1. 首页
  2. 问答
  3. 春季安全不拦截URL在配置了IIS的Tomcat中ISAPI

春季安全不拦截URL在配置了IIS的Tomcat中ISAPI

2016-07-06 48 views
0

我是Spring安全新手,尝试将其与现有应用程序集成。这个遗留应用程序部署在IIS后面的tomcat 7服务器中。 ISAPI过滤器用于向这个tomcat实例发送请求。由于我早期尝试将Spring安全性集成到这个遗留应用程序并不成功,我将一个运行的Spring安全应用程序(测试过的)样本复制到了tomcat实例,并完全删除了遗留应用程序。令我惊讶的是它仍然无法拦截安全的网址。 (但是当我使用maven tomcat插件运行时,这个示例应用程序运行正常。),所以我想知道为什么我的应用程序不能在配置了ISAPI和IIS的tomcat实例中工作。春季安全不拦截URL在配置了IIS的Tomcat中ISAPI

我已经向url工作人员地图添加了前进的url模式,并且我可以成功地通过安全控制器进行身份验证。

请找我的tomcat日志

Jul 06, 2016 11:32:13 PM org.apache.catalina.startup.ClassLoaderFactory validateFile 
WARNING: Problem with directory [C:\Server_APP_Location\XYZ_APP\Tomcat\7.0.30\shared\classes], exists: [false], isDirectory: [false], canRead: [false] 
Jul 06, 2016 11:32:14 PM org.apache.catalina.startup.SetAllPropertiesRule begin 
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'minProcessors' to '5' did not find a matching property. 
Jul 06, 2016 11:32:14 PM org.apache.catalina.startup.SetAllPropertiesRule begin 
WARNING: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'maxProcessors' to '300' did not find a matching property. 
Jul 06, 2016 11:32:14 PM org.apache.tomcat.util.digester.Digester endElement 
WARNING: No rules found matching 'Server/Service/Engine/Logger'. 
Jul 06, 2016 11:32:14 PM org.apache.tomcat.util.digester.SetPropertiesRule begin 
WARNING: [SetPropertiesRule]{Server/Service/Engine/Host} Setting property 'xmlValidation' to 'false' did not find a matching property. 
Jul 06, 2016 11:32:14 PM org.apache.tomcat.util.digester.SetPropertiesRule begin 
WARNING: [SetPropertiesRule]{Server/Service/Engine/Host} Setting property 'xmlNamespaceAware' to 'false' did not find a matching property. 
Jul 06, 2016 11:32:14 PM org.apache.tomcat.util.digester.Digester endElement 
WARNING: No rules found matching 'Server/Service/Engine/Host/Logger'. 
Jul 06, 2016 11:32:14 PM org.apache.tomcat.util.digester.Digester endElement 
WARNING: No rules found matching 'Server/Service/Engine/Host/Context/Logger'. 
Jul 06, 2016 11:32:14 PM org.apache.coyote.AbstractProtocol init 
INFO: Initializing ProtocolHandler ["ajp-bio-8009"] 
Jul 06, 2016 11:32:14 PM org.apache.catalina.startup.Catalina load 
INFO: Initialization processed in 575 ms 
Jul 06, 2016 11:32:14 PM org.apache.catalina.core.StandardService startInternal 
INFO: Starting service Catalina 
Jul 06, 2016 11:32:14 PM org.apache.catalina.core.StandardEngine startInternal 
INFO: Starting Servlet Engine: Apache Tomcat/7.0.30 
Jul 06, 2016 11:32:15 PM org.apache.catalina.util.SessionIdGenerator createSecureRandom 
INFO: Creation of SecureRandom instance for session ID generation using [SHA1PRNG] took [158] milliseconds. 
Jul 06, 2016 11:32:15 PM org.apache.catalina.core.StandardContext resourcesStart 
SEVERE: Error starting static Resources 

Jul 06, 2016 11:32:15 PM org.apache.catalina.core.StandardContext startInternal 
SEVERE: Error in resourceStart() 
Jul 06, 2016 11:32:15 PM org.apache.catalina.core.StandardContext startInternal 
SEVERE: Error getConfigured 
Jul 06, 2016 11:32:15 PM org.apache.catalina.core.StandardContext startInternal 

