从Tomcat 6迁移到Tomcat 7后,/spring_security_login Spring Security 3.2出现404错误 [英] 404 Error on /spring_security_login Spring Security 3.2 after migrating from Tomcat 6 to Tomcat 7
问题描述
现在,我正在努力使我的应用程序再次运行三天. 重点:我有一个使用Spring Security 3.2并在Tomcat 6上运行良好的应用程序.
It's been now three days that I'm battling to make my application work again. The pitch : I had an application using Spring Security 3.2 and running well on Tomcat 6.
我想在Tomcat 7上迁移所有应用程序,所以这就是我要尝试的原因.
I want to migrate all my apps on Tomcat 7, so that's why I'm trying that.
但是:每次我访问应用程序的根目录时,都会得到一个404错误页面,并在URL中写入/spring_security_login. 对于编写的/spring_security_login来说,它似乎部分合法,因为Spring设置为自行创建登录表单.但是为什么会出现404错误? 在具有相同web.xml和applicationContext-security的Tomcat 6上,该站点运行良好.
BUT : every time I access to the root of my app, I get a 404 error page, with /spring_security_login written in the URL. For the /spring_security_login written, it seems partially legit, because Spring is set to create the login form on its own. But why the 404 error ? On Tomcat 6, with the same web.xml and applicationContext-security, the site is running well.
最后但并非最不重要的一点是,我的登录是通过Spring Security ldap提供程序进行的,因此它增加了一层复杂性...
Last but not least, my login is made through the Spring Security ldap provider, so it adds one more level of complexity...
这是我的web.xml:
Here is my web.xml :
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>MYAPP</display-name>
<!-- où se trouve la conf spring: -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/applicationContext-security.xml</param-value>
</context-param>
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<listener>
<listener-class>
org.springframework.security.web.session.HttpSessionEventPublisher
</listener-class>
</listener>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<!-- Reads request input using UTF-8 encoding -->
<filter>
<filter-name>characterEncodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>characterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- configuration spring -->
<servlet>
<servlet-name>myapp-webapp</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>3</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>myapp-webapp</servlet-name>
<url-pattern>*.do</url-pattern>
<url-pattern>/remoting/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.png</url-pattern>
<url-pattern>*.js</url-pattern>
<url-pattern>*.css</url-pattern>
<url-pattern>*.gif</url-pattern>
</servlet-mapping>
<resource-ref>
<description>DB Connection</description>
<res-ref-name>jdbc/myapp_database</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
</web-app>
还有我的applicationContext-security.xml
And my applicationContext-security.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:s="http://www.springframework.org/schema/security"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd">
<s:global-method-security secured-annotations="disabled">
</s:global-method-security>
<s:http pattern="/styles/**" security="none"/>
<s:http pattern="/js/**" security="none"/>
<s:http pattern="/img/**" security="none"/>
<s:http pattern="/html/**" security="none"/>
<s:http pattern="/remoting/**" security="none"/>
<!-- config ldap activee use-expressions="true" -->
<s:http auto-config="true" create-session="always" access-decision-manager-ref="accessDecisionManager">
<s:intercept-url pattern="/cancelPreviousAction.do" access="P_MYAPP_RW" />
<s:intercept-url pattern="/**" access="P_MYAPP_RO" />
<s:session-management>
<s:concurrency-control max-sessions="1" />
</s:session-management>
<s:form-login />
<s:logout/>
</s:http>
<s:authentication-manager>
<s:authentication-provider ref="ldapProvider"></s:authentication-provider>
</s:authentication-manager>
<bean id="contextSource"
class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<constructor-arg value="..." />
<property name="userDn" value="..." />
<property name="password" value="..." />
</bean>
<bean id="ldapProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
<constructor-arg>
<bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
<constructor-arg ref="contextSource" />
<property name="userSearch">
<bean id="userSearch"
class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
<constructor-arg index="0" value="..." />
<constructor-arg index="1" value="..." />
<constructor-arg index="2" ref="..." />
</bean>
</property>
</bean>
</constructor-arg>
<constructor-arg>
<bean class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
<constructor-arg ref="contextSource" />
<constructor-arg value="..." />
<property name="rolePrefix" value="" />
<property name="searchSubtree" value="true" />
<property name="convertToUpperCase" value="false" />
</bean>
</constructor-arg>
</bean>
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions" value="false" />
<property name="decisionVoters">
<bean class="org.springframework.security.access.vote.RoleVoter">
<property name="rolePrefix" value=""/>
</bean>
</property>
</bean>
</beans>
有人知道吗?
虽然有一次我可能是我的Tomcat conf可能是原因,但是现在当我调用我的应用程序的根URL时,/spring_security_login将自身附加在URL中,因此我认为Spring Seuciryt内部的重定向有效好吧...
I though one time that it might be my Tomcat conf that would be the cause, but now when I call the root url of my app, the /spring_security_login appends itself in the url, so I think the redirection inside Spring Seuciryt works well...
注意:当我从web.xml文件中删除spring Security过滤器时,该应用程序运行良好(不用说登录/安全性部分除外).
NB : When I remove the spring Security filter from the web.xml file, the app works well (except the login/security part needless to say).
提前谢谢!
推荐答案
实际上,问题在于在Tomcat 6下,我已经覆盖了默认servlet的定义.
In fact the problem was that under Tomcat 6, I had overrided the definition of the default servlet.
搜索了很长时间之后,我尝试注释默认的servlet定义...并且一切正常.
After having searched long times and long times, I tried commenting the default servlet definition... and everything worked.
因此,在web.xml中,注释以下几行以使它们相同:
So in web.xml, comment the following lines to have the same :
<!--
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.png</url-pattern>
<url-pattern>*.js</url-pattern>
<url-pattern>*.css</url-pattern>
<url-pattern>*.gif</url-pattern>
</servlet-mapping> -->
它修复了所有问题.
这篇关于从Tomcat 6迁移到Tomcat 7后,/spring_security_login Spring Security 3.2出现404错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
