Spring security Spring Security 3.1授权
我想在我现有的web应用程序中使用spring security。目前我可以对用户进行身份验证。但我不能做授权。应用程序给出403-错误。我错过了什么?请帮忙。我的applicationContext-securty.xml如下Spring security Spring Security 3.1授权,spring-security,authorization,Spring Security,Authorization,我想在我现有的web应用程序中使用spring security。目前我可以对用户进行身份验证。但我不能做授权。应用程序给出403-错误。我错过了什么?请帮忙。我的applicationContext-securty.xml如下 <http use-expressions="true" > <!--<intercept-url pattern="/**" access="permitAll" /> --> <interc
<http use-expressions="true" >
<!--<intercept-url pattern="/**" access="permitAll" /> -->
<intercept-url pattern="/pages/test_for_admin/**" access="hasRole('ROLE_ADMIN')" />
<intercept-url pattern="/pages/main/scenarios.bak" access="isAuthenticated()" />
<!-- <form-login/>-->
<form-login login-page="/login.bak" default-target-url="/pages/main/scenarios.bak"/>
<logout />
</http>
<authentication-manager alias="authenticationManager" >
<authentication-provider >
<!-- <password-encoder hash="md5" /> -->
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="SELECT username, password,enabled FROM web_users WHERE username=?"
authorities-by-username-query="SELECT username,authority FROM web_authorities WHERE username = ?"
role-prefix="ROLE_" />
</authentication-provider>
</authentication-manager>
检查您在登录Spring后指向的URL。在这种情况下是这样的
default-target-url="/pages/main/scenarios.bak
它是一个有效的URL吗?当403被禁止时,您在浏览器的地址栏中看到了什么
嗯