春季安全自定义登录页面返回404 [英] spring security custom login page return 404
问题描述
我遵循此设置我的自定义登录页面,弹簧安全。问题出在访问 /
时,它会重定向到 / account / login
,并且这 / account / login
将返回404 错误:NOT_FOUND
。如何解决这个问题。
spring-security.xml
file
< beans:beans xmlns =http://www.springframework.org/schema/security
xmlns:beans =http:// www .springframework.org / schema / beans
xmlns:xsi =http://www.w3.org/2001/XMLSchema-instance
xsi:schemaLocation =http://www.springframework .org / schema / beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd\">
< http auto-config =true>
< intercept-url pattern =/access =ROLE_USER/>
login-page =/ account / login
default-target-url =/ welcome
authentication-failure-url =/ login ?错误
username-parameter =email
password-parameter =password/>
< logout logout-success-url =/ login?logout/>
<! - 启用csrf保护 - >
< csrf />
< / http>
< beans:bean name =customUserDetailsServiceclass =com.example.web.CustomUserDetailsService>
< / beans:bean>
< authentication-manager>
< authentication-provider user-service-ref =customUserDetailsService>
< / authentication-provider>
< / authentication-manager>
< / beans:beans>
spring-servlet.xml
p>
< beans xmlns =http://www.springframework.org/schema/beans
xmlns:context = http://www.springframework.org/schema/context
xmlns:mvc =http://www.springframework.org/schema/mvc
xmlns:xsi =http:/ /www.w3.org/2001/XMLSchema-instance
xsi:schemaLocation =
http://www.springframework.org/schema/beans
http://www.springframework .org / schema / beans / spring-beans-3.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring -context-3.0.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd\"> ;
< context:component-scan base-package =com.example.web。*/>
< mvc:annotation-driven />
< bean class =org.springframework.web.servlet.view.InternalResourceViewResolver>
< property name =prefixvalue =/ WEB-INF / jsp //>
< property name =suffixvalue =。jsp/>
< / bean>
< / beans>
CustomUserDetailsService
文件
public class CustomUserDetailsService implements UserDetailsService {
$ b $ $ $ $ $ $ $ $ $ $ $ $ $ $'
@Override
public UserDetails loadUserByUsername(String email)
throws UsernameNotFoundException {
if(email == null || email.trim()。equals()){
throw new UsernameNotFoundException(Invalid email address。);
try(Connection conn = Config.getConn()){
String query =xxx;
PreparedStatement stm = conn.prepareStatement(query);
stm.setString(1,email);
ResultSet rs = stm.executeQuery();
if(!rs.next()){
throw new UsernameNotFoundException(
User does not exist。);
if(rs.getBoolean(delete)){
throw new UsernameNotFoundException(User has been deleted。);
}
收藏<?扩展GrantedAuthority> authority = AuthorityUtils
.createAuthorityList(USER);
字符串密码= rs.getString(pass);
UserDetails user = new User(email,password,true,true,true,
true,authorities);
返回用户;
} catch(ClassNotFoundException e){
e.printStackTrace();
} catch(SQLException e){
e.printStackTrace();
}
抛出新的UsernameNotFoundException(无法连接到数据库。);
code
$ b $ p $ c $ AccountController
@RequestMapping(value =/ login,method = RequestMethod.GET)
public String Index(Model model){
returnlogin;
HomeController
$ b $ pre $ $ $ c $ @ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $
@RequestMapping(value =/,method = RequestMethod.GET)
public String Index(Model model){
returnindex;
code
$ b $ web.xml code> file
<?xml version =1.0encoding =utf-8standalone =no >?;
