1
我很困惑,我一直在努力解决问题。我刚将spring mvc web应用程序从3.0.5.RELEASE移动到3.1.0.RELEASE,并发现弹簧安全性的行为与我所配置的不同。阻止弹簧安全阻止访问我的资源文件夹
我尝试加载我的登录页面时出现错误。该错误是文档类型的错误... 
不过话说做了一些研究,我才明白,错误消息告诉我后,我想在我的登录页面加载CSS和JS资源不能被发现(或者是我的情况春天安全不允许访问它们)。
我已经尝试整天调整弹簧安全文件以允许访问css和js资源,但无法获得配置权限。真的很感谢一些帮助。
这里是我的项目结构...
Tomcat Webapps>
>ReportingManager
>WEB-INF
>pages
>spring-application-context.xml
>spring-security.xml
>spring-database.xml
>spring-resources.xml
>spring-managers.xml
>resources
>css
>images
>reports
这是我的web.xml ...
<servlet-mapping>
<servlet-name>mvc-dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring-application-context.xml</param-value>
</context-param>
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
这里是我的弹簧security.xml文件....
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<security:global-method-security secured-annotations="enabled" />
<http pattern="/**/*.css" security="none" />
<http pattern="/**/*.js" security="none" />
<http pattern="/**/*.png" security="none" />
<http pattern="/**/*.jpg" security="none" />
<http pattern="/**/*.gif" security="none" />
<security:http auto-config="true">
<!-- Login and log out -->
<security:form-login
login-page="/login"
default-target-url="/welcome"
authentication-failure-url="/loginfailed" />
<security:logout logout-success-url="/logout" />
<intercept-url pattern="/resources/**" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_LEVEL7" />
<intercept-url pattern="/login" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_LEVEL7" />
<intercept-url pattern="/welcome" access="ROLE_LEVEL7" />
<intercept-url pattern="/priceOverride" access="ROLE_LEVEL7" />
</security:http>
<!-- Authentication -->
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider user-service-ref="userDetailsDao">
<security:password-encoder hash="md5" />
</security:authentication-provider>
</security:authentication-manager>
</beans>
为了完整起见,这里是我的应用环境....
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.1.xsd">
<!-- import XML fragments to use in the application context -->
<import resource="spring-database.xml" />
<import resource="spring-resources.xml" />
<import resource="spring-managers.xml" />
<import resource="spring-security.xml" />
</beans>
也是我的MVC-调度-servlet.xml中......
<context:component-scan base-package="com.myer.reporting.controller" />
<bean
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix">
<value>/WEB-INF/pages/</value>
</property>
<property name="suffix">
<value>.jsp</value>
</property>
</bean>
<mvc:resources mapping="/resources/**" location="/resources/" />
<mvc:annotation-driven />
我对长期职位很抱歉,但要确保我不会留下任何有价值的信息了。我知道这肯定是弹簧安全性引起的问题,因为当我在3.0.5.RELEASE时,我可以在浏览器中打开CSS和JavaScript。但是当我尝试用3.1.0.RELEASE做同样的事时,我无法击中CSS或JS。但另一个令人困惑的事情是,我没有得到403错误。相反,它只是让我在当前页面(login.htm)。
感谢您的帮助。即使这会令人尴尬,但我希望这是我很容易解决的错误。
更新 - >我试过一些下面的答案失败。但我确实设法从日志中获得一些输出,并在下面附加了输出,以查看是否有人可以分辨可能会发生。基于你给我的帮助,我也稍微更新了我的原始配置。
2014-01-07 12:50:43,362 INFO [SpringSecurityCoreVersion] - You are running with Spring Security Core 3.1.4.RELEASE
2014-01-07 12:50:43,362 INFO [SecurityNamespaceHandler] - Spring Security 'config' module version is 3.1.4.RELEASE
2014-01-07 12:50:43,455 INFO [HttpSecurityBeanDefinitionParser] - Checking sorted filter chain: [Root bean: class [org.springframework.security.web.context.SecurityContextPersistenceFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 200, Root bean: class [org.springframework.security.web.authentication.logout.LogoutFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 400, <org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#0>, order = 800, Root bean: class [org.springframework.security.web.authentication.www.BasicAuthenticationFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 1200, Root bean: class [org.springframework.security.web.savedrequest.RequestCacheAwareFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 