0
gefunden
Ich bin vor einem Problem im Frühjahr -Sicherheit wenn ich auf geklickt der legt er die unter URL umleiten und ich habe 404Mapping von/login im Frühjahr-Sicherheit nicht
HTTP Status 404 - for url
localhost:8080/TestingSecurity/login
ich denke, es ist etwas Ausgabe springsecurity Filter
Code für ConfigurationDefaultXml.java
bei der Registrierungpackage cms.config;
@Configuration
@EnableWebMvc
@ComponentScan(basePackages = {"cms.controller"})
@Import(value = { SecurityConfiguration.class })
public class ConfigurationDefaultXml extends WebMvcConfigurerAdapter{
@Bean
public ViewResolver jspviewResolver() {
InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
viewResolver.setViewClass(JstlView.class);
viewResolver.setPrefix("/WEB-INF/views/");
viewResolver.setSuffix(".jsp");
return viewResolver;
}
@Bean
public ViewResolver contentNegotiatingViewResolver(
ContentNegotiationManager manager) {
ContentNegotiatingViewResolver resolver = new ContentNegotiatingViewResolver();
resolver.setContentNegotiationManager(manager);
// Define all possible view resolvers
List<ViewResolver> resolvers = new ArrayList<ViewResolver>();
resolvers.add(jspviewResolver());
resolver.setViewResolvers(resolvers);
return resolver;
}
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/resources/**").addResourceLocations("/resources/design/");
}
}
Code of SecurityConfiguration.java
package cms.config;
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("user1").password("abc123").roles("USER");
auth.inMemoryAuthentication().withUser("admin").password("root123").roles("ADMIN");
auth.inMemoryAuthentication().withUser("dba1").password("root123").roles("ADMIN","DBA");//dba have two roles.
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/", "/home").permitAll()
.antMatchers("/admin/**").access("hasRole('ADMIN')")
.antMatchers("/db/**").access("hasRole('ADMIN') and hasRole('DBA')")
.and().formLogin().loginPage("/logincustom")
.usernameParameter("ssoId").passwordParameter("password")
.and().csrf()
.and().exceptionHandling().accessDeniedPage("/Access_Denied");
}
}
SecurityWebApplicationInitializer.java
Paket cms.config;
import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer{
}
Code von SpringMvcInitializer.java
package cms.config;
import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer;
public class SpringMvcInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class<?>[] getRootConfigClasses() {
return new Class[] { ConfigurationDefaultXml.class};
}
@Override
protected Class<?>[] getServletConfigClasses() {
return null;
}
@Override
protected String[] getServletMappings() {
return new String[] { "/" };
}
}
Codierung der Form Schaltfläche befindet sich unter
<form action="${loginUrl}" method="post" class="form-horizontal">
<c:if test="${param.error != null}">
<div class="alert alert-danger">
<p>Invalid username and password.</p>
</div>
</c:if>
<c:if test="${param.logout != null}">
<div class="alert alert-success">
<p>You have been logged out successfully.</p>
</div>
</c:if>
<div class="input-group input-sm">
<label class="input-group-addon" for="username"><i class="fa fa-user"></i></label>
<input type="text" class="form-control" id="username" name="ssoId" placeholder="Enter Username" required>
</div>
<div class="input-group input-sm">
<label class="input-group-addon" for="password"><i class="fa fa-lock"></i></label>
<input type="password" class="form-control" id="password" name="password" placeholder="Enter Password" required>
</div>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
<div class="form-actions">
<input type="submit"
class="btn btn-block btn-primary btn-default" value="Log in">
</div>
</form>
Überprüfen Sie Ihre Methode ist Post in Ihrem Formular – Nimesh
@naman: Ja, es ist Post i enthalten haben den Code der Form-Button in der Frage, die Sie sehen können . –
Sie stellen nicht die 'org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer.loginProcessingUrl (String)', ich bin nicht sicher, ob das, was Sie haben (die Aktion auf dem Formular) ist der Standard. Versuchen Sie dies explizit festzulegen. – Taylor