我正在尝试使用基本的Spring安全性,但是无法使用我设置的两个用户中的任何一个登录。它总是返回“错误401-未经授权”
为了安全起见,我安装了以下三个库:
spring-security-config-3.2.0.RELEASE.jar
spring-security-core-3.2.0.RELEASE.jar
spring-security-web-3.2.0.RELEASE.jar
SPRING-SECURITY.XML文件包含以下内容。
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd">
<http auto-config="true">
<intercept-url pattern="/**" access="ROLE_USER, ROLE_ADMIN" />
<http-basic />
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="admin" password="admin"
authorities="ROLE_USER, ROLE_ADMIN" />
<user name="test" password="test"
authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
WEB.XML文件包含以下内容。
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring-security.xml
</param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
问题出在weblogic中,而不是配置中。
解决方案:我发现解决此问题的唯一解决方案是添加:
<enforce-valid-basic-auth-credentials>false</enforce-valid-basic-auth-credentials>
进入config.xml文件:
<security-configuration>
...
<enforce-valid-basic-auth-credentials>false</enforce-valid-basic-auth-credentials>
</security-configuration>
此配置将解决问题。
参考
http://yplakosh.blogspot.com/2009/05/how-to-fix-basic-authentication-issue.html
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句