1300, Root bean: class [org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 1400, Root bean: class [org.springframework.security.web.authentication.AnonymousAuthenticationFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 1700, Root bean: class [org.springframework.security.web.session.SessionManagementFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 1800, Root bean: class [org.springframework.security.web.access.ExceptionTranslationFilter]; scope=; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null, order = 1900, <org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0>, order = 2000]
2014-01-07 12:50:44,236 INFO [DefaultSecurityFilterChain] - Creating filter chain: Ant [pattern='/**/*.css'], []
2014-01-07 12:50:44,283 INFO [DefaultSecurityFilterChain] - Creating filter chain: Ant [pattern='/**/*.js'], []
2014-01-07 12:50:44,283 INFO [DefaultSecurityFilterChain] - Creating filter chain: Ant [pattern='/**/*.png'], []
2014-01-07 12:50:44,283 INFO [DefaultSecurityFilterChain] - Creating filter chain: Ant [pattern='/**/*.jpg'], []
2014-01-07 12:50:44,283 INFO [DefaultSecurityFilterChain] - Creating filter chain: Ant [pattern='/**/*.gif'], []
2014-01-07 12:50:44,704 DEBUG [FilterSecurityInterceptor] - Validated configuration attributes
2014-01-07 12:50:44,704 INFO [DefaultSecurityFilterChain] - Creating filter chain: [email protected], [org.spring[email protected]64dfeb, org.spring[email protected], org.springframework.s[email protected]13eb2bc, org.springfram[email protected]14865b1, org.sp[email protected]c5575, org.springframework.[email protected]1be8bf1, org.springfram[email protected]d591a6, o[email protected]14d6015, org[email protected]df39bc, org.springfr[email protected]147788d]
2014-01-07 12:50:44,720 INFO [DefaultFilterChainValidator] - Checking whether login URL '/login' is accessible with your configuration
2014-01-07 12:50:44,720 DEBUG [AntPathRequestMatcher] - Checking match of request : '/login'; against '/**/*.css'
2014-01-07 12:50:44,720 DEBUG [AntPathRequestMatcher] - Checking match of request : '/login'; against '/**/*.js'
2014-01-07 12:50:44,720 DEBUG [AntPathRequestMatcher] - Checking match of request : '/login'; against '/**/*.png'
2014-01-07 12:50:44,720 DEBUG [AntPathRequestMatcher] - Checking match of request : '/login'; against '/**/*.jpg'
2014-01-07 12:50:44,720 DEBUG [AntPathRequestMatcher] - Checking match of request : '/login'; against '/**/*.gif'
2014-01-07 12:50:44,720 DEBUG [AntPathRequestMatcher] - Checking match of request : '/login'; against '/resources/**'
2014-01-07 12:50:44,720 DEBUG [AntPathRequestMatcher] - Checking match of request : '/login'; against '/login'
2014-01-07 12:50:44,720 DEBUG [AffirmativeBased] - Voter: [email protected], returned: -1
2014-01-07 12:50:44,720 DEBUG [AffirmativeBased] - Voter: [email protected]9d, returned: 1
2014-01-07 12:52:00,472 DEBUG [AntPathRequestMatcher] - Checking match of request : '/index.jsp'; against '/**/*.css'
2014-01-07 12:52:00,472 DEBUG [AntPathRequestMatcher] - Checking match of request : '/index.jsp'; against '/**/*.js'
2014-01-07 12:52:00,472 DEBUG [AntPathRequestMatcher] - Checking match of request : '/index.jsp'; against '/**/*.png'
2014-01-07 12:52:00,472 DEBUG [AntPathRequestMatcher] - Checking match of request : '/index.jsp'; against '/**/*.jpg'
2014-01-07 12:52:00,472 DEBUG [AntPathRequestMatcher] - Checking match of request : '/index.jsp'; against '/**/*.gif'
2014-01-07 12:52:00,472 DEBUG [FilterChainProxy] - /index.jsp at position 1 of 10 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-01-07 12:52:00,472 DEBUG [HttpSessionSecurityContextRepository] - No HttpSession currently exists
2014-01-07 12:52:00,472 DEBUG [HttpSessionSecurityContextRepository] - No SecurityContext was available from the HttpSession: null. A new one will be created.
