Spring Security应用程序中Sitemesh未修饰的自定义错误页面 [英] Custom Error Page Not Decorated by Sitemesh in Spring Security Application
问题描述
在带有Spring Security(3.2.0.RC2)和Sitemesh(2.4.2)的Spring MVC(3.2.4)应用程序中,web.xml文件具有以下条目:
In a Spring MVC (3.2.4) application with Spring Security (3.2.0.RC2) with Sitemesh (2.4.2), the web.xml file has this entry:
<error-page>
<error-code>403</error-code>
<location>/error?code=403</location>
</error-page>
映射到ErrorController:
which maps to ErrorController:
@RequestMapping("error")
public String displayErrorPage(
@RequestParam(value = "code", defaultValue = "0") int code,
Model model, final HttpServletRequest request, Principal principal) {
// ...
return "errorPage";
}
通过InternalResourceViewResolver显示errorPage.jsp(没有其他视图解析器应用程序)。
which displays errorPage.jsp via an InternalResourceViewResolver (there are no other view resolvers in the app).
安全性正常,当未经授权的用户尝试访问受保护的页面时,会显示errorPage.jsp,但页面未装饰。应用程序中的每个其他页面都没有任何问题进行修饰,并且errorPage.jsp与其他没有任何问题的JSP存在于同一目录中。此应用程序使用Servlet 3.0规范。
The security works fine and errorPage.jsp is displayed when an unauthorized user tries to access a secured page, but the the page is not decorated. Every other page in the application is decorated without any issues and errorPage.jsp lives in the same directory as other JSPs that are decorated without any problems. This application is using the Servlet 3.0 spec.
推荐答案
这似乎是一个Sitemesh错误(参见: http://forum.spring.io/forum/spring-projects/security/37742-sitemesh-decoration-problem )可以通过重定向解决。出于各种原因,我不想在JSP页面中进行重定向,所以我更改了我的控制器:
This seems to be a Sitemesh bug (see: http://forum.spring.io/forum/spring-projects/security/37742-sitemesh-decoration-problem) that can be solved via a redirect. For various reasons I did not want to do the redirect from within the JSP page, so I changed my controller:
@RequestMapping("error")
public String displayErrorPage(
@RequestParam(value = "code", defaultValue = "0") int code,
RedirectAttributes redirectAttributes, final HttpServletRequest request,
Principal principal) {
// ...
redirectAttributes.addFlashAttribute("myAttribute", myAttribute);
return "redirect:/displayError";
}
@RequestMapping("displayError")
public String displayError() {
return "errorPage";
}
这篇关于Spring Security应用程序中Sitemesh未修饰的自定义错误页面的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!