Spring 5 MVC - InternalResourceViewResolver 和 Spring Security
Posted
技术标签:
【中文标题】Spring 5 MVC - InternalResourceViewResolver 和 Spring Security【英文标题】:Spring 5 MVC - InternalResourceViewResolver and Spring Security 【发布时间】:2018-05-02 16:53:13 【问题描述】:我正在学习 Spring,但我遇到了一些我无法解决的问题。我在 GlassFish 服务器上运行它。
我正在实现一个简单的 WebMvcConfigurer,它有一个 InternalResourceViewResolver,它看起来像这样:
@Configuration
@EnableWebMvc
public class WebMvcConfig implements WebMvcConfigurer
@Bean
public InternalResourceViewResolver resolver()
InternalResourceViewResolver resolver = new InternalResourceViewResolver();
resolver.setViewClass(JstlView.class);
resolver.setPrefix("/WEB-INF/views/");
resolver.setSuffix(".jsp");
return resolver;
@Bean
public MessageSource messageSource()
ResourceBundleMessageSource source = new ResourceBundleMessageSource();
source.setBasename("messages");
return source;
@Override
public Validator getValidator()
LocalValidatorFactoryBean validator = new LocalValidatorFactoryBean();
validator.setValidationMessageSource(messageSource());
return validator;
和我的控制器:
@WebServlet(value = "/")
@Controller
public class HomeController extends HttpServlet
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
request.getRequestDispatcher("index.jsp").forward(request,response);
我假设当我运行该应用程序时,它会打开 index.jsp 文件,但它没有打开,而是得到一个 404。当我将其更改为
request.getRequestDispatcher("/WEB-INF/views/index.jsp").forward(request,response);
它会打开它。
另外,我遵循Spring Security 上的文档并实现了简单的安全性。据我了解,每个请求都应该经过身份验证,并且应该将用户重定向到登录页面,但事实并非如此。
代码如下:
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter
@Bean
public UserDetailsService userDetailsService()
InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
manager.createUser(User.withUsername("user").password("user").roles("USER").build());
manager.createUser(User.withUsername("admin").password("admin").roles("USER", "ADMIN").build());
return manager;
protected void configure(HttpSecurity http) throws Exception
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.formLogin()
.and()
.httpBasic();
public class WebAppInitializer extends AbstractAnnotationConfigDispatcherServletInitializer
@Override
protected String[] getServletMappings()
return new String[]"/";
@Override
protected Class<?>[] getRootConfigClasses()
return new Class<?>[]ApplicationConfig.class, WebSecurityConfig.class;
@Override
protected Class<?>[] getServletConfigClasses()
return new Class[] WebMvcConfig.class ;
@Override
protected Filter[] getServletFilters()
CharacterEncodingFilter characterEncodingFilter = new CharacterEncodingFilter();
characterEncodingFilter.setEncoding("UTF-8");
characterEncodingFilter.setForceEncoding(true);
// you might want to add stuff to enable spring security
return new Filter[]characterEncodingFilter;
@Configuration
public class ApplicationConfig
@Bean
public static PropertySourcesPlaceholderConfigurer propertySourcesPlaceholderConfigurer()
return new PropertySourcesPlaceholderConfigurer();
我怀疑这些问题是相关的,但看不到我在这里遗漏了什么。当我如上所述更改控制器中的路径时,我不会被重定向到登录页面。
这里是 pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.vives</groupId>
<artifactId>spring-mvc-quickstart</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>war</packaging>
<name>spring-mvc-quickstart</name>
<properties>
<endorsed.dir>$project.build.directory/endorsed</endorsed.dir>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<java-version>1.8</java-version>
<!-- Override Spring version -->
<spring.version>5.0.0.RELEASE</spring.version>
<jackson.version>2.9.1</jackson.version>
<thymeleaf-extras-java8time-version>3.0.1.RELEASE</thymeleaf-extras-java8time-version>
<!-- AssertJ is not a part of Spring IO platform, so the version must be provided explicitly -->
<assertj-core-version>3.8.0</assertj-core-version>
</properties>
<dependencies>
<dependency>
<groupId>javax</groupId>
<artifactId>javaee-web-api</artifactId>
<version>7.0</version>
<scope>provided</scope>
</dependency>
<!-- Spring -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>5.0.1.RELEASE</version>
</dependency>
<!-- Security -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.3.RELEASE</version>
</dependency>
<dependency>
<groupId>jstl</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-orm</artifactId>
<version>5.0.1.RELEASE</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>2.9.2</version>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-entitymanager</artifactId>
<!-- Avoid issue #72 Could not initialize class org.thymeleaf.templateresolver.ServletContextTemplateResolver due to 'validation is not supported' -->
<exclusions>
<exclusion>
<artifactId>pull-parser</artifactId>
<groupId>pull-parser</groupId>
</exclusion>
</exclusions>
<version>5.2.9.Final</version>
</dependency>
</dependencies>
<repositories>
<repository>
<id>spring-release</id>
<name>Spring Release Repository</name>
<url>https://repo.spring.io/release</url>
</repository>
</repositories>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.1</version>
<configuration>
<source>1.7</source>
<target>1.7</target>
<compilerArguments>
<endorseddirs>$endorsed.dir</endorseddirs>
</compilerArguments>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>2.3</version>
<configuration>
<failOnMissingWebXml>false</failOnMissingWebXml>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>2.6</version>
<executions>
<execution>
<phase>validate</phase>
<goals>
<goal>copy</goal>
</goals>
<configuration>
<outputDirectory>$endorsed.dir</outputDirectory>
<silent>true</silent>
<artifactItems>
<artifactItem>
<groupId>javax</groupId>
<artifactId>javaee-endorsed-api</artifactId>
<version>7.0</version>
<type>jar</type>
</artifactItem>
</artifactItems>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
有人可以向我解释发生了什么或我做错了什么吗?
【问题讨论】:
【参考方案1】:我终于解决了我遇到的问题。
至于安全,我忘了添加SecurityWebApplicationInitializer,至于导航,this 链接帮助了我。
【讨论】:
以上是关于Spring 5 MVC - InternalResourceViewResolver 和 Spring Security的主要内容,如果未能解决你的问题,请参考以下文章
spring-mvc 5 j_spring_security_check 404页面错误
Spring 5 MVC Angular 5 App投掷404错误
SSM 三大框架系列:Spring 5 + Spring MVC 5 + MyBatis 3.5 整合(附源码)