sSearch_5=&bRegex_5=false&bSearchable_5=true&sSearch_6=&bRegex_6=false&bSearchable_6=true&iSortCol_0=0&sSortDir_0=asc&iSortingCols=1&bSortable_0=true&bSortable_1=true&bSortable_2=true&bSortable_3=true&bSortable_4=true&bSortable_5=true&bSortable_6=true&_=1379771161138