通用匹配模式('/**')在过滤器链中的其他模式之前定义,导致它们被忽略
Jay*_*Jay 8 spring-security java-7 tomcat7
Spring Security基本示例给出了此异常.
错误:"通用匹配模式('/**')在过滤器链中的其他模式之前定义,导致它们被忽略.请检查命名空间或FilterChainProxy bean配置中的顺序"
我在同一个问题上查了很多帖子.但找不到任何解决方案.任何人都可以部署一个hello spring security吗?
我使用的是这些版本 - Spring 3.2.0.RELEASE/Spring security 3.2.0.RELEASE/Tomcat 7/Java 1.7.
这是我的代码:
web.xml中
<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd" >
<web-app>
<display-name>Spring security sample Web Application</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring-context.xml,
/WEB-INF/security-context.xml</param-value>
</context-param>
<!-- Spring security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>spring-dispatcher-servlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring-context.xml</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>spring-dispatcher-servlet</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
</web-app>
弹簧的context.xml
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd">
<authentication-manager>
<authentication-provider>
<user-service>
<user name="jay" password="jay" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
<http auto-config="true">
<intercept-url pattern="/pages/hello.jsp" access="ROLE_USER" />
</http>
</beans:beans>
MyController.java
package com.jai.spring.security.controller;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@Controller
public class MyConroller {
@RequestMapping(value = "/security", method = RequestMethod.GET)
public String security(Model model) {
System.out.println("calling ... /security");
model.addAttribute("name", "Jay");
return "pages/hello";
}
@RequestMapping(value = "/profile", method = RequestMethod.GET)
public String profile(Model model) {
System.out.println("calling ... /profile");
return "user/profile";
}
}
的pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.jai.spring.security</groupId>
<artifactId>springsec</artifactId>
<packaging>war</packaging>
<version>0.0.1-SNAPSHOT</version>
<name>springsec Maven Webapp</name>
<url>http://maven.apache.org</url>
<properties>
<spring-version>3.2.0.RELEASE</spring-version>
<spring-security-version>3.2.0.RELEASE</spring-security-version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring-version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${spring-version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>${spring-security-version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${spring-security-version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>${spring-security-version}</version>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>1.2.14</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>3.8.1</version>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<finalName>springsec</finalName>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>2.3.2</version>
<configuration>
<source>1.7</source>
<target>1.7</target>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.tomcat.maven</groupId>
<artifactId>tomcat7-maven-plugin</artifactId>
<version>2.2</version>
<configuration>
<url>http://localhost:8080/manager/text</url>
<server>localhost</server>
<path>/${project.build.finalName}</path>
</configuration>
</plugin>
</plugins>
</build>
</project>
文件结构
Pav*_*ral 13
您错误地使用了XML上下文文件,这会导致重复的bean定义(包括安全配置).并<http>没有配置pattern属性映射到/**=>您的错误.
在这里,您可以为servlet定义根XML上下文文件:
<servlet>
<servlet-name>spring-dispatcher-servlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring-context.xml</param-value>
</init-param>
</servlet>
改为创建一个新的上下文配置(如果使用默认名称{your-servlet-name}-servlet.xml= => ,则可以省略此声明spring-dispatcher-servlet-servlet.xml):
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/dispatcher-servlet.xml</param-value>
</init-param>
StackOverflow上已经多次讨论了root和servlet上下文之间的区别.基本上根上下文(spring-context.xml和security-context.xml你的情况),应持申请宽豆(服务,DAO中,包括安全配置)和调度上下文(dispatcher-servlet.xml在我的例子)应持调度servlet的具体豆状控制器,视图解析器等.
进一步阅读:
- 为什么DispatcherServlet会创建另一个应用程序上下文?
- Spring Framework中applicationContext.xml和spring-servlet.xml之间的区别
- 为什么使用Spring ApplicationContext层次结构?
| 归档时间: |
|
| 查看次数: |
12663 次 |
| 最近记录: |