Warning: file_get_contents(/data/phpspider/zhask/data//catemap/5/ruby-on-rails-4/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
用于拒绝访问处理程序的spring security 404_Spring_Spring Security - Fatal编程技术网
Fatal编程技术网
  • spring/
  • 用于拒绝访问处理程序的spring security 404

用于拒绝访问处理程序的spring security 404

spring spring-security

用于拒绝访问处理程序的spring security 404,spring,spring-security,Spring,Spring Security,我正在尝试将我的spring mvc webapp设置为使用spring拒绝访问处理程序,但无法让它捕获错误。使用我的配置,看起来spring正向拒绝访问的处理程序前进,但由于某种原因,当我的拒绝访问处理程序被执行时,我得到一个404未找到。HTTP状态404-/accessDenied <!-- Resources --> <intercept-url pattern="/resources/css/*" access="IS_AUTHENTICATED_ANONYMOUSL

我正在尝试将我的spring mvc webapp设置为使用spring拒绝访问处理程序,但无法让它捕获错误。使用我的配置,看起来spring正向拒绝访问的处理程序前进,但由于某种原因,当我的拒绝访问处理程序被执行时,我得到一个404未找到。HTTP状态404-/accessDenied

<!-- Resources -->
<intercept-url pattern="/resources/css/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/resources/images/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/resources/js/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />

<!-- Pages -->  
<intercept-url pattern="/login" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/accessDenied" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/welcome" access="ROLE_LEVEL7" />
<intercept-url pattern="/priceOverride" access="ROLE_LEVEL7" /> 

<!-- Error handlers -->
<access-denied-handler ref="accessDeniedHandler" />
有人能帮我找出这里可能出了什么问题吗?我确实有一个名为accessDenied.jsp的jsp

<!-- Resources -->
<intercept-url pattern="/resources/css/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/resources/images/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/resources/js/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />

<!-- Pages -->  
<intercept-url pattern="/login" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/accessDenied" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/welcome" access="ROLE_LEVEL7" />
<intercept-url pattern="/priceOverride" access="ROLE_LEVEL7" /> 

<!-- Error handlers -->
<access-denied-handler ref="accessDeniedHandler" />  


<!-- Resources -->
<intercept-url pattern="/resources/css/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/resources/images/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/resources/js/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />

<!-- Pages -->  
<intercept-url pattern="/login" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/accessDenied" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/welcome" access="ROLE_LEVEL7" />
<intercept-url pattern="/priceOverride" access="ROLE_LEVEL7" /> 

<!-- Error handlers -->
<access-denied-handler ref="accessDeniedHandler" />  




<!-- Resources -->
<intercept-url pattern="/resources/css/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/resources/images/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/resources/js/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />

<!-- Pages -->  
<intercept-url pattern="/login" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/accessDenied" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/welcome" access="ROLE_LEVEL7" />
<intercept-url pattern="/priceOverride" access="ROLE_LEVEL7" /> 

<!-- Error handlers -->
<access-denied-handler ref="accessDeniedHandler" />
然后在我的mvc调度程序servlet中

<!-- Resources -->
<intercept-url pattern="/resources/css/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/resources/images/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/resources/js/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />

<!-- Pages -->  
<intercept-url pattern="/login" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/accessDenied" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/welcome" access="ROLE_LEVEL7" />
<intercept-url pattern="/priceOverride" access="ROLE_LEVEL7" /> 

<!-- Error handlers -->
<access-denied-handler ref="accessDeniedHandler" />  

    <context:component-scan base-package="com.company.reporting.controller" />
   <bean id="accessDeniedHandler" 
        class="com.company.reporting.handler.ReportingAccessDeniedHandler">
        <property name="accessDeniedUrl" value="/accessDenied" />
   </bean>
    <bean
        class="org.springframework.web.servlet.view.InternalResourceViewResolver">
        <property name="prefix">
            <value>/WEB-INF/pages/</value>
        </property>
        <property name="suffix">
            <value>.jsp</value>
        </property>
    </bean>
    <mvc:resources mapping="/resources/**" location="/resources/" />    
    <mvc:annotation-driven />


/WEB-INF/pages/
.jsp


<!-- Resources -->
<intercept-url pattern="/resources/css/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/resources/images/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/resources/js/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />

<!-- Pages -->  
<intercept-url pattern="/login" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/accessDenied" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/welcome" access="ROLE_LEVEL7" />
<intercept-url pattern="/priceOverride" access="ROLE_LEVEL7" /> 

<!-- Error handlers -->
<access-denied-handler ref="accessDeniedHandler" />
谢谢

创建accessDeniedHandler bean是不够的。这个bean只会将您的请求重定向到/accessDenied URL。还应使用以下代码创建AccessDeniedController(或将其命名为smth):

<!-- Resources -->
<intercept-url pattern="/resources/css/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/resources/images/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/resources/js/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />

<!-- Pages -->  
<intercept-url pattern="/login" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/accessDenied" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/welcome" access="ROLE_LEVEL7" />
<intercept-url pattern="/priceOverride" access="ROLE_LEVEL7" /> 

<!-- Error handlers -->
<access-denied-handler ref="accessDeniedHandler" />  

@Controller
public class AccessDeniedController {

    @RequestMapping(value = "/accessDenied")
    public String handleAccessDenied(){
        return "accessDenied";
    }
}
并将其放入“com.company.reporting.controller”包。

我决定不需要覆盖默认的拒绝访问处理程序。因此,我所做的不是实现一个处理程序,而是将它添加到我的安全配置中

<!-- Resources -->
<intercept-url pattern="/resources/css/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/resources/images/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/resources/js/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />

<!-- Pages -->  
<intercept-url pattern="/login" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/accessDenied" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/welcome" access="ROLE_LEVEL7" />
<intercept-url pattern="/priceOverride" access="ROLE_LEVEL7" /> 

<!-- Error handlers -->
<access-denied-handler ref="accessDeniedHandler" />  

<access-denied-handler error-page="/accessDenied.htm"/>