0
我有一个问题,就像标题,并且http状态是“302 Moved Temporarily”。我的安全app.xml中是:cas没有重定向到登录页面
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sec="http://www.springframework.org/schema/security" xmlns:p="http://www.springframework.org/schema/p"
xmlns:jee="http://www.springframework.org/schema/jee" xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
<!-- Load parameters from context.xml -->
<bean id="propertyConfigurer" class="org.springframework.web.context.support.ServletContextPropertyPlaceholderConfigurer"/>
<sec:http entry-point-ref="casEntryPoint" auto-config="true">
<sec:intercept-url pattern="/**" access="ROLE_USER" />
<sec:logout invalidate-session="true" logout-url="/logout" logout-success-url="/loggedOut.html"/>
<sec:custom-filter position="CAS_FILTER" ref="casFilter" />
</sec:http>
<sec:authentication-manager alias="authenticationManager">
<sec:authentication-provider ref="casAuthenticationProvider" />
</sec:authentication-manager>
<bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties">
<property name="service" value="http://localhost:8080/test/j_spring_cas_security_check" />
<property name="sendRenew" value="false" />
</bean>
<bean id="casFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager" />
</bean>
<bean id="casEntryPoint" class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
<property name="loginUrl" value="https://localhost:7443/cas/login" />
<property name="serviceProperties" ref="serviceProperties" />
</bean>
<bean id="casAuthenticationProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
<property name="authenticationUserDetailsService" ref="myUserService" />
<property name="serviceProperties" ref="serviceProperties" />
<property name="ticketValidator">
<bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
<constructor-arg index="0" value="https://localhost:7443/cas" />
</bean>
</property>
<property name="key" value="an_id_for_this_auth_provider_only" />
</bean>
<bean id="myUserService" class="com.security.myUserDetailService">
<property name="dataSource" ref="myDatasource"/>
</bean>
<jee:jndi-lookup id="optaDatasource" jndi-name="jdbc/mydb"/>
</beans>
和在web.xml(CAS听者&一些过滤器):
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
...
<servlet>
<servlet-name>mytest</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>2</load-on-startup>
</servlet>
<!-- Listener für Spring -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- Listener for CAS -->
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
...
<!-- CAS Single Sign Out -->
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<!-- Spring security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<!-- UTF-8 Encoding Filter -->
<filter>
<filter-name>CEF</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CEF</filter-name>
<servlet-name>mytest</servlet-name>
</filter-mapping>
...
</web-app>
的server.xml Tomcat中(限定连接器https://cas):
...
<Connector port="7443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keyAlias="caslocalhost" keystoreFile="C:\Program Files\Java\jdk1.6.0_25\bin\caskslocalhost.jks" keystorePass="changeit"/>
我错过了什么吗? 我真的很感激任何提示
PS: 信息响应头:
Content-Length 0
Date Tue, 20 Mar 2012 14:12:23 GMT
Location https://localhost:7443/cas/login?service=http%3A%2F%2Flocalhost%3A8080%2Ftest%2Fj_spring_cas_security_check
Server Apache-Coyote/1.1
Set-Cookie JSESSIONID=A69FD95FB79B21810B2988A02CCFD78C; Path=/test
你的问题并没有真正解释什么问题。 302是你期望的重定向(什么是位置标题?)。我认为你需要给出更多的背景和解释你的观察。另外,请查看Spring Security的调试日志,因为它应该详细解释如何处理请求。如果您使用CAS,我也会从您的设置中删除'auto-config'。 – 2012-03-20 12:55:43
我已添加响应标题的信息。如果我给http:// localhost:8080/test/...,它应该被重定向到https:// localhost:7443/cas/login。但没有发生,虽然它已经在“位置”。 – aaron 2012-03-20 14:22:22
它与Ajax请求有关吗? – aaron 2012-03-20 14:30:47