Home/ Questions/Q 9176551
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-17T17:07:56+00:00

I all, i have a spring application working with role based security. Application is

  • 0

I all,

i have a spring application working with role based security. Application is working fine it’s just i need to introduce some static HTML pages which will also be hosted in the same war. So if http://www.myapp.com/abc/work.jsp is my secure page then http://www.myapp.com/home.htm should show static html page. I have incorporated HTML files but issue is i am getting 404 on http://www.myapp.com/home.htm and http://www.myapp.com/abc/work.jsp works fine.

web.xml –

<display-name>guru</display-name>
      <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/app-security-config.xml</param-value>
    </context-param>

    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>
            org.springframework.web.filter.DelegatingFilterProxy
        </filter-class>
    </filter>

    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
    <servlet>
       <servlet-name>dispatcher</servlet-name>
       <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
       <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>dispatcher</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

  <welcome-file-list>
    <welcome-file>/home.htm</welcome-file>
  </welcome-file-list>

My app-security-config.xml

<http auto-config="false" disable-url-rewriting="false" access-decision-manager-ref="accessDecisionManager" 
    entry-point-ref="authenticationProcessingFilterEntryPoint">
    <custom-filter position="FORM_LOGIN_FILTER" ref="authenticationProcessingFilter" />
    <custom-filter position="LOGOUT_FILTER" ref="customLogoutFilter"/>
    <access-denied-handler error-page="/login.jsp?login_error=true"/> 
     <intercept-url pattern="/login.htm" filters="none" />
    <intercept-url pattern="/abc/def/**" access="ROLE_USER"/>
    <intercept-url pattern="/**" access="ROLE_ANONYMOUS" />
    <anonymous enabled='true'/> 
    <session-management session-authentication-strategy-ref="sas"/>  
    <custom-filter position="CONCURRENT_SESSION_FILTER" ref="concurrencyFilter" />
    </http>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Hi you should provide a mapping for static contents inside your dispatcher servlet configuration, something like:

    <mvc:resources mapping="/resources/**" location="/WEB-INF/" />

    In this way, if your static home.htm content is located inside /WEB-INF/ folder you can reach it from the url /resources/home.htm.
    This will avoid that spring intercept and redirect to a controller all paths starting with /resources reserving that path to static resources like images, css files, scripts and html static pages

    • 0