我有一个现有的网络应用程序。我正在尝试将 spring security 与其集成。出了点问题,在部署我的应用程序后,我无法识别 Spring Security 的登录 url,我看不到任何错误
org.springframework.security.web.DefaultSecurityFilterChain Creating filter chain: org.springframework.security.web.util.matcher.AnyRequestMatcher@1, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@71cc932, org.springframework.security.web.context.SecurityContextPersistenceFilter@71d35b4, org.springframework.security.web.header.HeaderWriterFilter@71d1f86, org.springframework.security.web.csrf.CsrfFilter@71d08b7, org.springframework.security.web.authentication.logout.LogoutFilter@71d4ca2, org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@71ceaed, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@71d4047, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@71cd7f9, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@71cfc0f, org.springframework.security.web.session.SessionManagementFilter@71d2ae9, org.springframework.security.web.access.ExceptionTranslationFilter@71d141a, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@71d5b32]
当我尝试登录时,我收到此消息
File not found: /j_spring_security_check at com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor._processEDR(DefaultExtensionProcessor.java:893) at com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor.processEDR(DefaultExtensionProcessor.java:874) at com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor.handleRequest(DefaultExtensionProcessor.java:434) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.invokeTarget(WebAppFilterChain.java:125) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:77) at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:926) at com.ibm.ws.webcontainer.filter.WebAppFilterManager.invokeFilters(WebAppFilterManager.java:1023) at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3703) at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:304) at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:962) at com.ibm.ws.webcontainer.WSWebContainer.handleRequest(WSWebContainer.java:1662) at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:195) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:452) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest(HttpInboundLink.java:511) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest(HttpInboundLink.java:305) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:276) at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214) at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113) at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165) at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217) at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161) at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138) at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204) at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775) at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905) at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1659)
配置文件
@Configuration
@EnableWebMvcSecurity
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
JdbcTemplate jdbcTemp;
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
System.out.println("SecurityConfig.configAuthentication() - START");
auth.jdbcAuthentication().dataSource(jdbcTemp.getDataSource())
.usersByUsernameQuery(
"select id,pwd,'true' as enabled from scm_users where id=?")
.authoritiesByUsernameQuery(
"select id, 'default' from scm_users where id=?");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/admin/**").access("hasRole('ROLE_ADMIN')")
.and()
.formLogin().loginPage("/userLogin.htm").failureUrl("/userLogin.htm?error")
.usernameParameter("id").passwordParameter("pwd")
.and()
.logout().logoutSuccessUrl("/userLogin.htm?logout")
.and()
.exceptionHandling().accessDeniedPage("/403")
.and()
.csrf();
}
}
web.xml
<servlet>
<servlet-name>spring</servlet-name>
<servlet-class>
org.springframework.web.servlet.DispatcherServlet
</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>spring</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<error-page>
<error-code>404</error-code>
<location>/WEB-INF/pages/PageNotFound.jsp</location>
</error-page>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring-servlet.xml
</param-value>
</context-param>
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
在我的 spring-servlet 中,它位于 web-inf 文件夹中。我没有任何应用程序上下文,因此指向 spring-servlet.xml。这是正确的吗?
Spring-servlet.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"........
<mvc:annotation-driven />
<context:annotation-config />
<context:component-scan base-package="org.ibm.idea.scm.*" />
<bean class="org.springframework.web.servlet.view.ContentNegotiatingViewResolver">
<property name="mediaTypes">
<map>
<entry key="html" value="text/html"/>
<entry key="json" value="application/json"/>
</map>
</property>
<property name="viewResolvers">
<list>
<bean class="org.springframework.web.servlet.view.UrlBasedViewResolver">
<property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/>
<property name="prefix" value="/WEB-INF/pages/" />
<property name="suffix" value=".jsp" />
</bean>
</list>
</property>
<property name="defaultViews">
<list>
<bean class="org.springframework.web.servlet.view.json.MappingJacksonJsonView">
<property name="prefixJson" value="true"/>
</bean>
</list>
</property>
</bean>
<bean id="portalDataSource" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="SCMDB" />
</bean>
<bean id="portalCRMDataSource" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="CRMDB"/>
</bean>
<!--
<bean id="portalDataSource" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="jndi/SCMDB" />
</bean>
<bean id="portalCRMDataSource" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="jndi/CRMDB"/>
</bean> -->
<bean id="jdbcTemp" class="org.springframework.jdbc.core.JdbcTemplate">
<property name="dataSource" ref="portalDataSource" />
</bean>
<bean id="jdbcTempCRM" class="org.springframework.jdbc.core.JdbcTemplate">
<property name="dataSource" ref="portalCRMDataSource" />
</bean>
<bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver" />
</beans>
登录jsp表单
<form class="loginInput" class="col-md-4" action="<c:url value='/j_spring_security_check' />" method="post">
<div class="row">
<div class="col-lg-12">
<p>
<b>Sign In</b>
</p>
</div>
<div class="col-lg-12">
<input type="text" placeholder="User Name" name="id" class="form-control">
</div>
<div class="col-lg-12">
<input type="password" placeholder="Password" name="pwd" class="form-control">
</div>错误之处请指出
问候
阿迪卜
最佳答案
此问题与 Websphere Web Container 相关。请按照以下说明进行操作
此信息可在其他地方找到,但为了最大程度地减少查看此帖子的任何人的痛苦,可以按如下方式解决该问题:
WAS 必须为修订包 6.1.0.11 或更高版本。
必须在 Web 容器上设置自定义属性,以便 WAS 能够与决定提交响应的过滤器很好地配合,而不是将责任传递给链中的下一个过滤器。 com.ibm.ws.webcontainer.invokefilterscompatibility = true
有关该错误和修复的更多信息,请参见此处:
http://www-01.ibm.com/support/docview.wss?uid=swg24014758
使用此处提供的说明在 WebSphere 管理控制台中设置此属性:
http://www-01.ibm.com/support/docview.wss?rss=180&uid=swg21284395
Source .
关于java - Spring安全无法找到登录url,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/33383288/