1. Inicio
  2. Pregunta y respuesta
  3. "j_spring_security_check" no encontrado después de configurar la seguridad del resorte directamente sin la configuración automática de HTTP

"j_spring_security_check" no encontrado después de configurar la seguridad del resorte directamente sin la configuración automática de HTTP

2011-10-05 9 views
6

Estoy tratando de convertir la configuración de Spring Security del espacio de nombres HTTP en configuración directa usando FilterChainProxy. Antes de la conversión, todo estaba bien con el espacio de nombres HTTP. Pero después de reemplazar el elemento por varios elementos con FilterChainProxy, recibí el error "j_spring_security_check not found" al iniciar sesión en el sistema. Traté de cambiar todo o parte de "/ j_spring_security_check" con "/ app/j_spring_security_check" pero todavía no pude iniciar sesión correctamente."j_spring_security_check" no encontrado después de configurar la seguridad del resorte directamente sin la configuración automática de HTTP

Mi entorno: AppFuse 2.1 con Spring MVC, iBatis, Spring Security 3.0.7, 3.2.0 urlrewrite Tuckey, Primavera 3.0.6 Windows 7 JDK 1.5.0_17 Maven 2.2.1 apache-tomcat 6.0.32

security.xml (antes de la conversión, todo está bien.)

… 
<http auto-config="true" lowercase-comparisons="false"> 
    <intercept-url pattern="/images/**" filters="none"/> 
    <intercept-url pattern="/styles/**" filters="none"/> 
    <intercept-url pattern="/scripts/**" filters="none"/> 
    <intercept-url pattern="/app/admin/**" access="ROLE_ADMIN"/> 
    <intercept-url pattern="/app/passwordHint*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> 
    <intercept-url pattern="/app/signup*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> 
    <intercept-url pattern="/app/**" access="ROLE_ADMIN,ROLE_USER"/> 
    <form-login login-page="/login" authentication-failure-url="/login?error=true" 
       login-processing-url="/j_spring_security_check"/> 
    <remember-me user-service-ref="userDao" key="e37f4b31-0c45-11dd-bd0b-0800200c9a66"/> 
</http> 
<authentication-manager alias="authenticationManager"> 
    <authentication-provider user-service-ref="userDao"> 
     <password-encoder ref="passwordEncoder"/> 
    </authentication-provider> 
</authentication-manager> 
…

security.xml (después de reemplazar espacio de nombres http ", j_spring_security_ check" no encontrado)

<beans:bean id="springSecurityFilterChain" 
      class="org.springframework.security.web.FilterChainProxy"> 
    <filter-chain-map path-type="ant"> 
     <filter-chain pattern="/images/**" filters="none"/> 
     <filter-chain pattern="/styles/**" filters="none"/> 
     <filter-chain pattern="/scripts/**" filters="none"/> 
     <filter-chain pattern="/app/**" filters=" 
      securityContextPersistenceFilter, 
      authenticationProcessingFilter, 
      exceptionTranslationFilter, 
     filterSecurityInterceptor"/> 
    </filter-chain-map> 
</beans:bean> 

<beans:bean id="securityContextPersistenceFilter" 
      class="org.springframework.security.web.context.SecurityContextPersistenceFilter"> 
</beans:bean> 
<beans:bean id="authenticationProcessingFilter" 
      class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter"> 
    <beans:property name="authenticationManager" ref="authenticationManager"/> 
    <beans:property name="authenticationSuccessHandler" ref="authenticationSuccessHandler"/> 
    <beans:property name="authenticationFailureHandler" ref="authenticationFailureHandler"/> 
    <beans:property name="filterProcessesUrl" value="/j_spring_security_check"/> 
</beans:bean> 
<beans:bean id="authenticationSuccessHandler" 
      class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler"> 
    <beans:property name="defaultTargetUrl" value="/mainMenu"/> 
</beans:bean> 
<beans:bean id="authenticationFailureHandler" 
      class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler"> 
    <beans:property name="defaultFailureUrl" value="/login.jsp"/> 
</beans:bean> 
<beans:bean id="exceptionTranslationFilter" 
      class="org.springframework.security.web.access.ExceptionTranslationFilter"> 
    <beans:property name="authenticationEntryPoint" ref="authenticationEntryPoint"/> 
    <beans:property name="accessDeniedHandler" ref="accessDeniedHandler"/> 
</beans:bean> 

<beans:bean id="authenticationEntryPoint" 
      class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"> 
    <beans:property name="loginFormUrl" value="/login.jsp"/> 
</beans:bean> 

<beans:bean id="accessDeniedHandler" 
      class="org.springframework.security.web.access.AccessDeniedHandlerImpl"> 
    <beans:property name="errorPage" value="/403.jsp"/> 
</beans:bean> 


