{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 仙女界的扛把子 的问题《Authentication request to /j_spring_security_check》','https://www.manongdao.com/q-988669.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
With the security configuration below, making a post request to /j_spring_security_check throws a 404 error. Could someone help me point out what I'm doing wrong?
security.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-4.0.xsd">
<!-- Areas of the application which require no secuirty to visit -->
<security:http security="none" pattern="/login/**" />
<security:http security="none" pattern="/css/**" />
<security:http security="none" pattern="/images/**" />
<security:http security="none" pattern="/handler/**" />
<security:http>
<security:intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
<security:form-login login-page="/login/"
default-target-url="/login/successful_login.html"
always-use-default-target="true" />
<security:csrf disabled="true"/>
<security:http-basic />
<security:logout />
</security:http>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider
ref="protrackAuthenticationProvider" />
</security:authentication-manager>
<bean id="protrackAuthenticationProvider"
class="com.example.security.ProtrackAuthenticationProvider">
</bean>
<bean id="authenticationFilter"
class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="filterProcessesUrl" value="/j_spring_security_check" />
</bean>
</beans>
Web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0" xmlns="http://java.sun.com/xml/ns/javaee">
<description>ProtrackEntities</description>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/ptentities-spring.xml
/WEB-INF/ptentities-security.xml
</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<!-- Servlets -->
<servlet>
<servlet-name>exportHandler</servlet-name>
<servlet-class>com.myersinfosys.protrack.server.handlers.FileExportHandler</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>exportHandler</servlet-name>
<url-pattern>/exportHandler</url-pattern>
</servlet-mapping>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>gwt-rpc</servlet-name>
<servlet-class>org.spring4gwt.server.SpringGwtRemoteServiceServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>gwt-rpc</servlet-name>
<url-pattern>/rpc/*</url-pattern>
</servlet-mapping>
<!-- Default page to serve -->
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
</web-app>
Here is the request error:
Remote Address:127.0.0.1:59322 Request URL:http://127.0.0.1:59322/j_spring_security_check Request Method:POST Status Code:404 Not Found
It looks like you are using Spring Security version 4.0
I just upgraded from Spring Security 3.2.3 to 4.0.1 and it looks like the default URLs for the login and logout handlers have changed from /j_spring_security_check to /login and /j_spring_security_logout to /logout respectively.
It also looks like the URL you are using is missing the application context component part of the path, which is usually the name of your web application. It should look more like:
or for later Spring Security versions: