2

I all,

i have a spring application working with role based security. Application is working fine it's just i need to introduce some static HTML pages which will also be hosted in the same war. So if www.myapp.com/abc/work.jsp is my secure page then www.myapp.com/home.htm should show static html page. I have incorporated HTML files but issue is i am getting 404 on www.myapp.com/home.htm and www.myapp.com/abc/work.jsp works fine.

web.xml -

<display-name>guru</display-name>
      <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/app-security-config.xml</param-value>
    </context-param>

    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>
            org.springframework.web.filter.DelegatingFilterProxy
        </filter-class>
    </filter>

    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
    <servlet>
       <servlet-name>dispatcher</servlet-name>
       <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
       <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>dispatcher</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

  <welcome-file-list>
    <welcome-file>/home.htm</welcome-file>
  </welcome-file-list>

My app-security-config.xml

<http auto-config="false" disable-url-rewriting="false" access-decision-manager-ref="accessDecisionManager" 
    entry-point-ref="authenticationProcessingFilterEntryPoint">
    <custom-filter position="FORM_LOGIN_FILTER" ref="authenticationProcessingFilter" />
    <custom-filter position="LOGOUT_FILTER" ref="customLogoutFilter"/>
    <access-denied-handler error-page="/login.jsp?login_error=true"/> 
     <intercept-url pattern="/login.htm" filters="none" />
    <intercept-url pattern="/abc/def/**" access="ROLE_USER"/>
    <intercept-url pattern="/**" access="ROLE_ANONYMOUS" />
    <anonymous enabled='true'/> 
    <session-management session-authentication-strategy-ref="sas"/>  
    <custom-filter position="CONCURRENT_SESSION_FILTER" ref="concurrencyFilter" />
    </http>
Sachin
  • 119
  • 2
  • 19
  • this link might help you http://stackoverflow.com/questions/1234298/can-springmvc-be-configured-to-process-all-requests-but-exclude-static-content – raddykrish Mar 20 '12 at 04:50
  • is "abc" the context root or a directory within your app? – nickdos Mar 20 '12 at 05:35
  • abc is context root, this is production code so i have masked it :) – Sachin Mar 20 '12 at 05:36
  • I don't think the `` is doing what you think it is doing... http://stackoverflow.com/questions/2511301/setting-the-default-jsp-view-with-spring-mvc might help in that regard. It still needs to be mapped to a JSP though so doesn't really help your main issue I think. – nickdos Mar 20 '12 at 05:44
  • Yes welcome file is not working as it should be, i tried changing it to a JSP but that also did not worked. – Sachin Mar 20 '12 at 05:48
  • I have found a fix and it is damn easy :). Just add following line in your web.xml to make sure default servlet handle all request pertaining to *.htm default *.htm /home.htm And that's it. – Sachin Mar 20 '12 at 08:48

1 Answers1

1

Hi you should provide a mapping for static contents inside your dispatcher servlet configuration, something like:

<mvc:resources mapping="/resources/**" location="/WEB-INF/" />

In this way, if your static home.htm content is located inside /WEB-INF/ folder you can reach it from the url /resources/home.htm. This will avoid that spring intercept and redirect to a controller all paths starting with /resources reserving that path to static resources like images, css files, scripts and html static pages

matteosilv
  • 585
  • 7
  • 13