我在处理403春季启动中禁止的问题时遇到问题。正如我通过扩展WebSecurityConfigurerAdapter来定制它的类所处理的那样。它将给出的输出禁止。它应该重定向到403网址,但它不工作。我是初学者,不知道它的错在哪里。如何在弹簧引导注释中处理403禁止的错误?
public class WebAppInitializer implements WebApplicationInitializer {
@Override
public void onStartup(ServletContext servletContext)
throws ServletException {
AnnotationConfigWebApplicationContext ctx = new AnnotationConfigWebApplicationContext();
ctx.register(SecurityConfiguration.class);
ctx.setServletContext(servletContext);
//ctx.register(SecurityConfiguration.class);
DispatcherServlet dispatcherServlet = new DispatcherServlet(ctx);
dispatcherServlet.setThrowExceptionIfNoHandlerFound(true);
Dynamic dynamic = servletContext.addServlet("dispatcher", dispatcherServlet);
dynamic.addMapping("/data/*");
dynamic.setLoadOnStartup(1);
}
}
和我的AppConfig类
package com.portal.spring.config;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
@Configuration
@ComponentScan("com.portal")
@EnableWebMvc
public class AppConfig extends WebMvcConfigurerAdapter {
}
和安全配置
package com.portal.spring.config;
import java.util.logging.Logger;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
private static final Logger log= Logger.getLogger(SecurityConfiguration.class.getName());
@Override
protected void configure(HttpSecurity http) throws Exception {
http.exceptionHandling().accessDeniedHandler(new AccessDenyHandler());
}
}
和accessdenyhandler
package com.portal.spring.config;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
public class AccessDenyHandler implements AccessDeniedHandler {
@Override
public void handle(HttpServletRequest request, HttpServletResponse response,
AccessDeniedException arg2) throws IOException, ServletException {
response.sendRedirect("//403");
}
}
请说明更多。你为什么认为它不起作用 –
@SangramJadhav ...我不知道有没有例外...我的方式正确处理403禁止问题 –