I am using spring mvc interceptor for security but it,s also checking for css and js also but I want ignore checking for css and js.
I have interception as below style in my XML file :
<mvc:interceptors>
<bean class="com.nfdil.loyalty.web.interceptor.SecurityManagerInterceptor" />
</mvc:interceptors>
How can I ignore checking for css and js?
Did you try this?
<mvc:interceptor>
<mvc:mapping path="/**"/>
<mvc:exclude-mapping path="/static/**"/>
<bean class="com.nfdil.loyalty.web.interceptor.SecurityManagerInterceptor" />
</mvc:interceptor>
You can find more detailed docs here
Related
I need to include a properties file into my Alfresco webscript developed in Java.
How can I include it?
The properties file includes a hash map useful for service work.
How can use ResourceBundle?
Note that it is not a i18n file.
Thanks
-- Marco
you should be able to get your props as map via spring injection with your java webscript bean:
<property name="your map">
<bean class="org.springframework.beans.factory.config.PropertiesFactoryBean">
<property name="location" value="your_properties.properties"/>
</bean>
</property>
You know we can use properties files data in Spring mvc xml file.
for example:
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="location">
<value>xxxx.properties</value>
</property>
</bean>
...
<mvc:mapping path="/${path}/*" />
...
but how I could use it in annotation
like:
#Controller
#RequestMapping("/${url}")
now it's wrong.
Tell me how to do
Thank you very much.
Spring doesnt resolve ${x} inside #RequestMapping, indeed {x} is used for #PathVariable. It's not possible to pass non-constant variables to annotations so you can't use #Value either.
I believe its not possible to do what you intend through annotations.
I'm trying to configure Spring MVC to have the following scheme :
any url starting with "{context}/resources" should be cacheable
any other url should not be cacheable (in my case, everything by "resources" are dynamic pages )
The first part is pretty easy using mvc:resource :
<mvc:resources mapping="/resources/**" location="..." cache-period="3600"/>
I'm kinda lost for the second part.
By default, it seems like the "dynamic resources" have no cache-related info (no cache-control header, no pragma, etc...). Some browsers might cache things (FF), some might not (Chrome), which is understanable.
There are many posts about how one can use a combinason of and WebContentInterceptor to make some pages cacheable :
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/foobar/**"/>
<bean id="webContentInterceptor" class="org.springframework.web.servlet.mvc.WebContentInterceptor">
<property name="cacheSeconds" value="0"/>
<property name="useExpiresHeader" value="true"/>
<property name="useCacheControlHeader" value="true"/>
<property name="useCacheControlNoStore" value="true"/>
</bean>
</mvc:interceptor>
</mvc:interceptors>
However in my case this is not useable as such, since I don't have a path expression to match (exclusion is notoriously impossible).
So is there a way I can express this :
* do what mvc:resources do for resources
* do "something" for all other pages ?
The only alternative I can see would be to write a custom Interceptor which would check whether somehing is a resource, but that sounds a bit strange not to be able to define cache properties globally.
Thanks
Spring MVC behaves just the way you want it. The WebContentInterceptor intercepts and adds cache-control only to the requests for text/html resources.
The way to do it for all urls is to leave <mvc:mapping> out of the configuration:
<mvc:interceptors>
<bean id="webContentInterceptor" class="org.springframework.web.servlet.mvc.WebContentInterceptor">
<property name="cacheSeconds" value="0"/>
<property name="useExpiresHeader" value="true"/>
<property name="useCacheControlHeader" value="true"/>
<property name="useCacheControlNoStore" value="true"/>
</bean>
</mvc:interceptor>
Also, because <mvc:interceptors> & <mvc:resources> are independent, any particular order of those two tags is not important (unlike suggested in the answer here).
I'm implementing a cache busting system for a Spring MVC application.
For this system to work, I have to strip the "cache busting code" from a given url. Let's say my generated cache busting code is "123" and I have a .css url that is: /public-123/css/style.css. In this example, I want /public/css/style.css to be succesfully called (-123 must be stripped).
This works in my "mvc-config.xml" context file:
<mvc:resources mapping="/public-123/**" location="/public/" />
But I would also like any cache busting code to work, even if it's not the current one. For example, I would also like /public-456/css/style.css to reach the style.css file.
If I try to add another wildcard to the mapping:
<mvc:resources mapping="/public-*/**" location="/public/" />
It doesn't work! I receive a 404....
