Spring Security 3:拦截url属性“方法”第一次就可以正常工作
我是 Spring Security 3 的新手,我遇到了下一个问题。 使用 spring-security 命名空间,我尝试配置单个基本身份验证,其中我只想过滤 POST 方法。
从我的 servlet.xml 配置来看:
<security:http auto-config='true'>
<security:http-basic></security:http-basic>
<security:intercept-url method="POST" pattern="/**" access="ROLE_USER" />
</security:http>
嗯,问题是,启动服务器后,它第一次工作正常(也就是说,其他方法不会提示任何身份验证屏幕)。但第一次使用POST方法后,会提示所有方法的身份验证屏幕。有谁知道我错过了什么?
预先感谢您的宝贵时间! ;-)
I am newbie in Spring Security 3, and I am having the next problem.
Using the spring-security Namespace, I try to configure a single basic authentication, in wich I want only to filter the POST method.
From my servlet.xml configuration:
<security:http auto-config='true'>
<security:http-basic></security:http-basic>
<security:intercept-url method="POST" pattern="/**" access="ROLE_USER" />
</security:http>
Well, the thing is that, after starting the server, it works fine the first time (that is, the other methods doesn't prompt any authentication screen). But after a first use of the POST method, it prompt the authentication screen for all the method. Does anyone knows what am I missing?
Thanks in advance for your time! ;-)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
好的,自动回复! xD
我曾经尝试过一个名为 Rest Client 的 Firefox 插件(我真的推荐它;-))。我的失败是,在使用 POST 方法第一次登录尝试后,它保存在缓存中,提示进行 HTTP-BASIC 身份验证。清理我的历史记录后,效果很好。
之后,我学会了:
- 当你使用浏览器时,总是在缓存中思考
- 当你在 Stackoverflow 中询问问题时,提供有关你的环境的更多信息 xD
谢谢大家!
Ok, auto-answer! xD
I was using to try it a Firefox plugin called Rest Client (I really recommend it ;-) ). My failure was, after the first login tryial with the POST method, that it saved in cache that it has prompted an HTTP-BASIC authentication. After cleaning my history, it works fine.
After that, I have learned:
-Think always in the cache when you use a browser
-Give more information about your environment when you ask something in Stackoverflow xD
Thanks everyone!!