[英]Spring security not able to find login url
我有一個現有的Web應用程序。 我正在嘗試將Spring Security與之集成在一起。 我在部署應用程序后無法識別spring security的登錄URL,這是錯誤的,我看不到任何錯誤
org.springframework.security.web.DefaultSecurityFilterChain創建過濾器鏈:org.springframework.security.web.util.matcher.AnyRequestMatcher@1,[org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@71cc932,組織。 springframework.security.web.context.SecurityContextPersistenceFilter@71d35b4,org.springframework.security.web.header.HeaderWriterFilter@71d1f86,org.springframework.security.web.csrf.CsrfFilter@71d08b7,org.springframework.security.web.authentication。 logout.LogoutFilter@71d4ca2,org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@71ceaed,org.springframework.security.web.savedrequest.RequestCacheAwareFilter@71d4047,org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@71cd7f9, springframework.security.web.authentication.AnonymousAuthenticationFilter@71cfc0f,org.springframework.security.web.session.SessionManagementFilter@71d2ae9,org.springframework.security.web.access .ExceptionTranslationFilter @ 71d141a,org.springframework.security.web.access.intercept.FilterSecurityInterceptor @ 71d5b32]
當我嘗試登錄時我得到這個
找不到文件:com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor._processEDR(DefaultExtensionProcessor.java:893)上的com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor.processEDR(DefaultExtensionProcessor.java:874)上的/ j_spring_security_check com.ibm.ws.webcontainer.filter.com上的.ibm.ws.webcontainer.extension.DefaultExtensionProcessor.handleRequest(DefaultExtensionProcessor.java:434)在com.ibm.ws.webcontainer.filter上的com.ibm.ws.webcontainer.filter.WebAppFilterChain.invokeTarget(WebAppFilterChain.java:125) com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:926)上的.WebAppFilterChain.doFilter(WebAppFilterChain.java:77)com.ibm.ws.webcontainer.filter.WebAppFilterManager.invokeFilters(WebAppFilterManager.java :1023)位於com.ibm.ws.webcontainer.webapp.WebApp.WebApp.handleRequest(WebApp.java:3703),位於com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:304)。 com.ibm.ws.webcontainer上的ws.webcontainer.WebContainer.handleRequest(WebContainer.java:962) .com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:195)處的.WSWebContainer.handleRequest(WSWebContainer.java:1662)(com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination) (HttpInboundLink.java:452)com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest(HttpInboundLink.java:511)com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest (HttpInboundLink.java:305)com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:276)com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback .java:214)com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113)com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165) )com.ibm.io.async.AsyncChannelFuture.f上com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217) com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204)的com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138)的ireCompletionActions(AsyncChannelFuture.java:161) .io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775)在com.ibm.io.async.ResultHandler $ 2.run(ResultHandler.java:905)在com.ibm.ws.util.ThreadPool $ Worker.run( ThreadPool.java:1659)
配置文件
@Configuration
@EnableWebMvcSecurity
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
JdbcTemplate jdbcTemp;
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
System.out.println("SecurityConfig.configAuthentication() - START");
auth.jdbcAuthentication().dataSource(jdbcTemp.getDataSource())
.usersByUsernameQuery(
"select id,pwd,'true' as enabled from scm_users where id=?")
.authoritiesByUsernameQuery(
"select id, 'default' from scm_users where id=?");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/admin/**").access("hasRole('ROLE_ADMIN')")
.and()
.formLogin().loginPage("/userLogin.htm").failureUrl("/userLogin.htm?error")
.usernameParameter("id").passwordParameter("pwd")
.and()
.logout().logoutSuccessUrl("/userLogin.htm?logout")
.and()
.exceptionHandling().accessDeniedPage("/403")
.and()
.csrf();
}
}
web.xml中
<servlet>
<servlet-name>spring</servlet-name>
<servlet-class>
org.springframework.web.servlet.DispatcherServlet
</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>spring</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<error-page>
<error-code>404</error-code>
<location>/WEB-INF/pages/PageNotFound.jsp</location>
</error-page>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring-servlet.xml
</param-value>
</context-param>
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
在我的spring-servlet中,該文件位於web-inf文件夾中。 我沒有任何應用程序上下文,因此指向spring-servlet.xml。 那是對的嗎。
為spring-servlet.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"........
<mvc:annotation-driven />
<context:annotation-config />
<context:component-scan base-package="org.ibm.idea.scm.*" />
<bean class="org.springframework.web.servlet.view.ContentNegotiatingViewResolver">
<property name="mediaTypes">
<map>
<entry key="html" value="text/html"/>
<entry key="json" value="application/json"/>
</map>
</property>
<property name="viewResolvers">
<list>
<bean class="org.springframework.web.servlet.view.UrlBasedViewResolver">
<property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/>
<property name="prefix" value="/WEB-INF/pages/" />
<property name="suffix" value=".jsp" />
</bean>
</list>
</property>
<property name="defaultViews">
<list>
<bean class="org.springframework.web.servlet.view.json.MappingJacksonJsonView">
<property name="prefixJson" value="true"/>
</bean>
</list>
</property>
</bean>
<bean id="portalDataSource" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="SCMDB" />
</bean>
<bean id="portalCRMDataSource" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="CRMDB"/>
</bean>
<!--
<bean id="portalDataSource" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="jndi/SCMDB" />
</bean>
<bean id="portalCRMDataSource" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="jndi/CRMDB"/>
</bean> -->
<bean id="jdbcTemp" class="org.springframework.jdbc.core.JdbcTemplate">
<property name="dataSource" ref="portalDataSource" />
</bean>
<bean id="jdbcTempCRM" class="org.springframework.jdbc.core.JdbcTemplate">
<property name="dataSource" ref="portalCRMDataSource" />
</bean>
<bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver" />
</beans>
登錄jsp表格
<form class="loginInput" class="col-md-4" action="<c:url value='/j_spring_security_check' />" method="post"> <div class="row"> <div class="col-lg-12"> <p> <b>Sign In</b> </p> </div> <div class="col-lg-12"> <input type="text" placeholder="User Name" name="id" class="form-control"> </div> <div class="col-lg-12"> <input type="password" placeholder="Password" name="pwd" class="form-control"> </div>
請指出錯誤
Adeeb
此問題與Websphere Web容器有關。 請遵循以下指示
該信息可在其他地方獲得,但是為了最大程度地減少查看此線程的任何人的痛苦,可以按以下方式解決此問題:
WAS必須為6.1.0.11或更高版本。
必須在Web容器上設置一個自定義屬性,以便WAS可以與決定提交響應的過濾器很好地配合,而不是將責任傳遞給鏈中的下一個過濾器。 com.ibm.ws.webcontainer.invokefilterscompatibility = true
有關錯誤和修復的更多信息,請參見:
http://www-01.ibm.com/support/docview.wss?uid=swg24014758
使用此處提供的指導在WebSphere管理控制台中設置此屬性:
http://www-01.ibm.com/support/docview.wss?rss=180&uid=swg21284395
來源 。
一種建議是將您的loginPage("/userLogin.htm")
替換為您在控制器中設置的RequestMapping
。
希望對您有所幫助。
編輯
嘗試將其添加到您的xml配置文件中:
<beans>
<context:annotation-config/>
<bean class="your.package.SecurityConfig"/>
</beans>
有關更多詳細信息,請轉到此處 。
替換為-> <c:url value='/j_spring_security_check' />" method="post">
與-> <c:url value='/YourAppName/j_spring_security_check' />" method="post">
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.