自定义登录+;Spring Security+;瓷砖&x2B;请求方法';邮政';不支持
我正在尝试访问受Spring(v.4.1.0)安全性(v.3.2.5)保护的URL(例如/用户/订阅),在提交用户名/密码和csrf令牌后,我收到以下错误: HTTP错误405访问/j_spring_安全检查时出现问题。原因: 不支持请求方法“POST” 我有以下配置。 web.xml 瓷砖定义自定义登录+;Spring Security+;瓷砖&x2B;请求方法';邮政';不支持,spring,spring-mvc,spring-security,apache-tiles,Spring,Spring Mvc,Spring Security,Apache Tiles,我正在尝试访问受Spring(v.4.1.0)安全性(v.3.2.5)保护的URL(例如/用户/订阅),在提交用户名/密码和csrf令牌后,我收到以下错误: HTTP错误405访问/j_spring_安全检查时出现问题。原因: 不支持请求方法“POST” 我有以下配置。 web.xml 瓷砖定义 <definition name="login_def" extends="defaultTemplate_m"> <put-attribute name="title" va
<definition name="login_def" extends="defaultTemplate_m">
<put-attribute name="title" value="Podcastpedia"/>
<put-attribute name="page_description" value="Podcastpedia.org, knowledge to go"/>
<put-attribute name="body-id" value="latest-episodes-podcast-subscriptions" />
<put-attribute name="content" value="/WEB-INF/jsp/user/login.jsp"/>
</definition>
login.jsp
<form name='loginForm'
action="<c:url value='/j_spring_security_check' />" method='POST'>
<table>
<tr>
<td>User:</td>
<td><input type='text' name='username' value=''></td>
</tr>
<tr>
<td>Password:</td>
<td><input type='password' name='password' /></td>
</tr>
<tr>
<td colspan='2'>
<input name="submit" type="submit" value="submit" />
</td>
</tr>
</table>
<input type="hidden"
name="${_csrf.parameterName}" value="${_csrf.token}" />
</form>
用户:
密码:
平铺上下文配置
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd">
<!-- Views mapped in views.properties (PDF, XLS classes, and others) -->
<bean id="contentNegotiatingResolver"
class="org.springframework.web.servlet.view.ContentNegotiatingViewResolver">
<property name="order"
value="#{T(org.springframework.core.Ordered).HIGHEST_PRECEDENCE}" />
<property name="favorPathExtension" value="true"/>
<property name="contentNegotiationManager">
<bean class="org.springframework.web.accept.ContentNegotiationManager">
<constructor-arg>
<bean class="org.springframework.web.accept.PathExtensionContentNegotiationStrategy">
<constructor-arg>
<map>
<entry key="html" value="text/html"/>
<entry key="pdf" value="application/pdf"/>
<entry key="xsl" value="application/vnd.ms-excel"/>
<entry key="xml" value="application/xml"/>
<entry key="json" value="application/json"/>
<entry key="atom" value="application/xml"/>
</map>
</constructor-arg>
</bean>
</constructor-arg>
</bean>
</property>
</bean>
<bean id="tilesViewResolver"
class="org.springframework.web.servlet.view.UrlBasedViewResolver">
<property name="viewClass" value="org.springframework.web.servlet.view.tiles3.TilesView" />
<property name="order" value="#{contentNegotiatingResolver.order+1}" />
</bean>
<bean id="viewResolver" class="org.springframework.web.servlet.view.ResourceBundleViewResolver">
<property name="basename" value="views"/>
<property name="order" value="#{tilesViewResolver.order+1}" />
</bean>
<bean id="tilesConfigurer" class="org.springframework.web.servlet.view.tiles3.TilesConfigurer">
<property name="definitions">
<list>
<value>/WEB-INF/tile-defs/templates.xml</value>
<value>/WEB-INF/tile-defs/definitions.xml</value>
</list>
</property>
</bean>
</beans>
/WEB-INF/tile defs/templates.xml
/WEB-INF/tile defs/definitions.xml
在项目中使用相同的配置而不使用Tiles,不会出现任何问题。你能告诉我我做错了什么吗。。。此尝试可在以下网址获得:
这个问题和这里的问题很相似,但还没有答案 在
CustomLoginController
中,您已经通过@RequestMapping(value=“custom\u login”,method=RequestMethod.GET)
对login
方法进行了注释。仅当HTTP请求方法为GET而不是POST时,才会调用此方法
也许您的意思是
@RequestMapping(value=“custom\u login”,method=RequestMethod.POST)
?在表单登录配置中将登录处理url设置为/j\u spring\u security\u check有帮助:
<form-login
login-page="/login/custom_login"
login-processing-url="/j_spring_security_check"
username-parameter="username"
password-parameter="password" />
Hi Tunaki,它必须是RequestMethod.GET
,因为该方法映射到显示登录表单的页面……当Spring尝试访问/j\u Spring\u安全检查时出现问题,尽管csrf已启用并交付,正如一些人所建议的,即使我将username
更改为username1
(错误)在spring安全上下文配置中,它显示相同的错误,这意味着它没有到达数据库。。。
<form name='loginForm'
action="<c:url value='/j_spring_security_check' />" method='POST'>
<table>
<tr>
<td>User:</td>
<td><input type='text' name='username' value=''></td>
</tr>
<tr>
<td>Password:</td>
<td><input type='password' name='password' /></td>
</tr>
<tr>
<td colspan='2'>
<input name="submit" type="submit" value="submit" />
</td>
</tr>
</table>
<input type="hidden"
name="${_csrf.parameterName}" value="${_csrf.token}" />
</form>
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd">
<!-- Views mapped in views.properties (PDF, XLS classes, and others) -->
<bean id="contentNegotiatingResolver"
class="org.springframework.web.servlet.view.ContentNegotiatingViewResolver">
<property name="order"
value="#{T(org.springframework.core.Ordered).HIGHEST_PRECEDENCE}" />
<property name="favorPathExtension" value="true"/>
<property name="contentNegotiationManager">
<bean class="org.springframework.web.accept.ContentNegotiationManager">
<constructor-arg>
<bean class="org.springframework.web.accept.PathExtensionContentNegotiationStrategy">
<constructor-arg>
<map>
<entry key="html" value="text/html"/>
<entry key="pdf" value="application/pdf"/>
<entry key="xsl" value="application/vnd.ms-excel"/>
<entry key="xml" value="application/xml"/>
<entry key="json" value="application/json"/>
<entry key="atom" value="application/xml"/>
</map>
</constructor-arg>
</bean>
</constructor-arg>
</bean>
</property>
</bean>
<bean id="tilesViewResolver"
class="org.springframework.web.servlet.view.UrlBasedViewResolver">
<property name="viewClass" value="org.springframework.web.servlet.view.tiles3.TilesView" />
<property name="order" value="#{contentNegotiatingResolver.order+1}" />
</bean>
<bean id="viewResolver" class="org.springframework.web.servlet.view.ResourceBundleViewResolver">
<property name="basename" value="views"/>
<property name="order" value="#{tilesViewResolver.order+1}" />
</bean>
<bean id="tilesConfigurer" class="org.springframework.web.servlet.view.tiles3.TilesConfigurer">
<property name="definitions">
<list>
<value>/WEB-INF/tile-defs/templates.xml</value>
<value>/WEB-INF/tile-defs/definitions.xml</value>
</list>
</property>
</bean>
</beans>
<form-login
login-page="/login/custom_login"
login-processing-url="/j_spring_security_check"
username-parameter="username"
password-parameter="password" />