Spring security 玉兰CMS带花+；春季安全

我对magnolia blossom用户提出了关于春季安全的问题 我试图遵循所有的指南提供的玉兰cms网页，但没有一个适合我。我已经按照描述的方式配置了web.xml和spring安全上下文，以及我自己从数据库检索用户的配置。我可以使用jetty（eclipse）启动应用程序，而不会出现任何关于beans etx的错误，但当登录页面出现时，我无法实现这种情况。 在开发人员magnolia jetty实例上运行时，我被要求使用magnolia页面登录，成功登录后，没有spring安全性迫使我再次登录。这是示例url

http://localhost:9999/magnolia-blossom-sample-webapp/home/tours/statues-tour.html

在tomcat上部署到公共magnolia实例时，我没有被要求登录到magnolia，但我得到的页面没有使用spring security的登录页面

http://localhost:8080/magnoliaPublic/home/tours.html

问题是我可能会错过什么，我无法获得授权页面以使用spring security登录

这是我的配置

Magnolia public/author web.xml（因为web.xml不在my blossom模块中）

---

向Magnolia的过滤器链中的最后一个过滤器致意-

RenderingFilter

在过滤器链中充当终止符。如果它发现要从Magnolia（或通过Blossom）渲染的内容，它将不会继续处理过滤器链，因此您的其他过滤器（spring security）将不会执行。您需要确保在Magnolia筛选器链之前或Magnolia筛选器链内部执行筛选器。要实现后者，请在Magnolia的AdminCentral中的

config:/server/filters

下定义过滤器。。。在

ContextFilter

之后和

CacheFilter

之前的任何位置都可以。使用其他过滤器作为示例，说明如何配置您的过滤器或查看或

嗯,

一月

  <filter>
    <display-name>Magnolia global filters</display-name>
    <filter-name>magnoliaFilterChain</filter-name>
    <filter-class>info.magnolia.cms.filters.MgnlMainFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>magnoliaFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>INCLUDE</dispatcher>
    <dispatcher>ERROR</dispatcher>
  </filter-mapping>
    <filter>
  <filter-name>springSecurityFilterChain</filter-name>
  <filter-class>info.magnolia.module.blossom.web.InstallationAwareDelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
  <filter-name>springSecurityFilterChain</filter-name>
  <url-pattern>/home/*</url-pattern> // /* doesn't work neither
</filter-mapping>
  <listener>
    <listener-class>info.magnolia.init.MagnoliaServletContextListener</listener-class>
  </listener>
  <context-param>
    <description>Vaadin production mode</description>
    <param-name>productionMode</param-name>
    <param-value>true</param-value>
  </context-param>

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/security 
    http://www.springframework.org/schema/security/spring-security-3.1.xsd
        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd"
        default-autowire="byType">

    <beans:bean id="authSuccessHandler" class="security.auth.AuthenticationSuccessHandler">
        <beans:property name="userLogic" ref="userLogic"/>
    </beans:bean>

    <beans:bean id="authFailureHandler" class="security.auth.AuthenticationFailureHandler">
    </beans:bean>

    <http auto-config="true" use-expressions="true">
        <intercept-url pattern="/**" access="isAuthenticated()" />
        <intercept-url pattern="/*" access="hasRole('adminMLM')" />
        <form-login login-page="/login"         
            authentication-success-handler-ref="authSuccessHandler"
            authentication-failure-handler-ref="authFailureHandler"
            default-target-url="/"      
        />
        <logout />
    </http>

    <beans:bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
      <beans:property name="userDetailsService" ref="userLogic"/>     
      <beans:property name="passwordEncoder" ref="userLogic"/>
      <beans:property name="saltSource" ref="userLogic"/>
    </beans:bean>

    <authentication-manager>
      <authentication-provider ref="daoAuthenticationProvider" />
    </authentication-manager>




</beans:beans>

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:blossom="http://www.magnolia-cms.com/schema/blossom"
       xsi:schemaLocation="http://www.springframework.org/schema/beans 
       http://www.springframework.org/schema/beans/spring-beans.xsd 
       http://www.magnolia-cms.com/schema/blossom 
       http://www.magnolia-cms.com/schema/blossom.xsd ">

  <bean class="info.magnolia.blossom.sample.module.service.SalesApplicationWebServiceImpl" />

  <bean id="springSecurityFilterChain" class="org.springframework.web.filter.DelegatingFilterProxy"/>



</beans>

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:context="http://www.springframework.org/schema/context"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">

