此bounty已结束。回答此问题可获得+50声望奖励。奖励宽限期将在15小时后结束。Christopher Chua希望引起更多人关注此问题。
我正在尝试将我的Spring Security版本升级到5.3.3.RELEASE。我能够构建和部署我的war文件,但在登录页面中输入凭据后,我的security_check_form页面找不到。以下是我在ApplicationContext-Security.xml文件中的代码。
<security:http use-expressions="true" entry-point-ref="AuthenticationEntryPoint" disable-url-rewriting="true">
<security:intercept-url pattern="/testing.jsp*" access="isAuthenticated()" />
<security:custom-filter position="CONCURRENT_SESSION_FILTER" ref="normalConcurrentSessionFilter"/>
<security:custom-filter position="FORM_LOGIN_FILTER" ref="ogaLoginFilter"/>
<security:intercept-url pattern="/testing/gwt-log" access="permitAll"/>
<security:intercept-url pattern="/images*" access="permitAll"/>
<security:intercept-url pattern="/css*" access="permitAll"/>
<security:intercept-url pattern="/login" access="permitAll"/>
<security:intercept-url pattern="/signin" access="permitAll"/>
<security:intercept-url pattern="/forgotPassword" access="permitAll"/>
<security:intercept-url pattern="/singlesignin" access="permitAll"/>
<security:session-management session-authentication-strategy-ref="sessionAuthenticationStrategy"/>
<security:logout invalidate-session="true"
success-handler-ref="normalLogoutSucessHandler" logout-url="logout"
delete-cookies="JSESSIONID" />
</security:http>
<bean id="normalConcurrentSessionFilter"
class="org.springframework.security.web.session.ConcurrentSessionFilter">
<constructor-arg name="sessionRegistry" ref="sessionRegistry" />
<constructor-arg name="sessionInformationExpiredStrategy" ref="sessionInformationExpiredStrategy"/>
</bean>
<bean id="sessionInformationExpiredStrategy"
class="org.springframework.security.web.session.SimpleRedirectSessionInformationExpiredStrategy">
<constructor-arg value="/cusLogin/signin.cl" />
</bean>
<bean id="ogaLoginFilter"
class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
<property name="sessionAuthenticationStrategy" ref="sessionAuthenticationStrategy" />
<property name="authenticationManager" ref="AuthenticationManager" />
<property name="authenticationSuccessHandler" ref="AuthenticationSuccessHandler"/>
<property name="authenticationFailureHandler" ref="AuthenticationFailureHandler"/>
<property name="filterProcessesUrl" value="/security_check_form"></property>
</bean>我尝试使用beans:property而不是property,但问题仍然存在
1条答案
按热度按时间olqngx591#
这个问题可能是由您的
ogaLoginFilterbean的filterProcessesUrl属性引起的。在Spring Security 5.x中,filterProcessesUrl的默认值是/login,但在您的配置中,您将其设置为/security_check_form。要解决此问题,您可以将
filterProcessesUrl值更改为/login,或者更新testing.jsp文件中登录表单的action属性以匹配filterProcessesUrl的当前值。例如,如果选择将filterProcessesUrl保留为/security_check_form,则应将testing.jsp中的登录表单更新为:如果这不能解决问题,您可能需要检查服务器日志,查看是否有任何错误消息提供了有关问题的详细信息。