< web-app xmlns =http://java.sun.com/xml/ns/javaeexmlns:web =http://java.sun.com/xml/ns/javaee/web -app_2_5.xsdxmlns:xsi =http://www.w3.org/2001/XMLSchema-instanceversion =2.5xsi:schemaLocation =http://java.sun.com/xml/ns/ javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd\">
< servlet>
< servlet-name> myweb< / servlet-name>
< servlet-class>
org.springframework.web.servlet.DispatcherServlet
< / servlet-class>
1< / load-on-startup>
< / servlet>
< servlet-mapping>
< servlet-name> myweb< / servlet-name>
< url-pattern> / *< / url-pattern>
< / servlet-mapping>
< context-param>
< param-name> contextConfigLocation< / param-name>
< param-value>
/WEB-INF/spring-servlet.xml
< / param-value>
< / context-param>
< listener>
< listener-class>
org.springframework.web.context.ContextLoaderListener
< / listener-class>
< / listener>
< context-param>
< param-name> contextConfigLocation< / param-name>
< param-value>
/WEB-INF/spring-security.xml
< / param-value>
< / context-param>
< filter>
< filter-name> springSecurityFilterChain< / filter-name>
< filter-class> org.springframework.web.filter.DelegatingFilterProxy< / filter-class>
< / filter>
< filter-mapping>
< filter-name> springSecurityFilterChain< / filter-name>
< url-pattern> / *< / url-pattern>
< / filter-mapping>
< servlet>
< servlet-name> SystemServiceServlet< / servlet-name>
< servlet-class> com.google.api.server.spi.SystemServiceServlet< / servlet-class>
< init-param>
< param-name>服务< / param-name>
< param-value> com.example.app.xxx.yyyService< / param-value>
< / init-param>
< / servlet>
< servlet-mapping>
< servlet-name> SystemServiceServlet< / servlet-name>
< url-pattern> / _ ah / spi / *< / url-pattern>
< / servlet-mapping>
< filter>
< filter-name> ObjectifyFilter< / filter-name>
< filter-class> com.googlecode.objectify.ObjectifyFilter< / filter-class>
< / filter>
< filter-mapping>
< filter-name> ObjectifyFilter< / filter-name>
< url-pattern> / *< / url-pattern>
< / filter-mapping>
< welcome-file-list>
< welcome-file> index.jsp< / welcome-file>
< / welcome-file-list>
< / web-app>
来自Google应用程式引擎的记录
ip.ip.ip.ip - [05 / Mar / 2015:19:41:49 -0800]GET / account / login HTTP / 1.1404 204 - Mozilla / 5.0 Intel Mac OS X 10_10_2)
AppleWebKit / 537.36(KHTML,如Gecko)Chrome / 40.0.2214.115
Safari / 537.36xxx.appspot.comms = 830 cpu_ms = 606
cpm_usd = 0.000023 instance = 00c61bxxxxxxxxxxxxxxxxxx624e0fc
app_engine_release = 1.9.18 trace_id = 60de930xxxxxxxxxxxxxxxxxbb7ab5
编辑 p>
问题出在servlet.xml中,更改< context:component-scan base-package =com.example.web。*/> gt ; to
< context:component-scan base-package =com.example.web/>
首先,请确保您可以直接访问登录页面。
在你的web.xml中,看看你用于分派器的URL模式。这里是我的:
< servlet-mapping>
< servlet-name>调度程序< / servlet-name>
< url-pattern> *。htm< / url-pattern>
< / servlet-mapping>
然后,确保您可以直接请求/login.htm。
登录后,更改您的spring-security.xml以将.htm添加到您的URL中。因此,您的片段可能如下所示:
< form-login
login-page =/ login.htm
default-target-url =/ welcome.htm
authentication-failure-url =/ login.htm?error
username-parameter =email
password-parameter =password/>
< logout logout-success-url =/ login.htm?logout/>
I followed this to set up my custom login page with spring security.The problem is when access /
, it will redirect to /account/login
, and this /account/login
will return 404 Error: NOT_FOUND
. How to fix this issue.
