我最近在我的 MVC 系统中实现了 spring security。实现此后,JS 和 CSS 不会被加载(给出 404 错误)。
Spring 安全 XML:
<global-method-security secured-annotations="enabled" />
<http pattern="/**/*.css" security="none" />
<http pattern="/**/*.js" security="none" />
<http pattern="/**/*.png" security="none" />
<http pattern="/**/*.jpg" security="none" />
<http pattern="/**/*.gif" security="none" />
<http pattern="/resources/**" security="none" />
<!-- enable use-expressions -->
<http auto-config="true" use-expressions="true" entry-point-ref="authenticationEntryPoint">
<!-- Dashboard & resources -->
<intercept-url pattern="/" access="permitAll" />
<intercept-url pattern="/loginRequest**" access="permitAll" />
<intercept-url pattern="/logout**" access="permitAll" />
<intercept-url pattern="/dashboard**" access="permitAll" />
<intercept-url pattern="/resources**" access="permitAll" />
<!-- Incoming Product -->
<intercept-url pattern="/incomingProduct**" access="hasRole('Administrator') and hasRole('Local_Administrator') and hasRole('Supervisor') and hasRole('Manager')" />
<!-- Maintanence pages -->
<intercept-url pattern="/depotUser**" access="hasRole('Administrator') and hasRole('Local_Administrator')" />
<intercept-url pattern="/product**" access="hasRole('Administrator') and hasRole('Local_Administrator') and hasRole('Supervisor') and hasRole('Manager')" />
<intercept-url pattern="/productOwner**" access="hasRole('Administrator') and hasRole('Local_Administrator') and hasRole('Supervisor') and hasRole('Manager')" />
<intercept-url pattern="/storageTank**" access="hasRole('Administrator') and hasRole('Local_Administrator') and hasRole('Supervisor') and hasRole('Manager')" />
<intercept-url pattern="/admin**" access="hasRole('Administrator')" />
<!-- access denied page -->
<access-denied-handler error-page="/error/403" />
<form-login
login-page="/"
login-processing-url="/loginRequest"
default-target-url="/dashboard/home"
authentication-failure-url="/loginPage?invalidLogin=Yes"
username-parameter="username"
password-parameter="password"
/>
<logout logout-success-url="/logout" />
<!-- enable csrf protection -->
<csrf />
<custom-filter before="FORM_LOGIN_FILTER" ref="authenticationFilter"/>
</http>
我已在分派(dispatch)的 servlet XML 中定义了资源路径:
<mvc:resources mapping="/resources/**" location="/WEB-INF/resources/" />
我的 JS 和 CSS 如下:
<script src="./resources/plugins/jQuery/jQuery-2.1.4.min.js"></script>
<!-- Bootstrap 3.3.2 JS -->
<script src="./resources/bootstrap/js/bootstrap.min.js" type="text/javascript"></script>
<!-- Bootstrap 3.3.4 -->
<link href="./resources/bootstrap/css/bootstrap.min.css" rel="stylesheet" type="text/css" />
我认为我在这里忽略了一些错误。
有人可以帮助我吗?
提前谢谢。
最佳答案
通过在页面上添加这行代码来尝试使用 jSTL 核心库。
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
而不是使用这个。
<script src="./resources/plugins/jQuery/jQuery-2.1.4.min.js"></script>
尝试使用这个。
<script src="<c:url value="/resources/plugins/jQuery/jQuery-2.1.4.min.js"/>"></script>
关于java - Spring Security 未加载 js 和 css。 (给出404错误),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/34864040/