Jul 06, 2016 11:32:15 PM org.apache.catalina.startup.HostConfig deployDirectory 
INFO: Deploying web application directory C:\Server_APP_Location\XYZ_APP\Tomcat\7.0.30\webapps\someWebApplication 
Jul 06, 2016 11:32:16 PM org.apache.catalina.core.ApplicationContext log 
INFO: No Spring WebApplicationInitializer types detected on classpath 
Jul 06, 2016 11:32:16 PM org.apache.catalina.core.ApplicationContext log 
INFO: Initializing Spring root WebApplicationContext 
    INFO ContextLoader:273 - Root WebApplicationContext: initialization started 
    INFO XmlWebApplicationContext:510 - Refreshing Root WebApplicationContext: startup date [Wed  Jul 06 23:32:16 AEST 2016]; root of context hierarchy 

    INFO XmlBeanDefinitionReader:315 - Loading XML bean definitions from URL [file:/C:/Server_APP_Location/XYZ_APP/Tomcat/7.0.30/webapps/someWebApplication/WEB-INF/classes/application-context.xml] 
DEBUG DefaultDocumentLoader:72 - Using JAXP provider [com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderFactoryImpl] 
DEBUG PluggableSchemaResolver:140 - Loading schema mappings from [META-INF/spring.schemas] 
DEBUG PluggableSchemaResolver:118 - Found XML schema [http://www.springframework.org/schema/security/spring-security-3.2.xsd] in classpath: org/springframework/security/config/spring-security-3.2.xsd 

DEBUG BeanUtils:443 - No property editor [org.springframework.web.context.request.WebRequestInterceptorEditor] found for type org.springframework.web.context.request.WebRequestInterceptor according to 'Editor' suffix convention 
DEBUG DLBF:509 - Eagerly caching bean 'org.springframework.web.servlet.handler.MappedInterceptor#0' to allow for resolving potential circular references 
DEBUG DLBF:463 - Finished creating instance of bean 'org.springframework.web.servlet.handler.MappedInterceptor#0' 
DEBUG DLBF:1531 - Invoking afterPropertiesSet() on bean with name 'org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping#0' 
DEBUG RequestMappingHandlerMapping:105 - Looking for request mappings in application context: Root WebApplicationContext: startup date [Wed  Jul 06 23:32:16 AEST 2016]; root of context hierarchy 
    INFO RequestMappingHandlerMapping:185 - Mapped "{[/api/json/{id}],methods=[GET],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public rest.demo.JsonRestObject rest.demo.RestController.getJsonRestObject(java.lang.Integer) 
    INFO RequestMappingHandlerMapping:185 - Mapped "{[/apiv2/json/{id}],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public rest.demo.JsonRestObject rest.demo.RestController2.getJsonResponse(java.lang.Integer) 
DEBUG DLBF:463 - Finished creating instance of bean 'org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping#0' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'org.springframework.format.support.FormattingConversionServiceFactoryBean#0' 

DEBUG BNUHM:86 - Rejected bean name 'org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'org.springframework.security.filterChains': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'org.springframework.security.filterChainProxy': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'org.springframework.security.web.PortMapperImpl#0': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'org.springframework.security.web.PortResolverImpl#0': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'org.springframework.security.authentication.ProviderManager#0': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'org.springframework.security.web.context.NullSecurityContextRepository#0': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'org.springframework.security.web.savedrequest.NullRequestCache#0': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'org.springframework.security.access.vote.AffirmativeBased#0': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator#0': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'org.springframework.security.authentication.AnonymousAuthenticationProvider#0': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'org.springframework.security.userDetailsServiceFactory': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'org.springframework.security.web.DefaultSecurityFilterChain#0': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'authenticationEntryPoint': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'customRestFilter': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'org.springframework.security.authentication.DefaultAuthenticationEventPublisher#0': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'org.springframework.security.authenticationManager': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'restAuthenticationProvider': no URL paths identified 
DEBUG BNUHM:86 - Rejected bean name 'org.springframework.context.annotation.ConfigurationClassPostProcessor.importAwareProcessor': no URL paths identified 