spring-security.xml
file
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd">
<http auto-config="true">
<intercept-url pattern="/" access="ROLE_USER" />
<form-login
login-page="/account/login"
default-target-url="/welcome"
authentication-failure-url="/login?error"
username-parameter="email"
password-parameter="password" />
<logout logout-success-url="/login?logout" />
<!-- enable csrf protection -->
<csrf/>
</http>
<beans:bean name="customUserDetailsService" class="com.example.web.CustomUserDetailsService">
</beans:bean>
<authentication-manager>
<authentication-provider user-service-ref="customUserDetailsService">
</authentication-provider>
</authentication-manager>
</beans:beans>
spring-servlet.xml
file
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd">
<context:component-scan base-package="com.example.web.*" />
<mvc:annotation-driven />
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/jsp/" />
<property name="suffix" value=".jsp" />
</bean>
</beans>
CustomUserDetailsService
file
public class CustomUserDetailsService implements UserDetailsService {
@Override
public UserDetails loadUserByUsername(String email)
throws UsernameNotFoundException {
if (email == null || email.trim().equals("")) {
throw new UsernameNotFoundException("Invalid email address.");
}
try (Connection conn = Config.getConn()) {
String query = "xxx";
PreparedStatement stm = conn.prepareStatement(query);
stm.setString(1, email);
ResultSet rs = stm.executeQuery();
if (!rs.next()) {
throw new UsernameNotFoundException(
"User does not exist.");
}
if (rs.getBoolean("delete")) {
throw new UsernameNotFoundException("User has been deleted.");
}
Collection<? extends GrantedAuthority> authorities = AuthorityUtils
.createAuthorityList("USER");
String password = rs.getString("pass");
UserDetails user = new User(email, password, true, true, true,
true, authorities);
return user;
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException e) {
e.printStackTrace();
}
throw new UsernameNotFoundException("Unable to connect to database.");
}
}
AccountController
file
@Controller
@RequestMapping("/account")
public class AccountController {
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String Index(Model model) {
return "login";
}
}
HomeController
file
@Controller
@RequestMapping("/")
public class HomeController {
@RequestMapping(value = "/", method = RequestMethod.GET)
public String Index(Model model) {
return "index";
}
}
web.xml
file
<?xml version="1.0" encoding="utf-8" standalone="no"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="2.5" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<servlet>
<servlet-name>myweb</servlet-name>
<servlet-class>
org.springframework.web.servlet.DispatcherServlet
</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>myweb</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring-servlet.xml
</param-value>
</context-param>
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring-security.xml
</param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>SystemServiceServlet</servlet-name>
<servlet-class>com.google.api.server.spi.SystemServiceServlet</servlet-class>
<init-param>
<param-name>services</param-name>
<param-value>com.example.app.xxx.yyyService</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>SystemServiceServlet</servlet-name>
<url-pattern>/_ah/spi/*</url-pattern>
</servlet-mapping>
<filter>
<filter-name>ObjectifyFilter</filter-name>
<filter-class>com.googlecode.objectify.ObjectifyFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ObjectifyFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>
log from google app engine
ip.ip.ip.ip - - [05/Mar/2015:19:41:49 -0800] "GET /account/login HTTP/1.1" 404 204 - "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.115 Safari/537.36" "xxx.appspot.com" ms=830 cpu_ms=606 cpm_usd=0.000023 instance=00c61bxxxxxxxxxxxxxxxxxx624e0fc app_engine_release=1.9.18 trace_id=60de930xxxxxxxxxxxxxxxxxbb7ab5
EDIT
The problem is inside servlet.xml, change <context:component-scan base-package="com.example.web.*" />
to <context:component-scan base-package="com.example.web" />
and it will work.
First, make sure you can access the login page directly.
In your web.xml see what url pattern you're using for the dispatcher. Here's mine:
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
Then, ensure that you can request /login.htm directly.
Once you get login working, change your spring-security.xml to append ".htm" onto your URLs. So your fragment might look like this:
<form-login
login-page="/login.htm"
default-target-url="/welcome.htm"
authentication-failure-url="/login.htm?error"
username-parameter="email"
password-parameter="password" />
<logout logout-success-url="/login.htm?logout" />
这篇关于春季安全自定义登录页面返回404的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!