2014-01-07 12:52:00,472 DEBUG [FilterChainProxy] - /index.jsp at position 2 of 10 in additional filter chain; firing Filter: 'LogoutFilter'
2014-01-07 12:52:00,472 DEBUG [FilterChainProxy] - /index.jsp at position 3 of 10 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2014-01-07 12:52:00,472 DEBUG [FilterChainProxy] - /index.jsp at position 4 of 10 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
2014-01-07 12:52:00,472 DEBUG [FilterChainProxy] - /index.jsp at position 5 of 10 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2014-01-07 12:52:00,472 DEBUG [FilterChainProxy] - /index.jsp at position 6 of 10 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-01-07 12:52:00,472 DEBUG [FilterChainProxy] - /index.jsp at position 7 of 10 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2014-01-07 12:52:00,472 DEBUG [AnonymousAuthenticationFilter] - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToke[email protected]: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.sprin[email protected]957e: RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
2014-01-07 12:52:00,472 DEBUG [FilterChainProxy] - /index.jsp at position 8 of 10 in additional filter chain; firing Filter: 'SessionManagementFilter'
2014-01-07 12:52:00,472 DEBUG [SessionManagementFilter] - Requested session ID 5CB169513CF0935187728353885EB4EF is invalid.
2014-01-07 12:52:00,472 DEBUG [FilterChainProxy] - /index.jsp at position 9 of 10 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-01-07 12:52:00,472 DEBUG [FilterChainProxy] - /index.jsp at position 10 of 10 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-01-07 12:52:00,472 DEBUG [AntPathRequestMatcher] - Checking match of request : '/index.jsp'; against '/resources/**'
2014-01-07 12:52:00,472 DEBUG [AntPathRequestMatcher] - Checking match of request : '/index.jsp'; against '/login'
2014-01-07 12:52:00,472 DEBUG [AntPathRequestMatcher] - Checking match of request : '/index.jsp'; against '/welcome'
2014-01-07 12:52:00,472 DEBUG [AntPathRequestMatcher] - Checking match of request : '/index.jsp'; against '/priceoverride'
2014-01-07 12:52:00,472 DEBUG [FilterSecurityInterceptor] - Public object - authentication not attempted
2014-01-07 12:52:00,472 DEBUG [FilterChainProxy] - /index.jsp reached end of additional filter chain; proceeding with original chain
2014-01-07 12:52:01,659 DEBUG [HttpSessionEventPublisher] - Publishing event: org.springframework.security.web.session.HttpSessionCreatedEvent[[email protected]]
2014-01-07 12:52:01,659 DEBUG [HttpSessionSecurityContextRepository] - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2014-01-07 12:52:01,659 DEBUG [ExceptionTranslationFilter] - Chain processed normally
2014-01-07 12:52:01,659 DEBUG [SecurityContextPersistenceFilter] - SecurityContextHolder now cleared, as request processing completed
2014-01-07 12:52:01,675 DEBUG [AntPathRequestMatcher] - Checking match of request : '/login.html'; against '/**/*.css'
2014-01-07 12:52:01,675 DEBUG [AntPathRequestMatcher] - Checking match of request : '/login.html'; against '/**/*.js'
2014-01-07 12:52:01,675 DEBUG [AntPathRequestMatcher] - Checking match of request : '/login.html'; against '/**/*.png'
2014-01-07 12:52:01,675 DEBUG [AntPathRequestMatcher] - Checking match of request : '/login.html'; against '/**/*.jpg'
2014-01-07 12:52:01,675 DEBUG [AntPathRequestMatcher] - Checking match of request : '/login.html'; against '/**/*.gif'
2014-01-07 12:52:01,675 DEBUG [FilterChainProxy] - /login.html at position 1 of 10 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-01-07 12:52:01,675 DEBUG [HttpSessionSecurityContextRepository] - HttpSession returned null object for SPRING_SECURITY_CONTEXT
2014-01-07 12:52:01,675 DEBUG [HttpSessionSecurityContextRepository] - No SecurityContext was available from the HttpSession: [email protected] A new one will be created.