DEBUG DLBF:509 - Eagerly caching bean 'org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter' to allow for resolving potential circular references 
DEBUG DLBF:463 - Finished creating instance of bean 'org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter' 
DEBUG DLBF:215 - Creating shared instance of singleton bean 'org.springframework.security.filterChains' 
DEBUG DLBF:435 - Creating instance of bean 'org.springframework.security.filterChains' 

DEBUG DLBF:215 - Creating shared instance of singleton bean 'org.springframework.security.web.DefaultSecurityFilterChain#0' 
DEBUG DLBF:435 - Creating instance of bean 'org.springframework.security.web.DefaultSecurityFilterChain#0' 

DEBUG DLBF:215 - Creating shared instance of singleton bean 'org.springframework.security.web.context.NullSecurityContextRepository#0' 
DEBUG DLBF:435 - Creating instance of bean 'org.springframework.security.web.context.NullSecurityContextRepository#0' 
DEBUG DLBF:509 - Eagerly caching bean 'org.springframework.security.web.context.NullSecurityContextRepository#0' to allow for resolving potential circular references 
DEBUG DLBF:463 - Finished creating instance of bean 'org.springframework.security.web.context.NullSecurityContextRepository#0' 
DEBUG StandardServletEnvironment:112 - Initializing new StandardServletEnvironment 

DEBUG DLBF:215 - Creating shared instance of singleton bean 'customRestFilter' 
DEBUG DLBF:435 - Creating instance of bean 'customRestFilter' 
DEBUG DLBF:215 - Creating shared instance of singleton bean 'org.springframework.security.authenticationManager' 
DEBUG DLBF:435 - Creating instance of bean 'org.springframework.security.authenticationManager' 
DEBUG DLBF:215 - Creating shared instance of singleton bean 'restAuthenticationProvider' 

DEBUG DLBF:509 - Eagerly caching bean 'org.springframework.security.authenticationManager' to allow for resolving potential circular references 
DEBUG DLBF:215 - Creating shared instance of singleton bean 'org.springframework.security.authentication.DefaultAuthenticationEventPublisher#0' 
DEBUG DLBF:435 - Creating instance of bean 'org.springframework.security.authentication.DefaultAuthenticationEventPublisher#0' 
DEBUG DLBF:509 - Eagerly caching bean 'org.springframework.security.authentication.DefaultAuthenticationEventPublisher#0' to allow for resolving potential circular references 
DEBUG DLBF:463 - Finished creating instance of bean 'org.springframework.security.authentication.DefaultAuthenticationEventPublisher#0' 
DEBUG DLBF:1531 - Invoking afterPropertiesSet() on bean with name 'org.springframework.security.authenticationManager' 
DEBUG DLBF:463 - Finished creating instance of bean 'org.springframework.security.authenticationManager' 

DEBUG StandardServletEnvironment:116 - Initialized StandardServletEnvironment with PropertySources [servletConfigInitParams,servletContextInitParams,jndiProperties,systemProperties,systemEnvironment] 
DEBUG DLBF:215 - Creating shared instance of singleton bean 'org.springframework.security.authentication.ProviderManager#0' 
DEBUG DLBF:435 - Creating instance of bean 'org.springframework.security.authentication.ProviderManager#0' 
DEBUG DLBF:215 - Creating shared instance of singleton bean 'org.springframework.security.authentication.AnonymousAuthenticationProvider#0' 
DEBUG DLBF:435 - Creating instance of bean 'org.springframework.security.authentication.AnonymousAuthenticationProvider#0' 
DEBUG DLBF:509 - Eagerly caching bean 'org.springframework.security.authentication.AnonymousAuthenticationProvider#0' to allow for resolving potential circular references 
DEBUG DLBF:1531 - Invoking afterPropertiesSet() on bean with name 'org.springframework.security.authentication.AnonymousAuthenticationProvider#0' 
DEBUG DLBF:463 - Finished creating instance of bean 'org.springframework.security.authentication.AnonymousAuthenticationProvider#0' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'org.springframework.security.authenticationManager' 
DEBUG DLBF:509 - Eagerly caching bean 'org.springframework.security.authentication.ProviderManager#0' to allow for resolving potential circular references 
DEBUG DLBF:435 - Creating instance of bean '(inner bean)#19' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'org.springframework.security.authenticationManager' 
DEBUG DLBF:1531 - Invoking afterPropertiesSet() on bean with name '(inner bean)#19' 
DEBUG DLBF:463 - Finished creating instance of bean '(inner bean)#19' 
DEBUG DLBF:1531 - Invoking afterPropertiesSet() on bean with name 'org.springframework.security.authentication.ProviderManager#0' 
DEBUG DLBF:463 - Finished creating instance of bean 'org.springframework.security.authentication.ProviderManager#0' 
DEBUG DLBF:215 - Creating shared instance of singleton bean 'authenticationEntryPoint' 

