>

spring-security-4.2.6v를 사용하고 있습니다.

내가 직면 한 문제는 로그인 페이지로 이동하여 유효한 자격 증명을 입력하고 제출하면 서버가 404 오류 및 경고 메시지를 반환한다는 것입니다.

WARN  [PageNotFound] No mapping found for HTTP request with URI [/cilcache/j_spring_security_check] in DispatcherServlet with name 'DispatcherServlet'

아래에서 내 구성 파일과 코드를 볼 수 있습니다.

spring-security-config.xml

<beans:beans xmlns="http://www.springframework.org/schema/security"
             xmlns:beans="http://www.springframework.org/schema/beans"
             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans.xsd
    http://www.springframework.org/schema/security
    http://www.springframework.org/schema/security/spring-security.xsd">
    <http auto-config="true">
        <intercept-url pattern="/admin**" access="ROLE_USER" />
        <form-login
                login-page="/login"
                default-target-url="/admin"
                login-processing-url="/j_spring_security_check"
                authentication-failure-url="/login?login_error=1"
                username-parameter="username"
                password-parameter="password" />
        <logout logout-success-url="/login?logout" />
        <csrf disabled="true" />
        <port-mappings>
            <port-mapping http="#{configurationService.configuration.getProperty('tomcat.http.port')}"
                          https="#{configurationService.configuration.getProperty('tomcat.ssl.port')}"/>
            <port-mapping http="80" https="443"/>
        </port-mappings>
    </http>
    <authentication-manager>
        <authentication-provider>
            <user-service>
                <user name=“admin” password=“example” authorities="ROLE_USER" />
            </user-service>
        </authentication-provider>
    </authentication-manager>
</beans:beans>

spring-mvc-config.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:mvc="http://www.springframework.org/schema/mvc"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:context="http://www.springframework.org/schema/context"
       xsi:schemaLocation="http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
        http://www.springframework.org/schema/context
        http://www.springframework.org/schema/context/spring-context-3.1.xsd
        http://www.springframework.org/schema/mvc
        http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd">
    <context:component-scan base-package="com.mycompany" scope-resolver="de.mycompany.platform.spring.IgnoreTenantScopeMetadataResolver"  />
    <mvc:annotation-driven/>
    <bean id="annotationHandler" class="org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping">
        <property name="order" value="0"/>
    </bean>
    <bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
        <property name="order" value="1"/>
        <property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/>
        <property name="prefix" value="/WEB-INF/views/"/>
        <property name="suffix" value=".jsp"/>
        <property name="redirectHttp10Compatible" value="false"/>
    </bean>
    <bean id="messageSource" class="org.springframework.context.support.ReloadableResourceBundleMessageSource">
        <property name="basenames">
            <list>
                <value>/WEB-INF/localization/messages</value>
            </list>
        </property>
        <property name="defaultEncoding" value="UTF-8"/>
    </bean>
    <bean id="localeResolver" class="org.springframework.web.servlet.i18n.SessionLocaleResolver">
        <property name="defaultLocale" value="en"/>
    </bean>
    <bean id="cacheWebService" class="com.mycompany.cacheweb.service.CacheWebService" factory-method="getInstance"/>
</beans>

web-spring.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:aop="http://www.springframework.org/schema/aop"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
           http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
           http://www.springframework.org/schema/aop
           http://www.springframework.org/schema/aop/spring-aop-3.1.xsd">
    <bean id="cachewebPlatformFilterChain" class="de.mycompany.platform.servicelayer.web.PlatformFilterChain">
        <constructor-arg>
            <list>
                <ref bean="log4jFilter"/>
                <ref bean="dynamicTenantActivationFilter"/>
                <ref bean="sessionFilter"/>
                <ref bean="cachewebSecureMediaFilter"/>             
            </list>
        </constructor-arg>
    </bean>
   <bean id="cachewebSecureMediaFilter" class="de.mycompany.platform.servicelayer.web.SecureMediaFilter">
       <property name="mediaPermissionService" ref="mediaPermissionService"/>
       <property name="modelService" ref="modelService"/>
       <property name="userService" ref="userService"/>
       <property name="mediaService" ref="mediaService"/>
     </bean>
    <import resource="config/spring-security-config.xml"/>
    <import resource="config/spring-mvc-config.xml"/>
</beans>

