1. 首頁
  2. 問答
  3. 403重定向錯誤 - Spring Google App Engine安全

403重定向錯誤 - Spring Google App Engine安全

2015-06-11 61 views
0

我正在使用示例代碼通過Google App Engine進行身份驗證,並且無法將Spring重定向到我的註冊頁面,但未收到403錯誤。403重定向錯誤 - Spring Google App Engine安全

以下是錯誤的堆棧跟蹤。

21:13:34,576 DEBUG [org.springframework.security.web.util.matcher.AntPathRequestMatcher] - Checking match of request : '/home.jsp'; against '/register.jsp*' 
21:13:34,576 DEBUG [org.springframework.security.web.access.intercept.FilterSecurityInterceptor] - Secure object: FilterInvocation: URL: /home.jsp; Attributes: [hasRole('USER')] 
21:13:34,576 DEBUG [org.springframework.security.web.access.intercept.FilterSecurityInterceptor] - Secure object: FilterInvocation: URL: /home.jsp; Attributes: [hasRole('USER')] 
21:13:34,576 DEBUG [org.springframework.security.web.access.intercept.FilterSecurityInterceptor] - Previously Authenticated: GaeUserAuthentication{principal=GaeUser{userId='185804764220139124118', nickname='[email protected]', forename='null', surname='null', authorities=[NEW_USER], [email protected]}, isEnabled=true}, details=org.sprin[email protected]957e: RemoteIpAddress: 127.0.0.1; SessionId: null, authenticated=true} 
21:13:34,576 DEBUG [org.springframework.security.web.access.intercept.FilterSecurityInterceptor] - Previously Authenticated: GaeUserAuthentication{principal=GaeUser{userId='185804764220139124118', nickname='[email protected]', forename='null', surname='null', authorities=[NEW_USER], [email protected]}, isEnabled=true}, details=org.sprin[email protected]957e: RemoteIpAddress: 127.0.0.1; SessionId: null, authenticated=true} 
21:13:34,584 DEBUG [org.springframework.security.access.vote.AffirmativeBased] - Voter: org.sp[email protected]415edbff, returned: -1 
21:13:34,584 DEBUG [org.springframework.security.access.vote.AffirmativeBased] - Voter: org.sp[email protected]415edbff, returned: -1 
21:13:34,586 DEBUG [org.springframework.security.web.access.ExceptionTranslationFilter] - Access is denied (user is not anonymous); delegating to AccessDeniedHandler

這裏是我的

的applicationContext-security.xml文件

<?xml version="1.0" encoding="UTF-8"?> 
<b:beans xmlns="http://www.springframework.org/schema/security" 
xmlns:b="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd 
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd"> 


<http pattern="/favicon.ico" security="none" /> 
<http pattern="/loggedout.jsp" security="none" /> 
<http pattern="/disabled.jsp" security="none" /> 
<http pattern="/_ah/**" security="none" /> 
<http pattern="/landing.jsp" security="none"></http> 
<http pattern="/register.jsp" security="none"/> 
<http use-expressions="true" entry-point-ref="gaeEntryPoint"> 
    <intercept-url pattern="/" access="permitAll" /> 
    <intercept-url pattern="/logout.jsp" access="permitAll" /> 
    <intercept-url pattern="/register.jsp*" access="hasRole('NEW_USER')"/> 
    <intercept-url pattern="/**" access="hasRole('USER')" /> 
    <intercept-url pattern="/_ah/**" access="permitAll"/> 
    <custom-filter position="PRE_AUTH_FILTER" ref="gaeFilter" /> 
</http> 

<b:bean id="gaeEntryPoint" 
    class="com.principalmvl.lojackmykids.authentication.GoogleAccountsAuthenticationEntryPoint" /> 

<b:bean id="gaeFilter" 
    class="com.principalmvl.lojackmykids.authentication.GaeAuthenticationFilter"> 
    <b:property name="authenticationManager" ref="authenticationManager" /> 
    <b:property name="failureHandler"> 
     <b:bean 
      class="org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler"> 
      <b:property name="exceptionMappings"> 
       <b:map> 
        <b:entry 
         key="org.springframework.security.authentication.DisabledException" 
         value="/disabled.jsp" /> 
       </b:map> 
      </b:property> 
     </b:bean> 
    </b:property> 
</b:bean> 

<authentication-manager alias="authenticationManager"> 
    <authentication-provider ref="gaeAuthenticationProvider" /> 
</authentication-manager> 

<b:bean id="gaeAuthenticationProvider" 
    class="com.principalmvl.lojackmykids.authentication.GoogleAccountsAuthenticationProvider"> 
    <b:property name="userRegistry" ref="userRegistry" /> 
</b:bean> 

<b:bean id="userRegistry" 
    class="com.principalmvl.lojackmykids.datautilities.GaeDatastoreUserRegistry" /> 

<b:bean id="loggerListener" 
    class="org.springframework.security.authentication.event.LoggerListener" />

的register.jsp頁面有NEW_USER作爲該認證用戶的作用。

有人能告訴我我做錯了什麼嗎?

來源

2015-06-11 Axwack

回答

0

我認爲HTTP缺少<security:access-denied-handler ref="accessDeniedHandler" />及其implemetation <bean id="accessDeniedHandler" class="com.ddd.AccessDeniedHandler"> <property name="strAccessDeniedUrl" value="access_denied_login.jsp" /> </bean>

需要延長AccessDeniedHandler類來處理你的邏輯

來源

2015-06-11 23:32:54

+0

但不會這只是創建一個重定向到一個頁面,只是說,「你被拒絕訪問「?我如何知道我的用戶是否真正通過身份驗證,但由於某種原因配置不正確? – Axwack

+0

如果配置不正確,您的身份驗證管理器和篩選器甚至無法調用默認的403頁 –

相關問題

 相關問題