Spring MVC 4 Security 在 SSL 模式下不工作

标签 spring apache tomcat ssl

我的应用程序在不安全 (HTTP) 模式下正常运行。在 Tomcat + httpd 中安装 SSL 时,现在我正在获取应用程序的主页(登录),但在验证用户凭据(用户名、密码)时无法访问主页,尝试使用 https://hostname:8443/application/ 访问时错误如下:

javax.servlet.ServletException: File [/WEB-INF/views/403.jsp] not found
org.apache.jasper.servlet.JspServlet.handleMissingResource(JspServlet.java:418)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:398)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:340)
javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
org.apache.jasper.runtime.JspRuntimeLibrary.include(JspRuntimeLibrary.java:934)
org.apache.jasper.runtime.PageContextImpl.doInclude(PageContextImpl.java:679)
org.apache.jasper.runtime.PageContextImpl.include(PageContextImpl.java:673)
org.apache.tiles.request.jsp.JspRequest.doInclude(JspRequest.java:123)
org.apache.tiles.request.AbstractViewRequest.dispatch(AbstractViewRequest.java:47)
org.apache.tiles.request.render.DispatchRenderer.render(DispatchRenderer.java:47)
org.apache.tiles.request.render.ChainedDelegateRenderer.render(ChainedDelegateRenderer.java:68)
org.apache.tiles.impl.BasicTilesContainer.render(BasicTilesContainer.java:259)
org.apache.tiles.template.InsertAttributeModel.renderAttribute(InsertAttributeModel.java:188)
org.apache.tiles.template.InsertAttributeModel.execute(InsertAttributeModel.java:132)
org.apache.tiles.jsp.taglib.InsertAttributeTag.doTag(InsertAttributeTag.java:299)
org.apache.jsp.WEB_002dINF.layout.template_jsp._jspx_meth_c_005finsertAttribute_005f1(template_jsp.java:291)
org.apache.jsp.WEB_002dINF.layout.template_jsp._jspService(template_jsp.java:154)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:438)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:396)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:340)
javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
org.apache.tiles.request.servlet.ServletRequest.forward(ServletRequest.java:265)
org.apache.tiles.request.servlet.ServletRequest.doForward(ServletRequest.java:228)
org.apache.tiles.request.AbstractClientRequest.dispatch(AbstractClientRequest.java:57)
org.apache.tiles.request.render.DispatchRenderer.render(DispatchRenderer.java:47)
org.apache.tiles.impl.BasicTilesContainer.render(BasicTilesContainer.java:259)
org.apache.tiles.impl.BasicTilesContainer.render(BasicTilesContainer.java:397)
org.apache.tiles.impl.BasicTilesContainer.render(BasicTilesContainer.java:238)
org.apache.tiles.impl.BasicTilesContainer.render(BasicTilesContainer.java:221)
org.apache.tiles.renderer.DefinitionRenderer.render(DefinitionRenderer.java:59)
org.springframework.web.servlet.view.tiles3.TilesView.renderMergedOutputModel(TilesView.java:132)
org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:303)
org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1243)
org.springframework.web.servlet.DispatcherServlet.processDispatchResult(DispatcherServlet.java:1027)
org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:971)
org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:968)
org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:859)
javax.servlet.http.HttpServlet.service(HttpServlet.java:622)
org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:844)
javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
org.springframework.security.web.firewall.RequestWrapper$FirewalledRequestAwareRequestDispatcher.forward(RequestWrapper.java:154)
org.springframework.security.web.access.AccessDeniedHandlerImpl.handle(AccessDeniedHandlerImpl.java:72)
org.springframework.security.web.access.ExceptionTranslationFilter.handleSpringSecurityException(ExceptionTranslationFilter.java:190)
org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:134)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:169)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:121)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:100)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
org.springframework.security.web.access.channel.ChannelProcessingFilter.doFilter(ChannelProcessingFilter.java:157)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214)
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
org.springframework.web.multipart.support.MultipartFilter.doFilterInternal(MultipartFilter.java:118)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

这是安全配置方法:

/**
 * Configuración de la seguridad HTTP.
 */
@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().
            antMatchers("/login","/403","/resources/**").permitAll().
            anyRequest().access("hasRole('ROLE_USER')"). //.hasAnyRole("hasRole('ROLE_USER')").
            and().
         formLogin().
            loginPage("/login").usernameParameter("username").passwordParameter("password").
            and().
         logout().
            permitAll().
            and().
         exceptionHandling().accessDeniedPage("/403").and().
            csrf();
}

有什么想法吗?

BR

最佳答案

只需将 Tomcat 从 8.0 升级到 8.5.5, war 部署就正确了。这是一个 Tomcat 问题。

谢谢

BR

关于Spring MVC 4 Security 在 SSL 模式下不工作,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/39878969/

上一篇:apache 2.4.6 代理 https 到 http Tomcat 7.0.68

下一篇:java - 将子域重定向到工作 HTTPS-Tomcat(使用 NGINX)

相关文章:

java - 将之前写入 HDFS 的 lucene 索引加载到 RamDirectory

spring - 在 MongoDB for Spring 中查找/删除 @DBref 列表项

Java/Spring - 列表的 JPA 持久化

apache - XSL FO - 格式化表格以防止溢出

java - eclipse : use Struts Actions of imported Project

java - 为什么 tomcat 没有在 window 7 的用户帐户中运行?

spring - 如果使用 Spring 而不使用 EJB,Glassfish 是否有点矫枉过正?

java - tomcat没有正常启动

spring - 在带有 CORS 的 REST 中使用 Spring 登录时出现问题

apache - 使用 Mahout 对数据进行分类

©2024 IT工具网  联系我们