如何在Spring Security的登錄頁面中訪問資源包？

Question

我通過Internet嘗試了很多解決方案，但是無法訪問login.jsp文件中的資源包。 我的應用配置了Spring Security。

我試圖通過spring控制器路由登錄頁面，以便可以訪問JSP中的資源包，但是卻遇到了無限循環。

這是我的spring-security.xml文件

<sec:global-method-security pre-post-annotations="enabled" />

    <sec:http pattern="/css/**" security="none"/>
    <sec:http pattern="/images/**" security="none"/>
    <sec:http pattern="/js/**" security="none"/>
    <sec:http pattern="/index.jsp" security="none"/>
    <!-- <sec:http pattern="/app/addNewUser.json" security="none"/> -->
    <sec:http pattern="/app/login.jsp" security="none"/>
    <sec:http use-expressions="true">

        <!--
             Allow all other requests. In a real application you should
             adopt a whitelisting approach where access is not allowed by default
          -->
        <sec:intercept-url pattern="/**" access="isAuthenticated()" />
        <sec:form-login login-page='/app/login.jsp'
          authentication-failure-url="/app/login.jsp?login_error=1"
          default-target-url="/index.jsp" />
        <sec:logout logout-success-url="/app/login.jsp" delete-cookies="JSESSIONID"/>
        <sec:remember-me />

我正在嘗試使用<spring:message code="login.name" />訪問資源包，但由於出現錯誤

No message found under code 'login.name' for locale 'en_US'. 

這是web.xml條目

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
  <display-name>Spring3MVC</display-name>
  <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>
            /WEB-INF/spring-rootcontext.xml
            /WEB-INF/spring-security-no-cas.xml
        </param-value>
    </context-param>
       <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
      <filter-name>springSecurityFilterChain</filter-name>
      <url-pattern>/*</url-pattern>
    </filter-mapping> 

    <!--
      - Loads the root application context of this web app at startup.
    -->
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>


  <welcome-file-list>
    <welcome-file>index.jsp</welcome-file>
  </welcome-file-list>

  <servlet>
    <servlet-name>spring</servlet-name>
    <servlet-class>
            org.springframework.web.servlet.DispatcherServlet
        </servlet-class>
    <load-on-startup>1</load-on-startup>
  </servlet>
  <servlet-mapping>
    <servlet-name>spring</servlet-name>
    <url-pattern>/app/*</url-pattern>
  </servlet-mapping>
 <filter>
       <filter-name>CAS Single Sign Out Filter</filter-name>
       <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
    </filter>
 <filter-mapping>
       <filter-name>CAS Single Sign Out Filter</filter-name>
       <url-pattern>/*</url-pattern>
    </filter-mapping>
    <listener>
        <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
    </listener>

</web-app>

讓我知道任何解決方案..

Answer 1

將登錄重定向到Spring MVC解析的頁面，例如； /login.htm-假設“ htm”映射到Spring MVC調度程序。

...
<sec:form-login login-page='/login.htm'
      authentication-failure-url="/login.htm?login_error=1"
      default-target-url="/index.htm" />
<sec:logout logout-success-url="/login.htm" delete-cookies="JSESSIONID"/>
...

然后為該URL定義一個JSP視圖解析器

<mvc:view-controller path="/login.htm" view-name="<where-jsp-are-stored>/app/login.jsp"/>

您應該能夠解析消息。