gpt4 book ai didi

java - Spring 安全 4 : Access denied on providing roles

转载 作者:行者123 更新时间:2023-11-30 08:39:50 25 4
gpt4 key购买 nike

代码运行良好,现在已经替换了 security.xml 中的以下行以提供基于角色的安全性,但是得到访问被拒绝的 http status-403

已替换

<intercept-url pattern="/inputcreate*" access="isAuthenticated()" /> 

<intercept-url pattern="/inputcreate*" access="hasAnyRole('admin','user')" />

spring-security.xml

<http use-expressions="true" auto-config="true">
<!-- <intercept-url pattern="/inputcreate*" access="isAuthenticated()" /> -->
<intercept-url pattern="/inputcreate*" access="hasAnyRole('admin','user')" />
<form-login login-page="/login.html" default-target-url="/inputcreate.html"
authentication-failure-url="/login.html" username-parameter="j_username"
password-parameter="j_password" login-processing-url="/j_spring_security_check" />
<logout logout-url="/j_spring_security_logout"
logout-success-url="/index.html" />
</http>

最佳答案

刚刚更换

<intercept-url pattern="/inputcreate*" access="hasAnyRole('admin','user')" />

<intercept-url pattern="/inputcreate*" access="hasAnyRole('ROLE_ADMIN','ROLE_USER')" />

谷歌搜索 3-4 小时后,进行了上述更改这对我有用!!!!!!

在 Spring 文档中,它已在此处给出,前缀角色

public void setRolePrefix(String rolePrefix)
Allows a default role prefix to be specified. If this is set to a non-empty value, then it is automatically prepended to any roles read in from the db.
This may for example be used to add the ROLE_ prefix expected to exist in role names (by default) by some other Spring Security classes, in the case that the prefix is not already present in the db.

Parameters:
rolePrefix - the new prefix

关于java - Spring 安全 4 : Access denied on providing roles,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/35963783/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com