DEBUG DLBF:215 - Creating shared instance of singleton bean 'org.springframework.security.web.savedrequest.NullRequestCache#0' 
DEBUG DLBF:435 - Creating instance of bean 'org.springframework.security.web.savedrequest.NullRequestCache#0' 
DEBUG DLBF:509 - Eagerly caching bean 'org.springframework.security.web.savedrequest.NullRequestCache#0' to allow for resolving potential circular references 
DEBUG DLBF:463 - Finished creating instance of bean 'org.springframework.security.web.savedrequest.NullRequestCache#0' 

DEBUG DLBF:463 - Finished creating instance of bean '(inner bean)#21' 
DEBUG DLBF:215 - Creating shared instance of singleton bean 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0' 
DEBUG DLBF:435 - Creating instance of bean 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0' 
DEBUG DLBF:509 - Eagerly caching bean 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0' to allow for resolving potential circular references 
DEBUG DLBF:215 - Creating shared instance of singleton bean 'org.springframework.security.access.vote.AffirmativeBased#0' 
DEBUG DLBF:435 - Creating instance of bean 'org.springframework.security.access.vote.AffirmativeBased#0' 
DEBUG DLBF:435 - Creating instance of bean '(inner bean)#22' 
DEBUG DLBF:463 - Finished creating instance of bean '(inner bean)#22' 
DEBUG DLBF:435 - Creating instance of bean '(inner bean)#23' 
DEBUG DLBF:463 - Finished creating instance of bean '(inner bean)#23' 
DEBUG DLBF:509 - Eagerly caching bean 'org.springframework.security.access.vote.AffirmativeBased#0' to allow for resolving potential circular references 
DEBUG DLBF:1531 - Invoking afterPropertiesSet() on bean with name 'org.springframework.security.access.vote.AffirmativeBased#0' 
DEBUG DLBF:463 - Finished creating instance of bean 'org.springframework.security.access.vote.AffirmativeBased#0' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'org.springframework.security.authentication.ProviderManager#0' 

DEBUG DLBF:1531 - Invoking afterPropertiesSet() on bean with name 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0' 
DEBUG FilterSecurityInterceptor:159 - Validated configuration attributes 
DEBUG DLBF:463 - Finished creating instance of bean 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0' 

    INFO DefaultSecurityFilterChain:28 - Creating filter chain: [email protected]1, [org.spring[email protected]3ba71e33, org.springframework.secu[email protected]58afc4dd, [email protected], org.springframework.[email protected]3c7acd5c, org.springfram[email protected]22407209, org[email protected]34febe70, org.springfr[email protected]4088c63e] 
DEBUG DLBF:509 - Eagerly caching bean 'org.springframework.security.web.DefaultSecurityFilterChain#0' to allow for resolving potential circular references 
DEBUG DLBF:463 - Finished creating instance of bean 'org.springframework.security.web.DefaultSecurityFilterChain#0' 
DEBUG DLBF:1531 - Invoking afterPropertiesSet() on bean with name 'org.springframework.security.filterChains' 
DEBUG DLBF:463 - Finished creating instance of bean 'org.springframework.security.filterChains' 
DEBUG DLBF:215 - Creating shared instance of singleton bean 'org.springframework.security.filterChainProxy' 
DEBUG DLBF:435 - Creating instance of bean 'org.springframework.security.filterChainProxy' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'org.springframework.security.filterChains' 

