java 错误:在过滤器链中的其他模式之前定义了通用匹配模式 ('/**')
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/13317238/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-10-31 12:16:30 来源:igfitidea点击:
Error: A universal match pattern ('/**') is defined before other patterns in the filter chain
提问by Brett VanderVeen
I am migrating a Java Struts 2 Web App from Spring 2.5.x to Spring 3.1.x. I am using Spring 3.1.2.RELEASE with all the necessary modules. I have this App Context file being loaded for Spring Security configuration:
我正在将 Java Struts 2 Web 应用程序从 Spring 2.5.x 迁移到 Spring 3.1.x。我将 Spring 3.1.2.RELEASE 与所有必要的模块一起使用。我为 Spring Security 配置加载了这个 App Context 文件:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<security:http realm="Company" access-decision-manager-ref="accessDecisionManager">
<security:intercept-url pattern="/drivermaintenance.action" access="ACTION_DRIVER_NUMBER_INQUIRY,ACTION_MAINTAIN_DRIVER_NUMBER" />
<security:intercept-url pattern="/exceptioncheckin.action" access="ACTION_EXCEPTIONS_INQUIRY" />
<security:intercept-url pattern="/routesnotcheckedin.action" access="ACTION_ROUTES_NOT_CHECKED_IN_INQUIRY" />
<security:intercept-url pattern="/checkininquiryfilters.action" access="ACTION_CHECK_IN_INQUIRY" />
<security:intercept-url pattern="/checkininquirydata.action" access="ACTION_CHECK_IN_INQUIRY" />
<security:intercept-url pattern="/acceptduplicateroute.action" access="ACTION_ACCEPT_DUPLICATE_ROUTE" />
<security:intercept-url pattern="/drivercreditinquirydata.action" access="ACTION_DRIVER_CREDITS_INQUIRY" />
<security:intercept-url pattern="/drivercreditinquirynavigationbaseddata.action" access="ACTION_DRIVER_CREDITS_INQUIRY" />
<security:intercept-url pattern="/cashtochargeinquirydata.action" access="ACTION_CASH_TO_CHARGE_INVOICES_INQUIRY" />
<security:intercept-url pattern="/cashtochargeinquiryfilter.action" access="ACTION_CASH_TO_CHARGE_INVOICES_INQUIRY" />
<security:intercept-url pattern="/exitdrivercheckin.action" access="ACTION_EXIT_CHECKIN_LOGOUT,ACTION_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/routecheckin.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/startnewroutecheckin.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/findroute.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/saveroutecheckin.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/findcustomerdelivery.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/savecustomerdelivery.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/findoverage.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/updateoverage.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/removeoverage.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/navigatefromoverage.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/findcreditpickup.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/savecreditpickup.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/finddrivercredit.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/addlineitem.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/updatecredit.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/removecredit.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/removelineitem.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/creditissuedetails.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/findproductdescription.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/creditwholeinvoice.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/canceldrivercredit.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/navigatefromdrivercredit.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/findsummarytable.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/findtripday.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/findtripdescriptiondetails.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/savetripday.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/drivercheckin.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/savedrivercheckin.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/finddrivercheckin.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/removeroutefromcheckin.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/removetripfromcheckin.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/removeadditionalservicefromcheckin.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/removebackhaulfromcheckin.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/findadditionalservice.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/saveadditionalservice.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/findbalancetime.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/savebalancetime.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/findbackhaul.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/findbackhauldetail.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/removebackhaul.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/findbackhaulpolist.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/savebackhaul.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/drivercheckinindex.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/newdrivercheckin.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/finddrivercollection.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/savedrivercollection.action" access="ACTION_DRIVER_CHECK_IN,ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/modifypayments.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/modifyprimarypayment.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/shiftamount.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/modifydepositamount.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/retrievecredit.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/addpreviouspayment.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:intercept-url pattern="/removepreviouspayment.action" access="ACTION_SAVE_DRIVER_CHECK_IN" />