web.xml

<?xml version="1.0" encoding="iso-8859-1"?>
<web-app id="cilcache" version="3.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" 
         metadata-complete="true">
  <absolute-ordering />
    <display-name>cilcache</display-name>
    <welcome-file-list>
        <welcome-file>index.jsp</welcome-file>
    </welcome-file-list>
    <login-config>
        <auth-method>BASIC</auth-method>
    </login-config>
    <filter>
        <filter-name>XSSFilter</filter-name>
        <filter-class>de.mycompany.platform.servicelayer.web.XSSFilter</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>XSSFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
    <filter>
    <filter-name>characterEncodingFilter</filter-name>
        <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
        <init-param>
            <param-name>encoding</param-name>
            <param-value>UTF-8</param-value>
        </init-param>
        <init-param>
            <param-name>forceEncoding</param-name>
            <param-value>true</param-value>
        </init-param>
    </filter>
    <filter>
        <description>
            ResourceFilter
            Filter used to server file resources by bypassing the other filters.
        </description>
        <filter-name>resourceFilter</filter-name>
        <filter-class>com.mycompany.web.filters.StaticResourceFilter</filter-class>
    </filter>
<!--
    Enabling Spring managed Delegating Filter Proxy for mycompany Filter Stack.
-->
    <filter>
        <filter-name>cachewebPlatformFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>characterEncodingFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
    <filter-mapping>
        <filter-name>resourceFilter</filter-name>
        <url-pattern>/_ui/*</url-pattern>
    </filter-mapping>
    <filter-mapping>
        <filter-name>cachewebPlatformFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>   
<!--
    Enabling a Spring web application context with 'session' and 'request' scope.
    - The 'contextConfigLocation' param specifies where your configuration files are located.
    - The mycompanyContextLoaderListener extends the usual SpringContextLoaderListener (which loads
      the context from specified location) by adding the global application context of
      the platform as parent context. 
    - The RequestContextListener is needed for exposing the 'request' scope to the context.
      Furthermore it is needed when overriding the 'jalosession' bean for your web application.
 -->
    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>WEB-INF/cacheweb-web-spring.xml</param-value>
    </context-param>
    <listener>
        <listener-class>de.mycompany.platform.spring.mycompanyContextLoaderListener</listener-class>
    </listener>
    <listener>
        <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
    </listener>
    <!-- Servlets -->
    <servlet>
        <description>
            DispatcherServlet
            Spring MVC dispatcher servlet. This is the entry point for the Spring MVC application.
        </description>
        <servlet-name>DispatcherServlet</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <description>
                Specifies the location for Spring MVC to load an additional XML configuration file.
                We will be using the application context so we must set this param value to EMPTY in
                order to prevent loading of the default /WEB-INF/applicationContext.xml file.
            </description>
            <param-name>contextConfigLocation</param-name>
            <param-value></param-value>
        </init-param>
        <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>DispatcherServlet</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>
    <!-- JSP Configuration -->
    <jsp-config>
        <jsp-property-group>
            <url-pattern>*.jsp</url-pattern>
            <!-- Disable JSP scriptlets and expressions -->
            <scripting-invalid>true</scripting-invalid>
            <!-- Remove additional whitespace due to JSP directives -->
            <trim-directive-whitespaces>true</trim-directive-whitespaces>
        </jsp-property-group>
    </jsp-config>

</web-app>

컨트롤러 :

package com.mycompany.web.controllers;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;
@Controller
public class HelloController {
    @RequestMapping(value = "/admin**", method = RequestMethod.GET)
    public ModelAndView adminPage() {
        ModelAndView model = new ModelAndView();
        model.addObject("title", "Spring Security Custom Login Form");
        model.addObject("message", "This is protected page!");
        model.setViewName("admin");
        return model;
    }
    @RequestMapping(value = "/login", method = RequestMethod.GET)
    public ModelAndView login(
            @RequestParam(value = "error", required = false) String error,
            @RequestParam(value = "logout", required = false) String logout) {
        ModelAndView model = new ModelAndView();
        if (error != null) {
            model.addObject("error", "Invalid username and password!");
        }
        if (logout != null) {
            model.addObject("msg", "You've been logged out successfully.");
        }
        model.setViewName("login");
        return model;
    }
}