<beans:bean id="filterSecurityInterceptor" 
      class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor"> 
    <beans:property name="authenticationManager" ref="authenticationManager"/> 
    <beans:property name="accessDecisionManager" ref="accessDecisionManager"/> 
    <beans:property name="securityMetadataSource"> 
     <filter-security-metadata-source> 
      <intercept-url pattern="/app/admin/**" access="ROLE_ADMIN"/> 
      <intercept-url pattern="/app/passwordHint*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> 
      <intercept-url pattern="/app/signup*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> 
      <intercept-url pattern="/app/**" access="ROLE_ADMIN,ROLE_USER"/> 
     </filter-security-metadata-source> 
    </beans:property> 
</beans:bean> 
<beans:bean id="myFilterInvocationSecurityMetadataSource" 
      class="com.tangram.ebiz.webapp.authentication.MyFilterInvocationSecurityMetadataSource"> 
</beans:bean> 


<beans:bean id="accessDecisionManager" 
      class="org.springframework.security.access.vote.AffirmativeBased"> 
    <beans:property name="decisionVoters"> 
     <beans:list> 
      <beans:bean class="org.springframework.security.access.vote.RoleVoter"> 
       <beans:property name="rolePrefix" value="ROLE_"/> 
      </beans:bean> 
      <beans:bean 
        class="org.springframework.security.access.vote.AuthenticatedVoter"/> 
     </beans:list> 
    </beans:property> 
</beans:bean> 

<authentication-manager alias="authenticationManager"> 
    <authentication-provider user-service-ref="userDao"> 
     <password-encoder ref="passwordEncoder"/> 
    </authentication-provider> 
</authentication-manager>

Login.jsp

<form method="post" id="loginForm" action="<c:url value='/j_spring_security_check'/>" onsubmit="saveUsername(this);return validateForm(this)"> 
… 
     <li> 
      <label for="j_username" class="required desc"><fmt:message key="label.username"/> <span class="req">*</span></label> 
      <input type="text" class="text medium" name="j_username" id="j_username" tabindex="1" /> 
     </li> 
     <li> 
      <label for="j_password" class="required desc"><fmt:message key="label.password"/> <span class="req">*</span></label> 
      <input type="password" class="text medium" name="j_password" id="j_password" tabindex="2" /> 
     </li> 
… 
    </form>

Urlrewrite.xml

<urlrewrite default-match-type="wildcard"> 
… 
<!-- Add rules here for anything that shouldn't be served up by Spring MVC. --> 
<rule> 
    <from>/</from> 
    <to type="redirect" last="true">mainMenu</to> 
</rule> 
<rule> 
    <from>/app/**</from> 
    <to last="true" type="redirect">%{context-path}/$1</to> 
</rule> 
<rule> 
    <from>/j_spring_security_check**</from> 
    <to last="true">/j_spring_security_check$1</to> 
</rule> 
… 

<!-- Spring MVC --> 
<rule> 
    <from>/**</from> 
    <to>/app/$1</to> 
</rule> 
<outbound-rule> 
    <from>/app/**</from> 
    <to>/$1</to> 
</outbound-rule> 
… 
</urlrewrite>

Fuente

2011-10-05 Ben Wu

+0

Mi entorno: AppFuse 2.1 con Spring MVC, iBatis, Spring Security 3.0.7, 3.2.0 urlrewrite Tuckey, Primavera 3.0.6 Windows 7 JDK 1.5.0_17 Maven 2.2.1 –

Respuesta

9

Finalmente lo arreglé yo mismo.

Al depurar el método doFilter() de SecurityContextPersistenceFilter sin el espacio de nombres de seguridad Spring, encontré que contextBeforeChainExecution y contextAfterChainExecution eran nulos. Pero al depurar el programa con espacio de nombres, el valor de ambos era algo acerca de Anonymous.

Agregué "/ j_spring_security_check" y "/ login" con el acceso "IS_AUTHENTICATED_ANONYMOUSLY" en securityMetadataSource como se muestra a continuación y se solucionó el problema.

<beans:property name="securityMetadataSource"> 
     <filter-security-metadata-source> 
      <intercept-url pattern="/j_spring_security_check" access="IS_AUTHENTICATED_ANONYMOUSLY"/> 
      <intercept-url pattern="/login" access="IS_AUTHENTICATED_ANONYMOUSLY"/> 
      <intercept-url pattern="/app/admin/**" access="ROLE_ADMIN"/> 
      <intercept-url pattern="/app/passwordHint*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> 
      <intercept-url pattern="/app/signup*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> 
      <intercept-url pattern="/app/**" access="ROLE_ADMIN,ROLE_USER"/> 
     </filter-security-metadata-source> 
    </beans:property>

Este blog me ha ayudado mucho: http://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/

Fuente

2011-10-06 16:05:29

Cuestiones relacionadas

 Cuestiones relacionadas