Spring安全性阻止css,js文件被加载到jsp页面上
[英]Spring security blocks css, js files from being loaded on jsp page
问题描述
我正在使用spring安全性进行登录操作,一切正常但登录页面没有相应的样式表文件。
这是我的spring-security.xml配置文件。
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
<security:http security="none" pattern="/resources/**"></security:http>
<security:http security="none" pattern="/resources/css/*"></security:http>
<security:http security="none" pattern="/resources/js/*"></security:http>
<security:http auto-config="true">
<security:intercept-url pattern="/login" access="permitAll"/>
<security:intercept-url pattern="/entry.html"
access="hasRole('ROLE_USER')" />
<security:form-login login-page="/login"
default-target-url="/entry.html" authentication-failure-url="/login?error"
username-parameter="username" password-parameter="password" />
<security:logout logout-success-url="/login?logout"></security:logout>
<security:csrf/>
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="user" password="123456"
authorities="ROLE_USER"></security:user>
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
</beans>
login.jsp的
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<html>
<head>
<title>Login Page</title>
<link rel="stylesheet" type="text/css"
href="<%=request.getContextPath()%>/resources/css/bootstrap.min.css">
</head>
<body>
<div class="container">
<div class="row">
<div class="col-md-4"></div>
<div class="col-md-4">
<div class="login-panel panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">Login with Username and Password</h3>
</div>
<div class="panel-body">
<c:if test="${not empty error}">
<div class="error">${error}</div>
</c:if>
<c:if test="${not empty msg}">
<div class="msg">${msg}</div>
</c:if>
<form name='loginForm'
action="<c:url value='j_spring_security_check' />" method="post">
<fieldset>
<div class="form-group">
<input class="form-control" placeholder="Username ..."
name="username" type="text" />
</div>
<div class="form-group">
<input class="form-control" placeholder="Password ..."
name="password" type="password" />
</div>
<div>
<input type="submit" value="Login" class="btn btn-success"
name="submit" />
</div>
</fieldset>
<input type="hidden" name="${_csrf.parameterName}"
value="${_csrf.token}" />
</form>
</div>
</div>
</div>
<div class="col-md-4"></div>
</div>
</div>
</body>
</html>
我不知道为什么它不加载css文件,我试图提供资源文件夹中存在的文件的所有可能的权限,但没有结果。
1 个解决方案
解决方案1
0 2017-02-16 14:41:04
将此行添加到spring web config
<mvc:resources mapping="/resources/**" location="/resources/" />
并在你的jsp中为include css添加这一行
<link href="<c:url value="/resources/css/main.css" />" rel="stylesheet">
为spring security usign xml config添加此ligne
<http pattern="/resources/**" security="none"/>
要么
<intercept-url pattern="/resources/**" filters="none"/>
使用java配置
web.ignoring().antMatchers("/resources/**");
无法从Spring Boot应用程序将静态内容加载到JSP页面中
[英]Static content is not getting loaded in JSP page from spring boot application
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.