FilterChainProxy:/j\u spring\u security\u检查没有匹配的筛选器

我正在尝试使用Spring安全默认登录机制，这是我在

security.xml

文件中配置的

<http pattern="/customer/**" auto-config="true" use-expressions="true" authentication-manager-ref="customerAuthenticationManager">
<intercept-url pattern="/customer" access="hasRole('AUTH_CUSTOMER')" />
<intercept-url pattern="/customer/" access="hasRole('AUTH_CUSTOMER')" />
<intercept-url pattern="/customer/*.html" access="hasRole('AUTH_CUSTOMER')" />
<intercept-url pattern="/customer/*/*.html" access="hasRole('AUTH_CUSTOMER')" />
<intercept-url pattern="/shop/customer/logon.html*" access="permitAll" />
<intercept-url pattern="/shop/customer/denied.html" access="permitAll"/>
<intercept-url pattern="/shop/customer/j_spring_security_check" access="permitAll"/>

<form-login login-processing-url="/shop/customer/j_spring_security_check" login-page="/shop/home.html"
   authentication-success-handler-ref="webshopAuthenticationSuccessHandler" 
/>
<logout invalidate-session="true" 
            logout-success-url="/customer/home.html" 
            logout-url="/customer/j_spring_security_logout" />
        <access-denied-handler error-page="/customer/denied.html"/>
</http>

这就是我使用ajax提交表单的方式

 var data = $(this).serializeObject();
            $.ajax({
                'type': "POST",
                'url': "<c:url value="/shop/customer/j_spring_security_check"/>",
                'data': data,
               'success': function(result) {
             }
            });
   return false;
 });

有什么想法吗？

• 您是否有多个

  http

  配置？如果不是，则不需要指定

• 如果您有多个

  http

  配置部分并使用Spring Security 3.1+，请从：
  为http元素定义一个模式可以控制 将通过其定义的筛选器列表进行筛选

这意味着您应该使用相同的模式定义多个安全过滤器，以便Spring分别匹配它们。而且，如果没有为

http

定义模式，则默认为

/*

，这是您在

web.xml

中定义的。因此，如果您没有特定的限制，那么首先测试所有

http

配置是否适用于一个元素，然后扩展到多个元素可能会更容易

• 尝试从最特定的模式配置到更通用的模式
• 尝试在配置结束时使用通配符选项
• 我相信带有

  pattern=“/customer/*/*.html”

  的应该是

  pattern=“/customer/*/*.html”

  。它缺少一个

  *

所以根据我所说的：

<http auto-config="true" use-expressions="true" authentication-manager-ref="customerAuthenticationManager">
<intercept-url pattern="/shop/customer/logon.html*" access="permitAll" />
<intercept-url pattern="/shop/customer/denied.html" access="permitAll"/>
<intercept-url pattern="/shop/customer/j_spring_security_check" access="permitAll"/>
<intercept-url pattern="/customer" access="hasRole('AUTH_CUSTOMER')" />
// XXX: bring in also your /admin configuration before the wildcards
<intercept-url pattern="/customer/*.html" access="hasRole('AUTH_CUSTOMER')" />
<intercept-url pattern="/customer/**/*.html" access="hasRole('AUTH_CUSTOMER')" />
...

//XXX：在使用通配符之前，还要引入/admin配置
...

---

希望这能有所帮助。

即使有建议的更改，我也面临同样的问题：（Yuor http元素不适用于

/shop/customer

，因为

模式=“/customer/**”

在http元素上。如果您有多个元素，请发布完整的配置，仅使用我们无法帮助您的片段。@M.Deinum我将发布其他信息日志记录非常清楚。没有匹配的内容。没有URL模式与您的

/shop/customer

匹配，因此spring security从未看到您的登录尝试。@M.Deinum：您可以吗如果将你的评论作为答案发布，我会将其标记为已接受。谢谢你的提示

DEBUG org.springframework.security.web.util.AntPathRequestMatcher: Checking match of request : '/shop/customer/j_spring_security_check'; against '/admin/**'
DEBUG org.springframework.security.web.util.AntPathRequestMatcher: Checking match of request : '/shop/customer/j_spring_security_check'; against '/customer/**'
DEBUG org.springframework.security.web.util.AntPathRequestMatcher: Checking match of request : '/shop/customer/j_spring_security_check'; against '/shop/services/private/**'
DEBUG org.springframework.security.web.FilterChainProxy: /shop/customer/j_spring_security_check has no matching filters
DEBUG org.springframework.web.servlet.DispatcherServlet: DispatcherServlet with name 'appServlet' processing POST request for [/sm-shop/shop/customer/j_spring_security_check]
DEBUG org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping: Looking up handler method for path /shop/customer/j_spring_security_check
DEBUG org.springframework.security.web.util.AntPathRequestMatcher: Checking match of request : '/resources/img/loading.gif'; against '/admin/**'
DEBUG org.springframework.security.web.util.AntPathRequestMatcher: Checking match of request : '/resources/img/loading.gif'; against '/customer/**'
DEBUG org.springframework.security.web.util.AntPathRequestMatcher: Checking match of request : '/resources/img/loading.gif'; against '/shop/services/private/**'

....

DEBUG org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping: Did not find handler method for [/shop/customer/j_spring_security_check]
WARN org.springframework.web.servlet.PageNotFound: No mapping found for HTTP request with URI [/sm-shop/shop/customer/j_spring_security_check] in DispatcherServlet with name 'appServlet'

<http auto-config="true" use-expressions="true" authentication-manager-ref="customerAuthenticationManager">
<intercept-url pattern="/shop/customer/logon.html*" access="permitAll" />
<intercept-url pattern="/shop/customer/denied.html" access="permitAll"/>
<intercept-url pattern="/shop/customer/j_spring_security_check" access="permitAll"/>
<intercept-url pattern="/customer" access="hasRole('AUTH_CUSTOMER')" />
// XXX: bring in also your /admin configuration before the wildcards
<intercept-url pattern="/customer/*.html" access="hasRole('AUTH_CUSTOMER')" />
<intercept-url pattern="/customer/**/*.html" access="hasRole('AUTH_CUSTOMER')" />
...