DEBUG StandardEnvironment:116 - Initialized StandardEnvironment with PropertySources [systemProperties,systemEnvironment] 
DEBUG BeanUtils:443 - No property editor [org.springframework.security.web.SecurityFilterChainEditor] found for type org.springframework.security.web.SecurityFilterChain according to 'Editor' suffix convention 
DEBUG StandardServletEnvironment:116 - Initialized StandardServletEnvironment with PropertySources [servletConfigInitParams,servletContextInitParams,jndiProperties,systemProperties,systemEnvironment] 
DEBUG DLBF:509 - Eagerly caching bean 'org.springframework.security.filterChainProxy' to allow for resolving potential circular references 
DEBUG DLBF:435 - Creating instance of bean '(inner bean)#26' 
DEBUG DLBF:463 - Finished creating instance of bean '(inner bean)#26' 
DEBUG DLBF:1531 - Invoking afterPropertiesSet() on bean with name 'org.springframework.security.filterChainProxy' 
DEBUG DLBF:463 - Finished creating instance of bean 'org.springframework.security.filterChainProxy' 
DEBUG DLBF:215 - Creating shared instance of singleton bean 'org.springframework.security.web.PortMapperImpl#0' 
DEBUG DLBF:435 - Creating instance of bean 'org.springframework.security.web.PortMapperImpl#0' 
DEBUG DLBF:509 - Eagerly caching bean 'org.springframework.security.web.PortMapperImpl#0' to allow for resolving potential circular references 
DEBUG DLBF:463 - Finished creating instance of bean 'org.springframework.security.web.PortMapperImpl#0' 
DEBUG DLBF:215 - Creating shared instance of singleton bean 'org.springframework.security.web.PortResolverImpl#0' 
DEBUG DLBF:435 - Creating instance of bean 'org.springframework.security.web.PortResolverImpl#0' 
DEBUG DLBF:509 - Eagerly caching bean 'org.springframework.security.web.PortResolverImpl#0' to allow for resolving potential circular references 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'org.springframework.security.web.PortMapperImpl#0' 
DEBUG DLBF:463 - Finished creating instance of bean 'org.springframework.security.web.PortResolverImpl#0' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'org.springframework.security.authentication.ProviderManager#0' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'org.springframework.security.web.context.NullSecurityContextRepository#0' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'org.springframework.security.web.savedrequest.NullRequestCache#0' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'org.springframework.security.access.vote.AffirmativeBased#0' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0' 
DEBUG DLBF:215 - Creating shared instance of singleton bean 'org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator#0' 
DEBUG DLBF:435 - Creating instance of bean 'org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator#0' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor#0' 
DEBUG DLBF:509 - Eagerly caching bean 'org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator#0' to allow for resolving potential circular references 
DEBUG DLBF:463 - Finished creating instance of bean 'org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator#0' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'org.springframework.security.authentication.AnonymousAuthenticationProvider#0' 
DEBUG DLBF:215 - Creating shared instance of singleton bean 'org.springframework.security.userDetailsServiceFactory' 
DEBUG DLBF:435 - Creating instance of bean 'org.springframework.security.userDetailsServiceFactory' 
DEBUG DLBF:509 - Eagerly caching bean 'org.springframework.security.userDetailsServiceFactory' to allow for resolving potential circular references 
DEBUG DLBF:463 - Finished creating instance of bean 'org.springframework.security.userDetailsServiceFactory' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'org.springframework.security.web.DefaultSecurityFilterChain#0' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'authenticationEntryPoint' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'customRestFilter' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'org.springframework.security.authentication.DefaultAuthenticationEventPublisher#0' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'org.springframework.security.authenticationManager' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'restAuthenticationProvider' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'org.springframework.context.annotation.ConfigurationClassPostProcessor.importAwareProcessor' 
DEBUG XmlWebApplicationContext:858 - Unable to locate LifecycleProcessor with name 'lifecycleProcessor': using default [[email protected]6ecdb3] 

