将web.xml中的自定义筛选器替换为安全筛选器链

时间:2013-07-26 22:25:45

标签: java spring-security

在我的初始实现中,我在web.xml中有简单的过滤器定义,它对我来说很好。

<filter>
      <filter-name>myCustomFilter</filter-name>
      <filter-class>some.package.MyCustomFilter</filter-class>
</filter>

<filter-mapping>
        <filter-name>myCustomFilter</filter-name>
        <url-pattern>/*</url-pattern>
</filter-mapping>

我的目标是更换上面的过滤器以提高安全性。 我根据spring文档添加了springSecurityFilterChainhttp://static.springsource.org/spring-security/site/docs/3.0.x/reference/security-filter-chain.html 

 <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
</filter-mapping>

然后我将filterChainProxy定义添加到我的spring-security.xml 

    <alias name="filterChainProxy" alias="springSecurityFilterChain"/>

    <bean id="filterChainProxy" class="org.springframework.security.web.FilterChainProxy">
            <security:filter-chain-map path-type="ant">
                <security:filter-chain pattern="/**" filters="myCustomFilter"/>
            </security:filter-chain-map>
    </bean>

    <bean id="myCustomFilter" class="some.package.MyCustomFilter"/>

现有的spring-security.xml配置: 

    <security:http pattern="/**/*.some_extension" security="none"/>

    <security:http auto-config="false" entry-point-ref="entryPoint" authentication-manager-ref="manager" use-expressions="true">
        <security:intercept-url pattern="/**" access="hasRole('SOME_ROLE')"/>
        <security:custom-filter ref="map_filter" position="FORM_LOGIN_FILTER"/>
        <security:logout
                logout-url="/my/logout.controller"
                delete-cookies="JSESSIONID"
                />
    </security:http>


    <util:map id="map_filter">
        <entry key="/my/first/login/.controller" value-ref="filter1"/>
        <entry key="/my/second/login/.controller" value-ref="filter2"/>
    </util:map>

现在,当我尝试登录时,我收到以下异常:

org.springframework.web.servlet.mvc.multiaction.NoSuchRequestHandlingMethodException: No matching handler method found for servlet request: path '/my/first/login/.controller', method 'POST'

0 个答案:

没有答案
相关问题
最新问题