I am following the official Spring reference for setting up security. However I receive a resource not found error for spring security login when it should load the default spring login jsp, right ?
here is my web.xml snippet:
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/index</url-pattern>
</filter-mapping>
and also the relevant section of applicationContext.xml:
<security:http auto-config='true'>
<security:intercept-url pattern="/index" access="ROLE_USER" />
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="user" password="mypassword" authorities="ROLE_USER, ROLE_ADMIN" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
I think I have all the relevant dependcies loaded (as well as the others such tx & core) I have:
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>3.0.5.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>3.0.5.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>3.0.5.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>3.0.5.RELEASE</version>
</dependency>
You want to map every URL in your app to be filtered through the Spring Security interceptor like so:
The interceptor will handle the login URL when it encounters it, and before it reaches any of your servlets or JSPs.