내 스프링 보안이 작동하지 않는 이유가 궁금합니다. 나는 그런 다음이 스프링 security.xml에게 스프링 보안을 활성화하는 방법은 무엇입니까?
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<http auto-config='true'>
<intercept-url pattern="/**" access="ROLE_USER" />
<port-mappings>
<port-mapping http="8088" https="9443"/>
</port-mappings>
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="admin" password="password2" authorities="ROLE_USER" />
<user name="jimi" password="jimispassword" authorities="ROLE_USER, ROLE_ADMIN" />
<user name="bob" password="bobspassword" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
있어 나는이 web.xml을
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring/admin-servlet-common.xml
/WEB-INF/spring/admin-servlet-controller.xml
/WEB-INF/spring/admin-servlet-security.xml
/WEB-INF/spring/admin-servlet-service.xml
/WEB-INF/spring-security.xml
classpath:ses-service.xml
</param-value>
</context-param>
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/log4j.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<!-- Reads request input using UTF-8 encoding -->
<filter>
<filter-name>characterEncodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>characterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Enables clean URLs with JSP views e.g. /welcome instead of /app/welcome -->
<filter>
<filter-name>UrlRewriteFilter</filter-name>
<filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>UrlRewriteFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Handles all requests into the application -->
<servlet>
<servlet-name>ses</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>ses</servlet-name>
<url-pattern>/app/*</url-pattern>
</servlet-mapping>
</web-app>
있어하지만 둘 다 오류 메시지를 제공하거나 보안을 할 수 있습니다. 내 webapp는 변경되지 않고 계속 페이지를 탐색 할 수 있습니다. http://localhost:8088/admin/login
및 http://localhost:8088/admin/menu
. 이 프로젝트는 웹 앱의 관리 부분이며 관리자 웹에 보안을 설정합니다. 무엇을 할 수 있습니까? 사용하고자하는 내 자신의 로그인 페이지는 http://localhost:8088/admin/login
이고 admin 역할의 나머지/admin * 페이지를 보호하고 싶습니다.
봄 보안 및 UrlRewriteFilter에 대해 좀 더 토론을 찾을 수있는 응용 프로그램에서 중단 점을 넣고 스택을 확인, 심지어라고 봄 보안 필터입니다? –
I 봄 보안 파일이 이름인지 짐작 하네. d'admin-servlet-security.xml'? 왜냐하면 web.xml의'contextConfigLocation'리스트에 그것을 추가 할 필요가 없기 때문입니다. – Taylor