Login.jsp :

<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<html>
    <head>
        <title>Login Page</title>
        <style>
            .error {
                padding: 15px;
                margin-bottom: 20px;
                border: 1px solid transparent;
                border-radius: 4px;
                color: #a94442;
                background-color: #f2dede;
                border-color: #ebccd1;
            }
            .msg {
                padding: 15px;
                margin-bottom: 20px;
                border: 1px solid transparent;
                border-radius: 4px;
                color: #31708f;
                background-color: #d9edf7;
                border-color: #bce8f1;
            }
            #login-box {
                width: 300px;
                padding: 20px;
                margin: 100px auto;
                background: #fff;
                -webkit-border-radius: 2px;
                -moz-border-radius: 2px;
                border: 1px solid #000;
            }
        </style>
    </head>
    <body onload='document.loginForm.username.focus();'>
        <h1>Spring Security Custom Login Form (XML)</h1>
        <div id="login-box">
            <h2>Login</h2>
            <c:if test="${not empty error}">
                <div class="error">${error}</div>
            </c:if>
            <c:if test="${not empty msg}">
                <div class="msg">${msg}</div>
            </c:if>
            <c:url value='/j_spring_security_check' var="loginURL" />
            <form name='loginForm' action="${loginURL}" method='POST'>
                <table>
                    <tr>
                        <td>Username:</td>
                        <td><input type='text' name='username' value=''></td>
                    </tr>
                    <tr>
                        <td>Password:</td>
                        <td><input type='password' name='password' /></td>
                    </tr>
                    <tr>
                        <td colspan='2'>
                            <input name="submit" type="submit" value="submit" />
                            <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
                        </td>
                    </tr>
                </table>
            </form>
        </div>
    </body>
</html>

admin.jsp :

<%@taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@page session="true"%>
<html>
    <body>
        <h1>Title : ${title}</h1>
        <h1>Message : ${message}</h1>
        <c:url value="/j_spring_security_logout" var="logoutUrl" />
        <!-- csrt for log out-->
        <form action="${logoutUrl}" method="post" id="logoutForm">
            <input type="hidden"
                   name="${_csrf.parameterName}"
                   value="${_csrf.token}" />
        </form>
        <script>
            function formSubmit() {
                document.getElementById("logoutForm").submit();
            }
        </script>
        <c:if test="${pageContext.request.userPrincipal.name != null}">
            <h2>
                Welcome : ${pageContext.request.userPrincipal.name} | <a
                    href="javascript:formSubmit()"> Logout</a>
            </h2>
        </c:if>
    </body>
</html>


  • 답변 # 1

    M.Deinum이 의견에서 언급했듯이 web.xml에 구성을 추가하지 못했습니다.

       <filter>
            <filter-name>springSecurityFilterChain</filter-name>
            <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
        </filter>
        <filter-mapping><filter-name>springSecurityFilterChain</filter-name><url-pattern>/j_spring_security_check</url-pattern></filter-mapping>
        <filter-mapping><filter-name>springSecurityFilterChain</filter-name><url-pattern>*.jsp</url-pattern></filter-mapping>
    
    

  • 답변 # 2

    자세한 질문에 감사드립니다. 와이즈 비즈  더 이상 사용되지 않으며 j_spring_security_check 로 대체되었습니다.

    예를 들어 JSP는

    /login
    
    

    그러나 대신해야합니다

    <c:url value="/j_spring_security_logout" var="logoutUrl" />
    
    

    참조 : https://docs.spring.io/spring-security/site/migrate/current/3-to-4/html5/migrate-3-to-4-xml.html#m3to4-xmlnamespace-form -로그인

    <c:url value="/login" var="logoutUrl" />

관련 자료

  • 이전 ios - 스토리 보드를 사용하여 전체 화면이 아닌 UITableView를 만들 수 있습니까?
  • 다음 java - Sonar-Use-with-resources 또는 "finally"절 java8 stream에서이 "Stream"을 닫으십시오