1. casa
  2. Domanda e risposta
  3. "j_spring_security_check" non trovato dopo aver configurato la sicurezza della molla direttamente senza http auto config

"j_spring_security_check" non trovato dopo aver configurato la sicurezza della molla direttamente senza http auto config

2011-10-05 3 views
6

Sto provando a convertire la configurazione di Spring Security dallo spazio dei nomi HTTP in configurazione diretta usando FilterChainProxy. Prima della conversione, tutto andava bene con il namespace HTTP. Ma dopo aver sostituito l'elemento con diversi elementi con FilterChainProxy, ho ricevuto l'errore "j_spring_security_check non trovato" durante l'accesso al sistema. Ho provato a modificare tutto o parte di "/ j_spring_security_check" con "/ app/j_spring_security_check", ma ancora non riesco ad accedere correttamente."j_spring_security_check" non trovato dopo aver configurato la sicurezza della molla direttamente senza http auto config

Il mio ambiente: AppFuse 2.1 con Spring MVC, iBatis, Primavera di sicurezza 3.0.7, URLRewrite Tuckey 3.2.0, 3.0.6 Primavera Windows 7 JDK 1.5.0_17 Maven 2.2.1 apache-tomcat- 6.0.32

security.xml (prima della conversione, tutto è OK.)

… 
<http auto-config="true" lowercase-comparisons="false"> 
    <intercept-url pattern="/images/**" filters="none"/> 
    <intercept-url pattern="/styles/**" filters="none"/> 
    <intercept-url pattern="/scripts/**" filters="none"/> 
    <intercept-url pattern="/app/admin/**" access="ROLE_ADMIN"/> 
    <intercept-url pattern="/app/passwordHint*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> 
    <intercept-url pattern="/app/signup*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> 
    <intercept-url pattern="/app/**" access="ROLE_ADMIN,ROLE_USER"/> 
    <form-login login-page="/login" authentication-failure-url="/login?error=true" 
       login-processing-url="/j_spring_security_check"/> 
    <remember-me user-service-ref="userDao" key="e37f4b31-0c45-11dd-bd0b-0800200c9a66"/> 
</http> 
<authentication-manager alias="authenticationManager"> 
    <authentication-provider user-service-ref="userDao"> 
     <password-encoder ref="passwordEncoder"/> 
    </authentication-provider> 
</authentication-manager> 
…

security.xml (dopo la sostituzione http namespace, "j_spring_security_ check" non trovato)

<beans:bean id="springSecurityFilterChain" 
      class="org.springframework.security.web.FilterChainProxy"> 
    <filter-chain-map path-type="ant"> 
     <filter-chain pattern="/images/**" filters="none"/> 
     <filter-chain pattern="/styles/**" filters="none"/> 
     <filter-chain pattern="/scripts/**" filters="none"/> 
     <filter-chain pattern="/app/**" filters=" 
      securityContextPersistenceFilter, 
      authenticationProcessingFilter, 
      exceptionTranslationFilter, 
     filterSecurityInterceptor"/> 
    </filter-chain-map> 
</beans:bean> 

<beans:bean id="securityContextPersistenceFilter" 
      class="org.springframework.security.web.context.SecurityContextPersistenceFilter"> 
</beans:bean> 
<beans:bean id="authenticationProcessingFilter" 
      class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter"> 
    <beans:property name="authenticationManager" ref="authenticationManager"/> 
    <beans:property name="authenticationSuccessHandler" ref="authenticationSuccessHandler"/> 
    <beans:property name="authenticationFailureHandler" ref="authenticationFailureHandler"/> 
    <beans:property name="filterProcessesUrl" value="/j_spring_security_check"/> 
</beans:bean> 
<beans:bean id="authenticationSuccessHandler" 
      class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler"> 
    <beans:property name="defaultTargetUrl" value="/mainMenu"/> 
</beans:bean> 
<beans:bean id="authenticationFailureHandler" 
      class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler"> 
    <beans:property name="defaultFailureUrl" value="/login.jsp"/> 
</beans:bean> 
<beans:bean id="exceptionTranslationFilter" 
      class="org.springframework.security.web.access.ExceptionTranslationFilter"> 
    <beans:property name="authenticationEntryPoint" ref="authenticationEntryPoint"/> 
    <beans:property name="accessDeniedHandler" ref="accessDeniedHandler"/> 
</beans:bean> 

<beans:bean id="authenticationEntryPoint" 
      class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"> 
    <beans:property name="loginFormUrl" value="/login.jsp"/> 
</beans:bean> 

<beans:bean id="accessDeniedHandler" 
      class="org.springframework.security.web.access.AccessDeniedHandlerImpl"> 
    <beans:property name="errorPage" value="/403.jsp"/> 
</beans:bean> 