2014-01-07 12:52:01,675 DEBUG [FilterChainProxy] - /login.html at position 2 of 10 in additional filter chain; firing Filter: 'LogoutFilter'
2014-01-07 12:52:01,675 DEBUG [FilterChainProxy] - /login.html at position 3 of 10 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2014-01-07 12:52:01,675 DEBUG [FilterChainProxy] - /login.html at position 4 of 10 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
2014-01-07 12:52:01,675 DEBUG [FilterChainProxy] - /login.html at position 5 of 10 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2014-01-07 12:52:01,675 DEBUG [FilterChainProxy] - /login.html at position 6 of 10 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-01-07 12:52:01,675 DEBUG [FilterChainProxy] - /login.html at position 7 of 10 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2014-01-07 12:52:01,675 DEBUG [AnonymousAuthenticationFilter] - Populated SecurityContextHolder with anonymous token: 'org.sprin[email protected]9054b1a2: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.sprin[email protected]1c07a: RemoteIpAddress: 127.0.0.1; SessionId: 6797458107289A1298C0F15240BC0CB4; Granted Authorities: ROLE_ANONYMOUS'
2014-01-07 12:52:01,675 DEBUG [FilterChainProxy] - /login.html at position 8 of 10 in additional filter chain; firing Filter: 'SessionManagementFilter'
2014-01-07 12:52:01,675 DEBUG [FilterChainProxy] - /login.html at position 9 of 10 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-01-07 12:52:01,675 DEBUG [FilterChainProxy] - /login.html at position 10 of 10 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-01-07 12:52:01,675 DEBUG [AntPathRequestMatcher] - Checking match of request : '/login.html'; against '/resources/**'
2014-01-07 12:52:01,675 DEBUG [AntPathRequestMatcher] - Checking match of request : '/login.html'; against '/login'
2014-01-07 12:52:01,675 DEBUG [AntPathRequestMatcher] - Checking match of request : '/login.html'; against '/welcome'
2014-01-07 12:52:01,675 DEBUG [AntPathRequestMatcher] - Checking match of request : '/login.html'; against '/priceoverride'
2014-01-07 12:52:01,675 DEBUG [FilterSecurityInterceptor] - Public object - authentication not attempted
2014-01-07 12:52:01,675 DEBUG [FilterChainProxy] - /login.html reached end of additional filter chain; proceeding with original chain
2014-01-07 12:52:02,846 DEBUG [HttpSessionSecurityContextRepository] - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2014-01-07 12:52:02,846 DEBUG [ExceptionTranslationFilter] - Chain processed normally
2014-01-07 12:52:02,846 DEBUG [SecurityContextPersistenceFilter] - SecurityContextHolder now cleared, as request processing completed
2014-01-07 12:52:02,862 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/css/header.css'; against '/**/*.css'
2014-01-07 12:52:02,862 DEBUG [FilterChainProxy] - /resources/css/header.css has an empty filter list
2014-01-07 12:52:02,877 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/grid.locale-en.js'; against '/**/*.css'
2014-01-07 12:52:02,877 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/jquery-1.7.1.min.js'; against '/**/*.css'
2014-01-07 12:52:02,877 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/grid.locale-en.js'; against '/**/*.js'
2014-01-07 12:52:02,877 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/jquery-1.7.1.min.js'; against '/**/*.js'
2014-01-07 12:52:02,877 DEBUG [FilterChainProxy] - /resources/js/grid.locale-en.js has an empty filter list
2014-01-07 12:52:02,877 DEBUG [FilterChainProxy] - /resources/js/jquery-1.7.1.min.js has an empty filter list
2014-01-07 12:52:02,877 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/jquery.metadata.js'; against '/**/*.css'
2014-01-07 12:52:02,877 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/jquery.metadata.js'; against '/**/*.js'
