我想認爲,只有管理員可以查看特定頁面的訪問被拒絕,但每次我提出請求時,我得到一個錯誤。它似乎與我的安全上下文文件中的hasRole()。春季安全hasRole()給錯誤403 -
錯誤只是說,HTTP狀態403 - 當我提出要看到管理jsp頁面
安全context.xml的請求訪問被拒絕:
<security:http use-expressions="true">
<security:intercept-url pattern="/admin" access="hasAnyRole('admin')" />
<security:form-login login-page="/login"
authentication-failure-url="/login?error=true" />
<security:logout logout-success-url="/loogedout" />
<security:intercept-url pattern="/createoffer" access="isAuthenticated()" />
<security:intercept-url pattern="/docreate" access="isAuthenticated()" />
<security:intercept-url pattern="/offercreated" access="isAuthenticated()" />
<security:intercept-url pattern="/" access="permitAll" />
<security:intercept-url pattern="/loggedout" access="permitAll" />
<security:intercept-url pattern="/newaccount" access="permitAll" />
<security:intercept-url pattern="/createaccount" access="permitAll" />
<security:intercept-url pattern="/accountcreated" access="permitAll" />
<security:intercept-url pattern="/static/**" access="permitAll" />
<security:intercept-url pattern="/login" access="permitAll" />
<security:intercept-url pattern="/offers" access="permitAll" />
<security:intercept-url pattern="/**" access="denyAll" />
</security:http>
我的兩個在我的數據庫表是用戶(用戶名,電子郵件,啓用密碼)和權限(用戶名,權限)。
任何人都可以提出什麼我的錯誤是什麼或如何解決?
你可以發佈詳細的錯誤信息,沒有它不能幫你很多。 – OPK
@JasonZ道歉,我編輯了錯誤的帖子。 –
你是否以'admin'身份登錄? – OPK