  <context:annotation-config/>

  <context:component-scan base-package="logic.impl" />
  <context:component-scan base-package="info.magnolia.blossom.sample.module" use-default-filters="false">
    <context:include-filter type="annotation" expression="info.magnolia.module.blossom.annotation.Template"/>
    <context:include-filter type="annotation" expression="info.magnolia.module.blossom.annotation.Area"/>
    <context:include-filter type="annotation" expression="info.magnolia.module.blossom.annotation.DialogFactory"/>
    <context:include-filter type="annotation" expression="info.magnolia.module.blossom.annotation.VirtualURIMapper"/>
    <context:include-filter type="assignable" expression="info.magnolia.cms.beans.config.VirtualURIMapping"/>
  </context:component-scan>


  <bean class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter">
    <property name="customArgumentResolvers">
      <list>
        <bean class="info.magnolia.module.blossom.web.BlossomHandlerMethodArgumentResolver" />
      </list>
    </property>
    <!-- For @Valid - JSR-303 Bean Validation API -->
    <property name="webBindingInitializer">
      <bean class="org.springframework.web.bind.support.ConfigurableWebBindingInitializer">
        <property name="validator">
          <bean class="org.springframework.validation.beanvalidation.LocalValidatorFactoryBean" />
        </property>
      </bean>
    </property>
  </bean>

  <bean class="info.magnolia.module.blossom.preexecution.BlossomHandlerMapping">
    <property name="targetHandlerMappings">
      <list>
        <bean class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping">
          <property name="useSuffixPatternMatch" value="false" />
        </bean>
        <bean class="org.springframework.web.servlet.handler.BeanNameUrlHandlerMapping" />
      </list>
    </property>
  </bean>

  <bean class="org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter" />

  <bean class="info.magnolia.module.blossom.view.UuidRedirectViewResolver">
    <property name="order" value="1" />
  </bean>

  <!-- JSP - renders all views that end with .jsp -->
  <bean class="info.magnolia.module.blossom.view.TemplateViewResolver">
    <property name="order" value="2"/>
    <property name="prefix" value="/templates/blossomSampleModule/"/>
    <property name="viewNames" value="*.jsp"/>
    <property name="viewRenderer">
      <bean class="info.magnolia.module.blossom.view.JspTemplateViewRenderer">
        <property name="contextAttributes">
          <map>
            <entry key="damfn">
              <bean class="info.magnolia.rendering.renderer.ContextAttributeConfiguration">
                <property name="name" value="damfn"/>
                <property name="componentClass" value="info.magnolia.dam.asset.functions.DamTemplatingFunctions"/>
              </bean>
            </entry>
          </map>
        </property>
      </bean>
    </property>
  </bean>

  <!-- Freemarker - renders all views that end with .ftl -->
  <bean class="info.magnolia.module.blossom.view.TemplateViewResolver">
    <property name="order" value="3"/>
    <property name="prefix" value="/blossomSampleModule/"/>
    <property name="viewNames" value="*.ftl"/>
    <property name="viewRenderer">
      <bean class="info.magnolia.module.blossom.view.FreemarkerTemplateViewRenderer">
        <property name="contextAttributes">
          <map>
            <entry key="cms">
              <bean class="info.magnolia.rendering.renderer.ContextAttributeConfiguration">
                <property name="name" value="cms"/>
                <property name="componentClass" value="info.magnolia.templating.freemarker.Directives"/>
              </bean>
            </entry>
            <entry key="cmsfn">
              <bean class="info.magnolia.rendering.renderer.ContextAttributeConfiguration">
                <property name="name" value="cmsfn"/>
                <property name="componentClass" value="info.magnolia.templating.functions.TemplatingFunctions"/>
              </bean>
            </entry>
            <entry key="damfn">
              <bean class="info.magnolia.rendering.renderer.ContextAttributeConfiguration">
                <property name="name" value="damfn"/>
                <property name="componentClass" value="info.magnolia.dam.asset.functions.DamTemplatingFunctions"/>
              </bean>
            </entry>
          </map>
        </property>
      </bean>
    </property>
  </bean>




</beans>

public class BlossomSampleModule extends BlossomModuleSupport implements ModuleLifecycle {

    public void start(ModuleLifecycleContext moduleLifecycleContext) {
        if (moduleLifecycleContext.getPhase() == ModuleLifecycleContext.PHASE_SYSTEM_STARTUP) {
            super.initRootWebApplicationContext("classpath:/applicationContext.xml");
            super.initBlossomDispatcherServlet("blossom", "classpath:/blossom-servlet.xml, classpath:/applicationContext-security.xml");

        }
    }

    public void stop(ModuleLifecycleContext moduleLifecycleContext) {
        if (moduleLifecycleContext.getPhase() == ModuleLifecycleContext.PHASE_SYSTEM_SHUTDOWN) {
            super.destroyDispatcherServlets();
            super.closeRootWebApplicationContext();
        }
    }
}