<security:http-basic />
<security:logout logout-url="/logout" logout-success-url="/logout.jsp" />
<!-- Pages/items that don't require passwords. It is particularly important that
the ping page appear here, or the DCI monitoring will break. -->
<security:intercept-url pattern="/ping.jsp"/>
<security:intercept-url pattern="/accessDenied.jsp"/>
<security:intercept-url pattern="/css/**"/>
<security:intercept-url pattern="/images/**"/>
</security:http>
</beans>
But I keep getting this error, which says I have a universal pattern defined before other patterns and so the other patterns won't be match... but I don't:
但是我一直收到这个错误,它说我在其他模式之前定义了一个通用模式,所以其他模式不会匹配......但我没有:
ERROR 2012-11-09 17:10:58,167 [org.apache.catalina.core.ContainerBase.[Catalina].[serverurl.here.com].[/appDir]]: Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChainProxy': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: A universal match pattern ('/**') is defined before other patterns in the filter chain, causing them to be ignored. Please check the ordering in your <security:http> namespace or FilterChainProxy bean configuration
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1455)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:519)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
at org.springframework.beans.factory.support.AbstractBeanFactory.getObject(AbstractBeanFactory.java:294)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:225)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:291)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:609)
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:918)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:469)
at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:383)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:283)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:111)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4206)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:4705)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:799)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:779)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:601)
at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:943)
at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:778)
at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:504)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1317)
at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:324)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:142)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1065)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:840)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1057)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:463)
at org.apache.catalina.core.StandardService.start(StandardService.java:525)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:754)
at org.apache.catalina.startup.Catalina.start(Catalina.java:595)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
Caused by: java.lang.IllegalArgumentException: A universal match pattern ('/**') is defined before other patterns in the filter chain, causing them to be ignored. Please check the ordering in your <security:http> namespace or FilterChainProxy bean configuration
at org.springframework.security.config.http.DefaultFilterChainValidator.checkPathOrder(DefaultFilterChainValidator.java:49)
at org.springframework.security.config.http.DefaultFilterChainValidator.validate(DefaultFilterChainValidator.java:39)
at org.springframework.security.web.FilterChainProxy.afterPropertiesSet(FilterChainProxy.java:151)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1514)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1452)
... 36 more
I am lost and any help would be greatly appreciated.
我迷路了,任何帮助将不胜感激。
采纳答案by Brett VanderVeen
Ok, after lots of different sets of eyes looking at the project, it looks as though it was likely a dependency conflict problem. The most likely candidate was where we were still importing spring-security-core-tiger-2.0.7 while we are using the 3.1.2 Spring version. We removed this dependency as cleaning up a lot of other dependency conflicts and the application starts up as it should.
好吧,在对项目进行了许多不同的观察之后,看起来这可能是一个依赖冲突问题。最有可能的候选对象是我们在使用 3.1.2 Spring 版本时仍在导入 spring-security-core-tiger-2.0.7 的地方。我们删除了此依赖项,因为清除了许多其他依赖项冲突,并且应用程序按原样启动。
Thank you for everyone's suggestions.
谢谢大家的建议。
回答by Jaiwo99
regards to the documentation Spring security, you should try this:
关于文档Spring security,你应该试试这个:
<http pattern="/css/**" security="none"/>
<http pattern="/login.jsp*" security="none"/>
<http auto-config='true'>
<intercept-url pattern="/**" access="ROLE_USER" />
<form-login login-page='/login.jsp'/>
</http>
my suggestion is, you should put the following block on the top of the stack.
我的建议是,您应该将以下块放在堆栈顶部。
<security:intercept-url pattern="/ping.jsp"/>
<security:intercept-url pattern="/accessDenied.jsp"/>
<security:intercept-url pattern="/css/**"/>
<security:intercept-url pattern="/images/**"/>
// here comes all other configurations
<security:intercept-url pattern="/drivermaintenance.action" access="ACTION_DRIVER_NUMBER_INQUIRY,ACTION_MAINTAIN_DRIVER_NUMBER" />
....