DEBUG ContextLoader:308 - Published root WebApplicationContext as ServletContext attribute with name [org.springframework.web.context.WebApplicationContext.ROOT] 
INFO ContextLoader:313 - Root WebApplicationContext: initialization completed in 2371 ms 
DEBUG StandardServletEnvironment:116 - Initialized StandardServletEnvironment with PropertySources [servletConfigInitParams,servletContextInitParams,jndiProperties,systemProperties,systemEnvironment] 
DEBUG DelegatingFilterProxy:172 - Initializing filter 'springSecurityFilterChain' 
DEBUG DLBF:246 - Returning cached instance of singleton bean 'org.springframework.security.filterChainProxy'

当我打了宁静的控制,我可以看到下面的日志,

DEBUG DispatcherServlet:823 - DispatcherServlet with name 'RestFulServlet' processing GET request for [/retail/online/api/json/1] 
DEBUG RequestMappingHandlerMapping:226 - Looking up handler method for path /api/json/1 
DEBUG RequestMappingHandlerMapping:233 - Returning handler method [public rest.demo.JsonRestObject rest.demo.RestController.getJsonRestObject(java.lang.Integer)] 
DEBUG DefaultListableBeanFactory:246 - Returning cached instance of singleton bean 'restController' 
DEBUG DispatcherServlet:912 - Last-Modified value for [/retail/online/api/json/1] is: -1 
DEBUG RequestResponseBodyMethodProcessor:150 - Written [[email protected]] as "application/json;charset=UTF-8" using [org.springf[email protected]6d4c031d] 
DEBUG DispatcherServlet:999 - Null ModelAndView returned to DispatcherServlet with name 'RestFulServlet': assuming HandlerAdapter completed request handling 
DEBUG DispatcherServlet:966 - Successfully completed request

的web.xml

<context-param> 
    <param-name>contextConfigLocation</param-name> 
    <param-value>classpath*:application-context.xml</param-value> 
</context-param> 
<listener> 
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> 
</listener> 
<filter> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> 
</filter> 
<filter-mapping> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <url-pattern>/*</url-pattern> 
</filter-mapping> 
<servlet> 
    <servlet-name>RestFulServlet</servlet-name> 
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> 
    <init-param> 
     <param-name>contextConfigLocation</param-name> 
     <param-value></param-value> 
    </init-param> 
    <load-on-startup>2</load-on-startup> 
</servlet> 
<servlet-mapping> 
    <servlet-name>RestFulServlet</servlet-name> 
    <url-pattern>/online/*</url-pattern> 
</servlet-mapping>

应用程序上下文

<context:component-scan base-package="rest.demo" /> 
<mvc:annotation-driven /> 
<security:http create-session="stateless" entry-point-ref="authenticationEntryPoint" authentication-manager-ref="authenticationManager"> 
    <security:custom-filter ref="customRestFilter" position="BASIC_AUTH_FILTER" /> 
    <security:intercept-url pattern="/**" access="ROLE_USER" /> 
</security:http> 
<bean id="authenticationEntryPoint" class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint"> 
    <property name="realmName" value="Username: jack Password: jill" /> 
</bean> 
<bean id="customRestFilter" class="rest.demo.CustomRestSecurityFilter"> 
    <constructor-arg name="authenticationManager" ref="authenticationManager" /> 
</bean> 
<security:authentication-manager alias="authenticationManager"> 
    <security:authentication-provider ref="restAuthenticationProvider" /> 
</security:authentication-manager> 
<bean id="restAuthenticationProvider" class="rest.demo.RestAuthenticationProvider" />

我正在运行spring security and framework version 3.2.2。

来源

2016-07-06 Upul Doluweera

回答

0

原因这个问题是由于这样的事实来tomcat的请求得到通过另一个Web应用程序,我想实现春季安全应用转移,如因此,所有如下

RequestDispatcher dispatcher = context.getRequestDispatcher(uri); 
dispatcher.forward(req, rsp);

我所要做的就是增加调度标志,以春季安全过滤

<filter-mapping> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <url-pattern>/*</url-pattern> 
    <dispatcher>FORWARD</dispatcher> 
    <dispatcher>REQUEST</dispatcher> 
    <dispatcher>INCLUDE</dispatcher> 
    <dispatcher>ERROR</dispatcher> 
</filter-mapping>

所以,如果你正面临类似的问题,确保要求的方式分发到您的应用程序。

来源

2016-07-07 03:04:15

相关问题

 相关问题