我最近使用 spring security 添加了过滤器到之前工作过的 spring mvc 应用程序。过滤器工作得很好,但 spring 找不到 .jsp 文件了。例如,我在 /autoPA/WEB-INF/views/csvuploadform.jsp 中有一个 jsp,绑定(bind)到映射到 /upload 的 Controller 。
当我尝试访问 /upload 时,我必须经过身份验证。一旦我访问了 Controller (日志证明了这一点),但我得到了 404 和日志中的 在 DispatcherServlet 中找不到带有 URI [/autoPA/WEB-INF/views/csvuploadform.jsp] 的 HTTP 请求映射,名称为“SocialServlet”。
由于除了 web.xml 之外,我的代码中没有任何更改,因此我认为这里有问题,但我看不出问题出在哪里。
这是上述文件:
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<context-param>
<param-name>spring.profiles.active</param-name>
<param-value>dev</param-value>
</context-param>
<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>hiddenHttpMethodFilter</filter-name>
<filter-class>org.springframework.web.filter.HiddenHttpMethodFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>hiddenHttpMethodFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>SocialServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/social-context.xml
</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
<async-supported>true</async-supported>
</servlet>
<servlet-mapping>
<servlet-name>SocialServlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>RESTServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/restapi-context.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>RESTServlet</servlet-name>
<url-pattern>/api/*</url-pattern>
</servlet-mapping>
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext.xml,
/WEB-INF/spring-security.xml
</param-value>
</context-param>
这是 spring-security.xml 文件:
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.3.xsd">
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/api/**" access="permitAll" />
<intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="test" password="test" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
这是social-context.html:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.springframework.org/schema/beans"
xsi:schemaLocation="
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.2.xsd">
<import resource="properties/socialProperties.xml" />
<context:component-scan base-package="com.dynamease.web.social" />
<context:annotation-config />
<mvc:annotation-driven />
<mvc:interceptors>
<bean class="com.dynamease.entity.springsocialentities.UserInterceptor">
<constructor-arg ref="usersConnectionRepository" />
</bean>
</mvc:interceptors>
<bean
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/views/" />
<property name="suffix" value=".jsp" />
</bean>
<!-- Allows users to sign-in with their provider accounts. -->
<bean class="org.springframework.social.connect.web.ProviderSignInController">
<constructor-arg ref="connectionFactoryLocator" />
<constructor-arg ref="usersConnectionRepository" />
<constructor-arg>
<bean class="com.dynamease.entity.springsocialentities.SimpleSignInAdapter" />
</constructor-arg>
</bean>
<mvc:view-controller path="/signin" />
<mvc:view-controller path="/signout" />
<mvc:view-controller path="/choice" />
<!-- Upload -->
<!-- <bean class="org.springframework.web.servlet.mvc.support.ControllerClassNameHandlerMapping"
/> -->
<bean id="multipartResolver"
class="org.springframework.web.multipart.commons.CommonsMultipartResolver" />
</beans>
我的 Controller 之一:`
@Controller
@RequestMapping(value = "/upload")
public class CSVUploadController {
@Autowired
private DynClassifierCSV csvClassifier;
@Autowired
private DynDirectoryServiceImpl dynDirectoryServiceImpl;
@Autowired
private DynCSVService csvService;
private final Logger logger = LoggerFactory.getLogger(FileUpload.class);
@RequestMapping(method = RequestMethod.GET)
public String getUploadForm(Model model) {
model.addAttribute(new UploadItem());
return "csvuploadform";
}
}`
有什么想法吗?
最佳答案
我发现了问题:我替换了<url-pattern>/*</url-pattern>通过 <url-pattern>/</url-pattern>并且它有效。
关于java - 设置Spring security后无法再访问jsp,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/17451162/