1. Accueil
  2. Question et réponse
  3. Obtention de l'erreur 403 Interdit

Obtention de l'erreur 403 Interdit

2013-10-04 6 views
2

J'utilise le serveur Apache Tomcat 8.0.0-RC3 et le servlet répartiteur de ressort. Je reçois 403 interdit en utilisant la méthode HTTP PUT mais la méthode HTTPGET fonctionne correctement. J'essaye de résoudre ceci avec la contrainte de sécurité mais il me donne l'erreur de conflit 409 parce que j'emploie le servlet de répartiteur de ressort et il ne fonctionne pas. Mais il fonctionne parfaitement sur tomcat 7 .Veuillez m'aider à se débarasser de ceci. Ceci est mon web.xmlObtention de l'erreur 403 Interdit

<?xml version="1.0" encoding="UTF-8"?> 
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="2.5" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee   http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> 
    <display-name>abc</display-name> 
    <description>ABC Web application</description> 
    <!-- Enable escaping of form submission contents --> 
    <context-param> 
     <param-name>defaultHtmlEscape</param-name> 
     <param-value>true</param-value> 
    </context-param> 
    <context-param> 
     <param-name>contextConfigLocation</param-name> 
     <param-value>classpath*:META-INF/spring/applicationContext*.xml</param-value> 
    </context-param> 
    <filter> 
     <filter-name>CharacterEncodingFilter</filter-name> 
     <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class> 
     <init-param> 
      <param-name>encoding</param-name> 
      <param-value>UTF-8</param-value> 
     </init-param> 
     <init-param> 
      <param-name>forceEncoding</param-name> 
      <param-value>true</param-value> 
     </init-param> 
    </filter> 
    <filter> 
     <filter-name>HttpMethodFilter</filter-name> 
     <filter-class>org.springframework.web.filter.HiddenHttpMethodFilter</filter-class> 
    </filter> 
    <filter> 
     <filter-name>springSecurityFilterChain</filter-name> 
     <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> 
    </filter> 
    <filter> 
     <filter-name>Spring OpenEntityManagerInViewFilter</filter-name> 
     <filter-class>org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter</filter-class> 
    </filter> 
    <filter-mapping> 
     <filter-name>CharacterEncodingFilter</filter-name> 
     <url-pattern>/*</url-pattern> 
    </filter-mapping> 
    <filter-mapping> 
     <filter-name>HttpMethodFilter</filter-name> 
     <url-pattern>/*</url-pattern> 
    </filter-mapping> 
    <filter-mapping> 
     <filter-name>springSecurityFilterChain</filter-name> 
     <url-pattern>/*</url-pattern> 
    </filter-mapping> 
    <filter-mapping> 
     <filter-name>Spring OpenEntityManagerInViewFilter</filter-name> 
     <url-pattern>/*</url-pattern> 
    </filter-mapping> 
    <!-- Creates the Spring Container shared by all Servlets and Filters --> 
    <listener> 
     <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> 
    </listener> 
    <!-- Handles Spring requests --> 
    <servlet> 
     <servlet-name>ABC</servlet-name> 
     <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> 
     <init-param> 
      <param-name>contextConfigLocation</param-name> 
      <param-value>WEB-INF/spring/webmvc-config.xml</param-value> 
     </init-param> 
     <load-on-startup>1</load-on-startup> 
    </servlet> 
    <persistence-unit-ref> 
     <persistence-unit-ref-name>persistence/persistenceUnit</persistence-unit-ref-name> 
     <persistence-unit-name>persistenceUnit</persistence-unit-name> 
    </persistence-unit-ref> 