<beans:bean id="filterSecurityInterceptor" 
      class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor"> 
    <beans:property name="authenticationManager" ref="authenticationManager"/> 
    <beans:property name="accessDecisionManager" ref="accessDecisionManager"/> 
    <beans:property name="securityMetadataSource"> 
     <filter-security-metadata-source> 
      <intercept-url pattern="/app/admin/**" access="ROLE_ADMIN"/> 
      <intercept-url pattern="/app/passwordHint*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> 
      <intercept-url pattern="/app/signup*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> 
      <intercept-url pattern="/app/**" access="ROLE_ADMIN,ROLE_USER"/> 
     </filter-security-metadata-source> 
    </beans:property> 
</beans:bean> 
<beans:bean id="myFilterInvocationSecurityMetadataSource" 
      class="com.tangram.ebiz.webapp.authentication.MyFilterInvocationSecurityMetadataSource"> 
</beans:bean> 


<beans:bean id="accessDecisionManager" 
      class="org.springframework.security.access.vote.AffirmativeBased"> 
    <beans:property name="decisionVoters"> 
     <beans:list> 
      <beans:bean class="org.springframework.security.access.vote.RoleVoter"> 
       <beans:property name="rolePrefix" value="ROLE_"/> 
      </beans:bean> 
      <beans:bean 
        class="org.springframework.security.access.vote.AuthenticatedVoter"/> 
     </beans:list> 
    </beans:property> 
</beans:bean> 

<authentication-manager alias="authenticationManager"> 
    <authentication-provider user-service-ref="userDao"> 
     <password-encoder ref="passwordEncoder"/> 
    </authentication-provider> 
</authentication-manager>

Login.jsp

<form method="post" id="loginForm" action="<c:url value='/j_spring_security_check'/>" onsubmit="saveUsername(this);return validateForm(this)"> 
… 
     <li> 
      <label for="j_username" class="required desc"><fmt:message key="label.username"/> <span class="req">*</span></label> 
      <input type="text" class="text medium" name="j_username" id="j_username" tabindex="1" /> 
     </li> 
     <li> 
      <label for="j_password" class="required desc"><fmt:message key="label.password"/> <span class="req">*</span></label> 
      <input type="password" class="text medium" name="j_password" id="j_password" tabindex="2" /> 
     </li> 
… 
    </form>

Urlrewrite.xml

<urlrewrite default-match-type="wildcard"> 
… 
<!-- Add rules here for anything that shouldn't be served up by Spring MVC. --> 
<rule> 
    <from>/</from> 
    <to type="redirect" last="true">mainMenu</to> 
</rule> 
<rule> 
    <from>/app/**</from> 
    <to last="true" type="redirect">%{context-path}/$1</to> 
</rule> 
<rule> 
    <from>/j_spring_security_check**</from> 
    <to last="true">/j_spring_security_check$1</to> 
</rule> 
… 

<!-- Spring MVC --> 
<rule> 
    <from>/**</from> 
    <to>/app/$1</to> 
</rule> 
<outbound-rule> 
    <from>/app/**</from> 
    <to>/$1</to> 
</outbound-rule> 
… 
</urlrewrite>

fonte

2011-10-05 Ben Wu

+0

Il mio ambiente: AppFuse 2.1 con Spring MVC, iBatis, Primavera di sicurezza 3.0.7, URLRewrite Tuckey 3.2.0, 3.0.6 Primavera Windows 7 JDK 1.5.0_17 Maven 2.2.1 –

risposta

9

Infine ho fissato io stesso.

Durante il debug del metodo doFilter() di SecurityContextPersistenceFilter senza spazio dei nomi di sicurezza Spring, ho trovato che contextBeforeChainExecution e contextAfterChainExecution erano nulli. Ma quando si eseguiva il debug del programma con namespace, il valore di entrambi era qualcosa su Anonymous.

Ho aggiunto "/ j_spring_security_check" e "/ login" con accesso "IS_AUTHENTICATED_ANONYMOUSLY" in securityMetadataSource come mostrato di seguito e il problema è stato risolto.

<beans:property name="securityMetadataSource"> 
     <filter-security-metadata-source> 
      <intercept-url pattern="/j_spring_security_check" access="IS_AUTHENTICATED_ANONYMOUSLY"/> 
      <intercept-url pattern="/login" access="IS_AUTHENTICATED_ANONYMOUSLY"/> 
      <intercept-url pattern="/app/admin/**" access="ROLE_ADMIN"/> 
      <intercept-url pattern="/app/passwordHint*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> 
      <intercept-url pattern="/app/signup*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> 
      <intercept-url pattern="/app/**" access="ROLE_ADMIN,ROLE_USER"/> 
     </filter-security-metadata-source> 
    </beans:property>

Questo blog mi ha aiutato molto: http://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/

fonte

2011-10-06 16:05:29

Problemi correlati

 Problemi correlati