我正在使用 Spring 和 Struts 2、Hibernate、Spring Security。
我的问题是当我点击提交海报时 JSP 页面被阻止访问。
我认为
resultActionDocumentAction.javapackage com.web.actions;
import java.io.File;
import com.opensymphony.xwork2.ActionSupport;
public class DocumentAction extends ActionSupport {
/**
*
*/
private static final long serialVersionUID = -8801071547543777086L;
private File fileUpload;
private String fileUploadContentType;
private String fileUploadFileName;
public String getFileUploadContentType() {
return fileUploadContentType;
}
public void setFileUploadContentType(String fileUploadContentType) {
this.fileUploadContentType = fileUploadContentType;
}
public String getFileUploadFileName() {
return fileUploadFileName;
}
public void setFileUploadFileName(String fileUploadFileName) {
this.fileUploadFileName = fileUploadFileName;
}
public File getFileUpload() {
return fileUpload;
}
public void setFileUpload(File fileUpload) {
this.fileUpload = fileUpload;
}
public String execute() throws Exception{
System.out.println("Votre Fichier est bien telecharger");
return SUCCESS;
}
public String display() {
return NONE;
}
}
Security.xml<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.2.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-4.2.xsd">
<http>
<access-denied-handler error-page="/private/accessDenied.jsp" />
<!-- permettre l'acces aux feuille de style, img, page public et JS à tous
le monde -->
<!-- isAnonymous() or hasRole('ROLE_ANONYMOUS') -->
<intercept-url pattern="/css/**" access="permitAll" />
<intercept-url pattern="/js/**" access="permitAll" />
<intercept-url pattern="/img/**" access="permitAll" />
<intercept-url pattern="/login*" access="isAnonymous()" />
<intercept-url pattern="/logout*" access="isAuthenticated()" />
<!-- permettre l'acces aux actions public -->
<intercept-url pattern="/public/**" access="isAnonymous()" />
<!-- zone privée user -->
<intercept-url pattern="/private/user/*" access="hasRole('ROLE_USER')" />
<intercept-url pattern="/private/user/**" access="hasRole('ROLE_USER')" />
<intercept-url pattern="/private/user/professeur/*" access="hasRole('ROLE_USER')" />
<intercept-url pattern="/private/user/professeur/**" access="hasRole('ROLE_USER')" />
<!-- zone privée admin -->
<intercept-url pattern="/private/admin/*" access="hasRole('ROLE_ADMIN')" />
<intercept-url pattern="/private/admin/**" access="hasRole('ROLE_USER')" />
<intercept-url pattern="/private/**" access="isAuthenticated()" />
<intercept-url pattern="/**" access="denyAll" />
<form-login login-page="/public/showLoginPage"
default-target-url="/private/initUserHome"
authentication-failure-url="/public/loginFailure.jsp" />
<logout logout-success-url="/public/showLoginPage" logout-url="/logout"
delete-cookies="JSESSIONID" />
</http>
<authentication-manager>
<authentication-provider user-service-ref="utlisateurService">
<password-encoder hash="sha">
<salt-source user-property="username" />
</password-encoder>
</authentication-provider>
</authentication-manager>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="admin" password="admin" authorities="ROLE_ADMIN" />
<user name="user" password="user" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
struts.xml<package name="ProfesseurPackage" namespace="/private/user/professeur" extends="struts-default">
<action name="fileUploadAction" class="com.web.actions.DocumentAction" method="display">
<result name="none">fileupload.jsp</result>
</action>
<action name="resultAction" class="com.web.actions.DocumentAction" method="execute">
<interceptor-ref name="exception"/>
<interceptor-ref name="i18n"/>
<interceptor-ref name="fileUpload">
<param name="allowedTypes">text/plain</param>
<param name="maximumSize">10240</param>
</interceptor-ref>
<interceptor-ref name="params">
<param name="excludeParams">dojo\..*,^struts\..*</param>
</interceptor-ref>
<interceptor-ref name="validation">
<param name="excludeMethods">input,back,cancel,browse</param>
</interceptor-ref>
<interceptor-ref name="workflow">
<param name="excludeMethods">input,back,cancel,browse</param>
</interceptor-ref>
<result name="success">result.jsp</result>
<result name="input">fileupload.jsp</result>
</action>
</package>
fileupload.jsp<%@ taglib prefix="s" uri="/struts-tags" %>
<html>
<head>
<s:head />
</head>
<body>
<h1>Struts 2 <s:file> file upload example</h1>
<s:form action="resultAction" method="POST" enctype="multipart/form-data">
<input type="hidden" name="${_csrf.parameterName}"
value="${_csrf.token}" />
<s:file name="fileUpload" label="Select a File to upload" size="40" />
<s:submit value="submit" name="submit" />
</s:form>
</body>
</html
将
namespace<s:form>/private/user/professeur<s:form action="resultAction" namespace="/private/user/professeur" method="POST" enctype="multipart/form-data">