2012-04-23 123 views
1

我在使用Spring內部的mvc重寫tuck以使擴展少一些Url。所有工作正常,但我最近有一個問題處理/ j_spring_security_check後。 這裏是我的配置文件不能使用url內部的彈簧安全性重寫tucky

urlrewrite.xml

<rule> 
    <from>/$</from> 
    <to type="forward">home</to> 
</rule> 
<rule> 
    <from>/signup$</from> 
    <to type="forward">/signup</to> 
</rule> 
<rule> 
    <from>/j_spring_security_check(\?.*)</from> 
    <to last="true">/j_spring_security_check$1</to> 
</rule> 
<rule> 
    <from>/logout(\?.*)</from> 
    <to last="true">/logout$1</to> 
</rule> 
<rule> 
    <from>^([^?]*)/([^?/\.]+)(\?.*)?$</from> 
    <to last="true">$1/$2.htm$3</to> 
</rule> 
<outbound-rule> 
    <from>^(.*)\.htm(\?.*)?$</from> 
    <to last="false">$1$2</to> 
</outbound-rule> 

春季安全`

<!-- This is where we configure Spring-Security --> 
<security:http auto-config="true" use-expressions="true" access-denied-page="/denied.htm"> 
    <security:intercept-url pattern="/**" access="permitAll" /> 
    <security:intercept-url pattern="/admin/**" access="hasRole('ROLE_ADMIN')" /> 
    <security:intercept-url pattern="/user" access="hasRole('ROLE_USER')" /> 
    <security:form-login login-page="/signup" authentication-failure-url="/signup?error=authenticate" default-target-url="/" /> 
    <security:logout invalidate-session="true" logout-success-url="/" logout-url="/logout" /> 
    <security:remember-me key="springRocks" user-service-ref="userDetailsService"/> 
</security:http> 


<!-- Declare an authentication-manager to use a custom userDetailsService --> 
<security:authentication-manager> 
    <security:authentication-provider user-service-ref="userDetailsService"> 
     <security:password-encoder ref="passwordEncoder" /> 
    </security:authentication-provider> 
</security:authentication-manager> 

<!-- Use a Md5 encoder since the user's passwords are stored as Md5 in the 
    database --> 
<bean 
    class="org.springframework.security.authentication.encoding.Md5PasswordEncoder" id="passwordEncoder" /> 

<bean id="userDaoService" class="com.dolo.dao.jdbc.JdbcUserDao"> 
    <property name="dataSource" ref="dataSource" /> 
</bean> 

<bean id="userDetailsService" class="com.dolo.services.impl.UserServiceImpl"> 
</bean> 

<bean id="userDetails" class="com.dolo.model.User"> 
</bean> 

`

的web.xml

 <servlet> 
<servlet-name>dolo</servlet-name> 
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> 
<init-param> 
     <param-name>contextConfigLocation</param-name> 
     <param-value> 
     </param-value> 
    </init-param> 
<load-on-startup>1</load-on-startup> 

...

<servlet-mapping> 
<servlet-name>dolo</servlet-name> 
<url-pattern>*.htm</url-pattern> 

...

<filter> 
    <filter-name>UrlRewriteFilter</filter-name> 
    <filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class> 
</filter> 
<filter-mapping> 
    <filter-name>UrlRewriteFilter</filter-name> 
    <url-pattern>/*</url-pattern> 
    <dispatcher>REQUEST</dispatcher> 
    <dispatcher>FORWARD</dispatcher> 
</filter-mapping> 

....

<filter> 
<filter-name>springSecurityFilterChain</filter-name> 
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> 

....

<filter-mapping> 
<filter-name>springSecurityFilterChain</filter-name> 
<url-pattern>/*</url-pattern> 
<dispatcher>REQUEST</dispatcher> 
<dispatcher>FORWARD</dispatcher> 
<dispatcher>INCLUDE</dispatcher> 
<dispatcher>ERROR</dispatcher> 

回答

1

兩個可以一起工作沒有任何問題

<filter-mapping>聲明應該在UrlRewriteFilter之前完成之一。一旦完成,您不需要任何重寫規則j_spring_security_check

+0

謝謝,那工作:) – badrux 2012-04-26 21:50:41