스프링 보안 필터를 추가 한 후이 작업이 중지되었습니다.스프링 MVC - 어노테이션 기반 컨트롤러가 요청 핸들러 메소드를 찾지 못했습니다.
봄 3.1.4.RELEASE
봄 보안 3.1.2.RELEASE
톰캣 7.0.37 예상대로 앱을
INFO annotation.RequestMappingHandlerMapping: Mapped "{[/countries],methods=[GET],params=[!countryCode],headers=[],consumes=[],produces=[application/json],custom=[]}" onto public com.purpleleaf.proxy.rest.data.ProxyResponse com.purpleleaf.proxy.rest.service.reference.DefaultCountry.findAll()
GET 요청을 배포 할 때 매핑이 구성되어
제출됩니다.
GET http://localhost:8081/purpleleaf-admin-1.0.0/countries?page=1&start=0&limit=25
요청 매개 변수는 ExtJS에 의해 추가되며 보안없이 작동했기 때문에 문제가되지 않습니다.
요청 web.filterChainProxy 처리 된 GET 요청
DEBUG util.AntPathRequestMatcher: Checking match of request : '/countries'; against '/*' DEBUG web.FilterChainProxy: /countries?page=1&start=0&limit=25 has an empty filter list DEBUG servlet.DispatcherServlet: DispatcherServlet with name 'admin-spring' processing GET request for [//purpleleaf-admin-1.0.0/countries] DEBUG annotation.RequestMappingHandlerMapping: Looking up handler method for path //purpleleaf-admin-1.0.0/countries DEBUG annotation.RequestMappingHandlerMapping: Did not find handler method for [//purpleleaf-admin-1.0.0/countries] DEBUG handler.SimpleUrlHandlerMapping: Matching patterns for request [//purpleleaf-admin-1.0.0/countries] are [/**] DEBUG handler.SimpleUrlHandlerMapping: URI Template variables for request [//purpleleaf-admin-1.0.0/countries] are {} DEBUG handler.SimpleUrlHandlerMapping: Mapping [//purpleleaf-admin-1.0.0/countries] to HandlerExecutionChain with handler [org.spring[email protected]3f8050cf] and 1 interceptor DEBUG servlet.DispatcherServlet: Last-Modified value for [//purpleleaf-admin-1.0.0/countries] is: -1 DEBUG servlet.DispatcherServlet: Null ModelAndView returned to DispatcherServlet with name 'admin-spring': assuming HandlerAdapter completed request handling DEBUG servlet.DispatcherServlet: Successfully completed request
의 로그가 /국가이지만이 프로세스 annotation.RequestMappingHandlerMapping입니다 때 // purpleleaf-관리 - 인 1.0.0/countires
purpleleaf-admin-1.0.0은 war 파일이 압축 해제 된 폴더입니다.
web.xml에 서블릿과 필터 매핑
<servlet-mapping>
<servlet-name>admin-spring</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
나는이 매핑을 해결할 수있는 방법에 대한 제안을 다음있다?
편집 1 : 봄 보안 구성이
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<beans:import resource="classpath*:applicationContext-CrowdClient.xml" />
<beans:bean id="crowdUserDetailsService" class="com.atlassian.crowd.integration.springsecurity.user.CrowdUserDetailsServiceImpl">
<beans:property name="authenticationManager" ref="crowdAuthenticationManager"/>
<beans:property name="groupMembershipManager" ref="crowdGroupMembershipManager"/>
<beans:property name="userManager" ref="crowdUserManager"/>
<beans:property name="authorityPrefix" value="ROLE_"/>
</beans:bean>
<beans:bean id="crowdAuthenticationProvider" class="com.atlassian.crowd.integration.springsecurity.RemoteCrowdAuthenticationProvider">
<beans:constructor-arg ref="crowdAuthenticationManager"/>
<beans:constructor-arg ref="httpAuthenticator"/>
<beans:constructor-arg ref="crowdUserDetailsService"/>
</beans:bean>
<authentication-manager alias="authenticationManager">
<authentication-provider ref='crowdAuthenticationProvider' />
</authentication-manager>
<beans:bean id="crowdAuthenticationProcessingFilterEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
<beans:constructor-arg value="/login.jsp" />
</beans:bean>
<beans:bean id="crowdAuthenticationProcessingFilter" class="com.atlassian.crowd.integration.springsecurity.CrowdSSOAuthenticationProcessingFilter">
<beans:property name="httpAuthenticator" ref="httpAuthenticator"/>
<beans:property name="authenticationManager" ref="authenticationManager"/>
<beans:property name="filterProcessesUrl" value="/j_security_check"/>
<beans:property name="authenticationFailureHandler">
<beans:bean class="com.atlassian.crowd.integration.springsecurity.UsernameStoringAuthenticationFailureHandler">
<beans:property name="defaultFailureUrl" value="/login.jsp?error=true"/>
</beans:bean>
</beans:property>
<beans:property name="authenticationSuccessHandler">
<beans:bean class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<beans:property name="defaultTargetUrl" value="/"/>
</beans:bean>
</beans:property>
</beans:bean>
<beans:bean id="crowdLogoutHandler" class="com.atlassian.crowd.integration.springsecurity.CrowdLogoutHandler">
<beans:property name="httpAuthenticator" ref="httpAuthenticator"/>
</beans:bean>
<beans:bean id="securityContextLogoutHandler" class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" />
<beans:bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">
<beans:constructor-arg index="0" value="/index.html"/>
<beans:constructor-arg index="1">
<beans:list>
<beans:ref bean="crowdLogoutHandler"/>
<beans:ref bean="securityContextLogoutHandler"/>
</beans:list>
</beans:constructor-arg>
<beans:property name="filterProcessesUrl" value="/logout.html"/>
</beans:bean>
<http pattern='/*' security='none'/>
<!--http pattern='/scripts/*' security='none'/-->
<http auto-config="false" entry-point-ref="crowdAuthenticationProcessingFilterEntryPoint">
<custom-filter position="FORM_LOGIN_FILTER" ref='crowdAuthenticationProcessingFilter'/>
<custom-filter position="LOGOUT_FILTER" ref='logoutFilter'/>
<!--intercept-url pattern="/admin/*" access="ROLE_application-administrators"/-->
<!--intercept-url pattern="/passwordHint.html" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/-->
<!--security:intercept-url pattern="/**/*.html*" access="IS_AUTHENTICATED_FULLY"/-->
</http>
</beans:beans>
봄 보안 구성 파일을 게시하십시오. – shazinltc
@shazinltc 이제 보안 설정을 질문에 추가했습니다. 보안 구성을 구성했지만 아직 경로를 제한하지 않았습니다. – Nabarun
완벽한 스프링 보안 설정 파일을 게시하십시오. 일부 컨텐츠가 누락 된 것 같습니다. – Kalher