1
在我的web應用程序中發生的最奇怪的事情。下面是web.xml中的<security-constraint>部分:調用j_security_check後出現404錯誤
<security-constraint>
<web-resource-collection>
<web-resource-name>Non-secure resources</web-resource-name>
<url-pattern>/js/*</url-pattern>
<url-pattern>/theme/*</url-pattern>
<url-pattern>/login.jsp</url-pattern>
<url-pattern>/logout.faces</url-pattern>
<http-method>GET</http-method>
</web-resource-collection>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure resources</web-resource-name>
<url-pattern>/faces/*</url-pattern>
<url-pattern>/fragments/*</url-pattern>
<url-pattern>/pages/*</url-pattern>
<url-pattern>*.faces</url-pattern>
<url-pattern>*.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>AllAuthenticated</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>map</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginError.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>AllAuthenticated</role-name>
</security-role>
當用戶通過http://<host-name>/<context-path>/訪問的應用程序,那麼用戶被轉發到登錄頁面,登錄成功後,一切都很好。但是,如果用戶通過http://<host-name>/<context-path>/login.jsp訪問應用程序,登錄成功後,用戶將收到404錯誤消息,瀏覽器中的URL爲http://<host-name>/<context-path>/j_security_check。
有人知道爲什麼會發生這種情況,我該如何預防它?
請添加login.jsp – Michael