2014-01-07 12:52:02,877 DEBUG [FilterChainProxy] - /resources/js/jquery.metadata.js has an empty filter list
2014-01-07 12:52:02,893 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/jquery.jqgrid.min.js'; against '/**/*.css'
2014-01-07 12:52:02,893 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/jquery.jqgrid.min.js'; against '/**/*.js'
2014-01-07 12:52:02,893 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/jquery.validate.min.js'; against '/**/*.css'
2014-01-07 12:52:02,893 DEBUG [FilterChainProxy] - /resources/js/jquery.jqGrid.min.js has an empty filter list
2014-01-07 12:52:02,893 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/jquery.validate.min.js'; against '/**/*.js'
2014-01-07 12:52:02,893 DEBUG [FilterChainProxy] - /resources/js/jquery.validate.min.js has an empty filter list
2014-01-07 12:52:02,909 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/messages.js'; against '/**/*.css'
2014-01-07 12:52:02,909 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/messages.js'; against '/**/*.js'
2014-01-07 12:52:02,909 DEBUG [FilterChainProxy] - /resources/js/messages.js has an empty filter list
2014-01-07 12:52:02,909 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/jquery.hotkeys-0.8.js'; against '/**/*.css'
2014-01-07 12:52:02,909 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/jquery.hotkeys-0.8.js'; against '/**/*.js'
2014-01-07 12:52:02,909 DEBUG [FilterChainProxy] - /resources/js/jquery.hotkeys-0.8.js has an empty filter list
2014-01-07 12:52:02,909 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/shortcut-keys.js'; against '/**/*.css'
2014-01-07 12:52:02,924 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/constants.js'; against '/**/*.css'
2014-01-07 12:52:02,924 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/validation.js'; against '/**/*.css'
2014-01-07 12:52:02,924 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/common.js'; against '/**/*.css'
2014-01-07 12:52:02,924 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/shortcut-keys.js'; against '/**/*.js'
2014-01-07 12:52:02,924 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/constants.js'; against '/**/*.js'
2014-01-07 12:52:02,924 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/validation.js'; against '/**/*.js'
2014-01-07 12:52:02,924 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/common.js'; against '/**/*.js'
2014-01-07 12:52:02,924 DEBUG [FilterChainProxy] - /resources/js/shortcut-Keys.js has an empty filter list
2014-01-07 12:52:02,924 DEBUG [FilterChainProxy] - /resources/js/validation.js has an empty filter list
2014-01-07 12:52:02,924 DEBUG [FilterChainProxy] - /resources/js/common.js has an empty filter list
2014-01-07 12:52:02,924 DEBUG [FilterChainProxy] - /resources/js/constants.js has an empty filter list
2014-01-07 12:52:02,924 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/pages/login.js'; against '/**/*.css'
2014-01-07 12:52:02,924 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/js/pages/login.js'; against '/**/*.js'
2014-01-07 12:52:02,924 DEBUG [FilterChainProxy] - /resources/js/pages/login.js has an empty filter list
2014-01-07 12:52:02,940 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/css/yaml/yaml/core/js/yaml-focusfix.js'; against '/**/*.css'
2014-01-07 12:52:02,940 DEBUG [AntPathRequestMatcher] - Checking match of request : '/resources/css/yaml/yaml/core/js/yaml-focusfix.js'; against '/**/*.js'
2014-01-07 12:52:02,940 DEBUG [FilterChainProxy] - /resources/css/yaml/yaml/core/js/yaml-focusfix.js has an empty filter list
谢谢。给了这个尝试,但它没有奏效。 – Richie
您是否确实验证过文件无法访问?没有任何证据表明事实如此。日志文件显示上述配置*为*工作 - 资源有一个空的过滤器链。尝试在浏览器中输入资源文件的URL并查看文件是否加载。描述会发生什么。 –