    <servlet-mapping> 
     <servlet-name>ABC</servlet-name> 
     <url-pattern>/</url-pattern> 
    </servlet-mapping> 
    <session-config> 
     <session-timeout>10</session-timeout> 
    </session-config> 
    <error-page> 
     <exception-type>java.lang.Exception</exception-type> 
     <location>/uncaughtException</location> 
    </error-page> 
    <error-page> 
     <error-code>404</error-code> 
     <location>/resourceNotFound</location> 
    </error-page> 
</web-app>

factory.js

angular.module('cnitch').factory('configFactory', ['$http', 
    function ($http) { 
     var urlBase = '/ABC/api/mode'; 
     var urlrootmode = '/ABC/api/mode/host/all/tranx/all'; 
     var configFactory = {}; 

     configFactory.getConfig = function (id) { 
      return $http.get(urlBase + "/" + id); 
     }; 

     configFactory.getConfigs = function() { 
      return $http.get(urlBase); 
     }; 

     configFactory.getConfignew = function() { 
      return $http.get(urlrootmode); 
     }; 

     configFactory.insertConfig = function (configString) { 
      return $http.post(urlBase, configString); 
     }; 

     configFactory.updateConfig = function (id, configString) { 
      return $http.put(urlBase + '/' + id, configString); 
     }; 
     configFactory.updateConfignew = function (id, configString) { 
      return $http.put(urlBase, configString); 
     }; 

     configFactory.deleteConfig = function (id) { 
      return $http.delete(urlBase + '/' + id); 
     }; 

     return configFactory; 

    } 
]);

ApplicationContext-security.xml

<?xml version="1.0" encoding="UTF-8"?> 
<beans:beans xmlns:beans="http://www.springframework.org/schema/beans" xmlns="http://www.springframework.org/schema/security" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans 
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd 
http://www.springframework.org/schema/security 
http://www.springframework.org/schema/security/spring-security-3.1.xsd"> 
    <!-- HTTP security configurations --> 
    <http auto-config="true" use-expressions="true"> 
     <form-login login-processing-url="/resources/j_spring_security_check" login-page="/login" authentication-failure-url="/login?login_error=t" /> 
     <logout logout-url="/resources/j_spring_security_logout" /> 
     <!-- Configure these elements to secure URIs in your application --> 
     <intercept-url pattern="/choices/**" access="hasRole('ROLE_ADMIN')" /> 
     <intercept-url pattern="/member/**" access="isAuthenticated()" /> 
     <intercept-url pattern="/resources/**" access="permitAll" /> 
     <intercept-url pattern="/main/**" access="permitAll" /> 
     <intercept-url pattern="/api/**" access="permitAll" /> 
     <intercept-url pattern="/**" access="permitAll" /> 
    </http> 
    <!-- Configure Authentication mechanism --> 
    <authentication-manager alias="authenticationManager"> 
     <!-- SHA-256 values can be produced using 'echo -n your_desired_password | 
       sha256sum' (using normal *nix environments) --> 
     <authentication-provider> 
      <jdbc-user-service data-source-ref="dataSource" users-by-username-query="select username,password, enabled from users where username=?" authorities-by-username-query="select u.username, ur.authority from users u, user_roles ur where u.user_id = ur.user_id and u.username =? " /> 
     </authentication-provider> 
    </authentication-manager> 
</beans:beans>

Source

2013-10-04 Arnab Majumder

+0

Vérifiez vos en-têtes de réponse et savoir si Access-Control-Allow-Méthodes contient "PUT". – geniuscarrier

Répondre

1

Vous devez confirmer probablement le web.xml par défaut situé dans $ TOMCAT_HOME/conf/web.xml.

Assurez-vous que la méthode PUT est retirée de ce qui suit:

<security-constraint> 
<web-resource-collection> 
    <web-resource-name>restricted methods</web-resource-name> 
    <url-pattern>/*</url-pattern> 
    <http-method>TRACE</http-method> 
    <http-method>PUT</http-method> 
    <http-method>OPTIONS</http-method> 
    <http-method>DELETE</http-method> 
</web-resource-collection> 
<auth-constraint/>

Source

2014-02-04 20:09:41

Questions connexes

 Questions connexes