[英]Spring Security Url Pattern is not working
這是我的web.xml
<filter>
<display-name>springSecurityFilterChain</display-name>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/</url-pattern>
</filter-mapping>
這是我的security-context.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user authorities="admin" name="logan"
password="user" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
<security:http use-expressions="true">
<security:intercept-url pattern="/" access="permitAll" />
<security:intercept-url pattern="/admin/*" access="denyAll" />
<security:form-login />
</security:http>
</beans>
我不知道為什么我仍然可以訪問/ admin之后的所有內容,例如/ admin / home將我重定向到儀表板,而不是將我重定向到登錄頁面,這是怎么工作的? 我春天剛來。
這仍然是一個猜測,但我認為“僅”在過濾器映射中添加“星號” *
可以解決此問題:
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
?
竊竊私語,這也意味着您已對“如何”和“為什么”進行了其他所有正確的設置(這是特定於web.xml / servlet規范的內容...假設3.0):
您是否將文件包含在web.xml
例如:
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring-security.xml
</param-value>
</context-param>
您也可以嘗試在網址格式中添加/*
:
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.