0
私は完全にプロジェクトを行っており、セキュリティを追加したいと思います。 DelegatingFilterProxyをweb.xmlに追加した後、それが機能しません。ここにあります:フィルタを追加した後、私のSpringプロジェクトが動作しないのはなぜですか?
私の春のセキュリティ関連の依存関係はすべて、バージョン4.1.0.RELEASEです。私はログにフィルタがロードされているのを見ることができますが、エラーは表示されないので、なぜWebページが読み込まれないのか分かりません。ここに私のsecurityContext.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.1.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="testuser" authorities="ROLE_SUPERADMIN" password="password"/>
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
<security:http auto-config="true" use-expressions="true">
<security:intercept-url pattern="/**" access="denyAll"/>
<security:intercept-url pattern="/test" access="permitAll"/>
<security:form-login />
</security:http>
これらは私のログですされています
2016-06-28 18:59:40 INFO ContextLoader:305 - Root WebApplicationContext: initialization started
2016-06-28 18:59:41 INFO XmlWebApplicationContext:578 - Refreshing Root WebApplicationContext: startup date [Tue Jun 28 18:59:41 CEST 2016]; root of context hierarchy
2016-06-28 18:59:41 INFO XmlBeanDefinitionReader:317 - Loading XML bean definitions from ServletContext resource [/WEB-INF/spring/applicationContext.xml]
2016-06-28 18:59:41 INFO XmlBeanDefinitionReader:317 - Loading XML bean definitions from ServletContext resource [/WEB-INF/spring/securityContext.xml]
2016-06-28 18:59:41 INFO SpringSecurityCoreVersion:74 - You are running with Spring Security Core 4.1.0.RELEASE
2016-06-28 18:59:41 INFO SecurityNamespaceHandler:78 - Spring Security 'config' module version is 4.1.0.RELEASE
2016-06-28 18:59:41 INFO FilterInvocationSecurityMetadataSourceParser:173 - Creating access control expression attribute 'denyAll' for /**
2016-06-28 18:59:41 INFO FilterInvocationSecurityMetadataSourceParser:173 - Creating access control expression attribute 'permitAll' for /test
2016-06-28 18:59:41 INFO AuthenticationConfigBuilder:539 - No login page configured. The default internal one will be used. Use the 'login-page' attribute to set the URL of the login page.
2016-06-28 18:59:41 INFO HttpSecurityBeanDefinitionParser:306 - Checking sorted filter chain: [Root bean: class [org.springframework.security.web.context.SecurityContextPersistenceFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 200, Root bean: class [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 400, Root bean: class [org.springframework.security.web.header.HeaderWriterFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 500, Root bean: class [org.springframework.security.web.csrf.CsrfFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 600, Root bean: class [org.springframework.security.web.authentication.logout.LogoutFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 700, <org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#0>, order = 1100, Root bean: class [org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 1300, Root bean: class [org.springframework.security.web.authentication.www.BasicAuthenticationFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 1500, Root bean: class [org.springframework.security.web.savedrequest.RequestCacheAwareFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 1600, Root bean: class [org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 1700, Root bean: class [org.springframework.security.web.authentication.AnonymousAuthenticationFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 2000, Root bean: class [org.springframework.security.web.session.SessionManagementFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 2100, Root bean: class [org.springframework.security.web.access.ExceptionTranslationFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 2200, <org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0>, order = 2300]
2016-06-28 18:59:42 INFO Version:66 - HCANN000001: Hibernate Commons Annotations {4.0.5.Final}
2016-06-28 18:59:42 INFO Version:54 - HHH000412: Hibernate Core {4.3.11.Final}
2016-06-28 18:59:42 INFO Environment:239 - HHH000206: hibernate.properties not found
2016-06-28 18:59:42 INFO Environment:346 - HHH000021: Bytecode provider name : javassist
2016-06-28 18:59:43 INFO Dialect:145 - HHH000400: Using dialect: org.hibernate.dialect.MySQLDialect
2016-06-28 18:59:43 INFO LobCreatorBuilder:97 - HHH000423: Disabling contextual LOB creation as JDBC driver reported JDBC version [3] less than 4
2016-06-28 18:59:43 INFO TransactionFactoryInitiator:62 - HHH000399: Using default transaction strategy (direct JDBC transactions)
2016-06-28 18:59:43 INFO ASTQueryTranslatorFactory:47 - HHH000397: Using ASTQueryTranslatorFactory
2016-06-28 18:59:43 INFO Version:30 - HV000001: Hibernate Validator 5.2.4.Final
2016-06-28 18:59:44 INFO DefaultSecurityFilterChain:43 - Creating filter chain: Ant [pattern='/'], []
2016-06-28 18:59:44 INFO DefaultSecurityFilterChain:43 - Creating filter chain: [email protected]1, [org.spring[email protected]4e8f2204, org.springframework.secu[email protected]184da4ba, [email protected]dcf, [email protected], org.[email protected]57e50b8a, org.springframework.s[email protected]22781db8, org.springframework.[email protected]3886489d, org.springfram[email protected]3493e43a, org.sp[email protected]4b550079, org.springframework.[email protected]29a24176, org.springfram[email protected]23ea267f, o[email protected]8f3b40c, org[email protected]6b462ba3, org.springfr[email protected]50d46e4c]
2016-06-28 18:59:44 INFO DefaultFilterChainValidator:154 - Checking whether login URL '/login' is accessible with your configuration
2016-06-28 18:59:44 INFO ContextLoader:345 - Root WebApplicationContext: initialization completed in 4021 ms
2016-06-28 18:59:44 INFO XmlWebApplicationContext:960 - Closing Root WebApplicationContext: startup date [Tue Jun 28 18:59:41 CEST 2016]; root of context hierarchy
cze 28, 2016 6:59:45 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 6515 ms
web.xmlにサーブレットの部分を追加しましたか? http://docs.spring.io/autorepo/docs/spring-framework/4.1.x/javadoc-api/org/springframework/web/WebApplicationInitializer.html – Hannes
正しく覚えていれば、フィルタの名前はspringSecurityFilterChainではなくセキュリティコンフィグレーションで作成されたフィルタBeanの名前と一致するようにSpringSecurityFilterChain(小文字の最初の文字) – kem
あなたが直面している問題は何ですか? –