Moinsn,
ich bin neu im Umgang mit Spring und hoffe ihr seit nachsichtig.
Ich habe Spring Security in meine App eingehangen und würde nun gern einige URLs davon ausschließen.
Leider wird beim Aufruf der ausgeschlossenen URLs noch immer die Standart Spring Security Login Page angezeigt.
Ich befürche dass mein Spring Security in einem anderen Context läuft und darum auch das URL Mapping auf /pages/ nicht hin haut.
Ich bin in der Verwendung derartiger Frameworks noch sehr unsicher und befürchte schon an anderen Stellen Mist gemacht zu haben. Darum unten die web.xml und meine Spring JavaConfig.
DANKE
[XML] <http use-expressions="true">
<intercept-url pattern="/**" access="isAuthenticated()" /> <!-- this means all URL in this app will be checked if user is authenticated -->
<intercept-url pattern="/index*" access="permitAll" />
<intercept-url pattern="/resources*" access="permitAll" />
<intercept-url pattern="/login*" access="permitAll" />
<intercept-url pattern="/trip/search*" access="permitAll" />
<form-login /> <!-- We will just use the built-in form login page in Spring -->
<logout logout-url="/logout" logout-success-url="/trip/search" /> <!-- the logout url we will use in JSP -->
</http>[/XML]
[XML]
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring-security.xml
</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextClass</param-name>
<param-value>
org.springframework.web.context.support.AnnotationConfigWebApplicationContext
</param-value>
</init-param>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>
de.wiegand.mytransport.frontend.config.FrontendConfig
</param-value>
</init-param>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<listener>
<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<welcome-file-list>
<welcome-file>index.xhtml</welcome-file>
</welcome-file-list>
</web-app>
[/XML]
Spring Version:
3.1.4.RELEASE
+
[XML]
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>3.1.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>3.1.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>3.1.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>3.1.3.RELEASE</version>
</dependency>
[/XML]
ich bin neu im Umgang mit Spring und hoffe ihr seit nachsichtig.
Ich habe Spring Security in meine App eingehangen und würde nun gern einige URLs davon ausschließen.
Leider wird beim Aufruf der ausgeschlossenen URLs noch immer die Standart Spring Security Login Page angezeigt.
Ich befürche dass mein Spring Security in einem anderen Context läuft und darum auch das URL Mapping auf /pages/ nicht hin haut.
Ich bin in der Verwendung derartiger Frameworks noch sehr unsicher und befürchte schon an anderen Stellen Mist gemacht zu haben. Darum unten die web.xml und meine Spring JavaConfig.
DANKE
[XML] <http use-expressions="true">
<intercept-url pattern="/**" access="isAuthenticated()" /> <!-- this means all URL in this app will be checked if user is authenticated -->
<intercept-url pattern="/index*" access="permitAll" />
<intercept-url pattern="/resources*" access="permitAll" />
<intercept-url pattern="/login*" access="permitAll" />
<intercept-url pattern="/trip/search*" access="permitAll" />
<form-login /> <!-- We will just use the built-in form login page in Spring -->
<logout logout-url="/logout" logout-success-url="/trip/search" /> <!-- the logout url we will use in JSP -->
</http>[/XML]
[XML]
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring-security.xml
</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextClass</param-name>
<param-value>
org.springframework.web.context.support.AnnotationConfigWebApplicationContext
</param-value>
</init-param>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>
de.wiegand.mytransport.frontend.config.FrontendConfig
</param-value>
</init-param>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<listener>
<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<welcome-file-list>
<welcome-file>index.xhtml</welcome-file>
</welcome-file-list>
</web-app>
[/XML]
Java:
@Import({ StackEnvironment.class })
@EnableWebMvc
@ComponentScan({ "de.wiegand" })
@EnableTransactionManagement
@EnableAspectJAutoProxy
@Configuration
public class FrontendConfig extends WebMvcConfigurerAdapter {
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
// 2DO: FALSCH ??????
registry.addResourceHandler("/assets/**")
.addResourceLocations("classpath:/META-INF/resources/webjars/")
.setCachePeriod(31556926);
registry.addResourceHandler("/css/**").addResourceLocations("/css/")
.setCachePeriod(31556926);
registry.addResourceHandler("/img/**").addResourceLocations("/img/")
.setCachePeriod(31556926);
registry.addResourceHandler("/js/**").addResourceLocations("/js/")
.setCachePeriod(31556926);
}
@Override
public void configureDefaultServletHandling(
DefaultServletHandlerConfigurer configurer) {
configurer.enable();
}
@Bean
public InternalResourceViewResolver getInternalResourceViewResolver() {
InternalResourceViewResolver resolver = new InternalResourceViewResolver();
resolver.setPrefix("/pages/"); //
resolver.setSuffix(".xhtml");
return resolver;
}
}
Spring Version:
3.1.4.RELEASE
+
[XML]
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>3.1.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>3.1.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>3.1.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>3.1.3.RELEASE</version>
</dependency>
[/XML]