Spring安全性:本地主页无法工作

Question

web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">

    <!-- The definition of the Root Spring Container shared by all Servlets and Filters -->
    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>
            /WEB-INF/spring/root-context.xml
            /WEB-INF/spring/security-context.xml
        </param-value>
    </context-param>

    <!-- Creates the Spring Container shared by all Servlets and Filters -->
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>

    <!-- Processes application requests -->
    <servlet>
        <servlet-name>appServlet</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>/WEB-INF/spring/appServlet/servlet-context.xml</param-value>
        </init-param>
        <load-on-startup>1</load-on-startup>
    </servlet>

    <servlet-mapping>
        <servlet-name>appServlet</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

<!-- security config  -->
    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
</web-app>

security-context.xml

1. http://www.springframework.org/schema/beans/spring-beans.xsd [http://www.springframework.org/schema/security](http://www.springframework.org/schema/security) [http://www.springframework.org/schema/security/spring-security-4.0.xsd](http://www.springframework.org/schema/security/spring-security-4.0.xsd)"> ”/>：http><安全:用户服务><安全性:用户name="spider“password="peter”authorities="ROLE_USER"/> <安全:用户name="thor“password="thor”authorities="ROLE_USER"/>

login.jsp

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
    pageEncoding="ISO-8859-1"%>
<%@ taglib uri="http://www.springframework.org/security/tags" prefix="sec" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>login</title>
</head>
<body>
    <form method="POST">
        Name:<input type="text" name="uname"><br>
        Pass:<input type="password" name="pass"><br>
        <sec:csrfInput/>
        <input type="submit" value="Login">
    </form>
</body>
</html>

HomeController.java

@Controller
public class HomeController {

    private static final Logger logger = LoggerFactory.getLogger(HomeController.class);

    /**
     * Simply selects the home view to render by returning its name.
     */
    @RequestMapping(value = "/home", method = RequestMethod.GET)
    public String home(Locale locale, Model model) {
        logger.info("Welcome home! The client locale is {}.", locale);

        Date date = new Date();
        DateFormat dateFormat = DateFormat.getDateTimeInstance(DateFormat.LONG, DateFormat.LONG, locale);

        String formattedDate = dateFormat.format(date);

        model.addAttribute("serverTime", formattedDate );

        return "home";
    }

    @RequestMapping(value="/login",method=RequestMethod.GET)
    public String goLogin(){
        return "login";
    }

}

**> **url是“localhost:8080/控制器/登录”*

和我得到的localhost页面无法工作，localhost重定向了您太多次。ERR_TOO_MANY_REDIRECTS

Answer 1

ERR_TOO_MANY_REDIRECTS是一个迹象，表明您有一个重定向循环。在您的例子中，您尝试访问登录页面，但是<security:intercept-url pattern="/**" access="ROLE_USER"/>声明您需要被记录为每个USER的USER。Spring安全性然后尝试转发到登录URL，这将触发另一个重定向。

要解决问题，您需要为/login URL定义一个安全豁免，允许匿名用户查看登录页面。

祝好运,

问候丹尼尔