在spring-security中找不到/ login的映射
[英]Mapping of /login in spring-security not found
问题描述
I am facing some problem in spring -security whenever i clicked on the submit it redirect to the below url and i got 404
每当我单击提交并将其重定向到以下URL时,我在spring -security中都遇到一些问题,我得到了404
HTTP Status 404 - for url
localhost:8080/TestingSecurity/login
I guess there is some issue in registering springsecurity filter
code for ConfigurationDefaultXml.java ConfigurationDefaultXml.java的代码
package cms.config;
@Configuration
@EnableWebMvc
@ComponentScan(basePackages = {"cms.controller"})
@Import(value = { SecurityConfiguration.class })
public class ConfigurationDefaultXml extends WebMvcConfigurerAdapter{
@Bean
public ViewResolver jspviewResolver() {
InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
viewResolver.setViewClass(JstlView.class);
viewResolver.setPrefix("/WEB-INF/views/");
viewResolver.setSuffix(".jsp");
return viewResolver;
}
@Bean
public ViewResolver contentNegotiatingViewResolver(
ContentNegotiationManager manager) {
ContentNegotiatingViewResolver resolver = new ContentNegotiatingViewResolver();
resolver.setContentNegotiationManager(manager);
// Define all possible view resolvers
List<ViewResolver> resolvers = new ArrayList<ViewResolver>();
resolvers.add(jspviewResolver());
resolver.setViewResolvers(resolvers);
return resolver;
}
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/resources/**").addResourceLocations("/resources/design/");
}
}
Code of SecurityConfiguration.java
package cms.config;
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("user1").password("abc123").roles("USER");
auth.inMemoryAuthentication().withUser("admin").password("root123").roles("ADMIN");
auth.inMemoryAuthentication().withUser("dba1").password("root123").roles("ADMIN","DBA");//dba have two roles.
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/", "/home").permitAll()
.antMatchers("/admin/**").access("hasRole('ADMIN')")
.antMatchers("/db/**").access("hasRole('ADMIN') and hasRole('DBA')")
.and().formLogin().loginPage("/logincustom")
.usernameParameter("ssoId").passwordParameter("password")
.and().csrf()
.and().exceptionHandling().accessDeniedPage("/Access_Denied");
}
}
SecurityWebApplicationInitializer.java
package cms.config; 软件包cms.config;
import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer{
}
code of SpringMvcInitializer.java
package cms.config;
import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer;
public class SpringMvcInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class<?>[] getRootConfigClasses() {
return new Class[] { ConfigurationDefaultXml.class};
}
@Override
protected Class<?>[] getServletConfigClasses() {
return null;
}
@Override
protected String[] getServletMappings() {
return new String[] { "/" };
}
}
coding of form button is given below
<form action="${loginUrl}" method="post" class="form-horizontal">
<c:if test="${param.error != null}">
<div class="alert alert-danger">
<p>Invalid username and password.</p>
</div>
</c:if>
<c:if test="${param.logout != null}">
<div class="alert alert-success">
<p>You have been logged out successfully.</p>
</div>
</c:if>
<div class="input-group input-sm">
<label class="input-group-addon" for="username"><i class="fa fa-user"></i></label>
<input type="text" class="form-control" id="username" name="ssoId" placeholder="Enter Username" required>
</div>
<div class="input-group input-sm">
<label class="input-group-addon" for="password"><i class="fa fa-lock"></i></label>
<input type="password" class="form-control" id="password" name="password" placeholder="Enter Password" required>
</div>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
<div class="form-actions">
<input type="submit"
class="btn btn-block btn-primary btn-default" value="Log in">
</div>
</form>
1 个解决方案
解决方案1
2 已采纳 2016-09-15 14:48:38
Even though it will not be used as the login post URL, you need to add a loginProcessingUrl for your custom login: 即使它不会用作登录帖子URL,您也需要为您的自定义登录添加一个loginProcessingUrl:
.formLogin().loginPage("/logincustom").loginProcessingUrl("/doLogin")
.usernameParameter("ssoId").passwordParameter("password")
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
春季安全/登录重定向 - Spring-security /login redirecting
使用Spring Security进行Facebook登录 - Facebook login with spring-security
spring-security login?logout重定向到登录 - spring-security login?logout redirects to login
如何禁用 spring-security 登录屏幕? - How to disable spring-security login screen?
Spring,Spring-security:即使登录失败,Spring-security也将返回302 - Spring, Spring-security : Spring-security returning 302, even if login failed
Spring-Security:升级到Spring-Security 4.1后,用户名将被发送为空以进行登录 - Spring-Security : Username is sent empty for login after upgrade to Spring-Security 4.1
BadCredentialsException是spring-security - BadCredentialsException is spring-security
剖析弹簧安全性 - Profile into spring-security
Spring-Security:使用登录时返回的cookie访问安全资源 - Spring-Security : Accessing secured resources using cookie returned at login
如何使用Spring-security以编程方式登录用户? - How to login a user programmatically using Spring-security?
相关标签