How could I specify the "mapping" attribute so any code after the "public-" part is well managed?
One way to handle this is to use Spring EL, as shown in the Spring docs:
<mvc:resources mapping="/resources-#{applicationProps['application.version']}/**" location="/public-resources/"/>
You could probably store the "123" part in a properties file so it only gets set once. E.g. via property-placeholder:
<context:property-placeholder location="classpath:myApp.properties"/>
<mvc:resources mapping="/resources-${cache.code}/**" location="/public-resources/"/>
This has the advantage of being able to read this code in your JSP pages (to generate links) via the same properties value.
I managed to get this working by manually defining the ResourceHttpRequestHandler to handle assets that are located on the filesystem alongside the <mvc:resources /> tag:
<bean id="assetsResourceHandler" class="org.springframework.web.servlet.resource.ResourceHttpRequestHandler">
<property name="locations">
<list>
<bean class="org.springframework.core.io.UrlResource">
<constructor-arg value="file:#{applicationProps['assets.basedir']}"></constructor-arg>
</bean>
</list>
</property>
</bean>
I guess you're doing this to achieve cache busting for your static resources.
In the meantime, Spring 4.1 has dedicated features for this, so you can remove a lot of that custom configuration.
Something like this:
<mvc:resources mapping="/public/**" location="/public/"/>
<mvc:resource-chain resource-cache="true">
<mvc:resolvers>
<mvc:version-resolver>
<mvc:content-version-strategy patterns="/**"/>
</mvc:version-resolver>
</mvc:resolvers>
</mvc:resource-chain>
</mvc:resources>
What is a simple way to resolve the path to a JSP file that is not located in the root JSP directory of a web application using SpringMVCs viewResolvers? For example, suppose we have the following web application structure:
web-app
|-WEB-INF
|-jsp
|-secure
|-admin.jsp
|-admin2.jsp
index.jsp
login.jsp
I would like to use some out-of-the-box components to resolve the JSP files within the jsp root folder and the secure subdirectory. I have a *-servlet.xml file that defines:
an out-of-the-box, InternalResourceViewResolver:
<bean id="jspViewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="viewClass" value="org.springframework.web.servlet.view.JstlView"></property>
<property name="prefix" value="/WEB-INF/jsp/"></property>
<property name="suffix" value=".jsp"></property>
</bean>
a handler mapping:
<bean id="handlerMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
<property name="mappings">
<props>
<prop key="/index.htm">urlFilenameViewController</prop>
<prop key="/login.htm">urlFilenameViewController</prop>
<prop key="/secure/**">urlFilenameViewController</prop>
</props>
</property>
</bean>
an out-of-the-box UrlFilenameViewController controller:
<bean id="urlFilenameViewController" class="org.springframework.web.servlet.mvc.UrlFilenameViewController">
</bean>
The problem I have is that requests to the JSPs in the secure directory cannot be resolved, as the jspViewResolver only has a prefix defined as /jsp/ and not /jsp/secure/.
Is there a way to handle subdirectories like this? I would prefer to keep this structure because I'm also trying to make use of Spring Security and having all secure pages in a subdirectory is a nice way to do this.
There's probably a simple way to acheive this but I'm new to Spring and the Spring MVC framework so any pointers would be appreciated.
I haven't been able to discover the exact solution to the question I asked but I do have a workaround that suits my particular requirements. The problem seems to lie in the hander mapping. If specified as in the example in the post, any requests to pages in the secure folder result in a failed attempt to locate the actual JSP file in the /WEB-INF/JSP/ folder when of course the actual file is located in /WEB-INF/jsp/secure/.
However, if specified like so:
<bean id="handlerMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
<property name="mappings">
<props>
<prop key="/login.htm">loginFormController</prop>
<prop key="**/*.htm">urlFilenameViewController</prop>
</props>
</property>
</bean>
Then all the pages are resolved correctly. A request to /login.html will go to a specific form controller but requests to all other pages, no matter whether they are in the root JSP directory or a sub directory will be found. For me this is fine because what I was really looking for was a way to avoid specifiying a controller for every page in the application (hmmm... perhaps I should have made that clear in the first post - and perhaps there are better ways to do this anyway(?)) . The **/*.htm acts as a catch-all case and any pages that I want handled by a different controller can be specified explicitly above this property, as demonstrated by /login.htm.
Try with UrlFilenameViewController or return new ModelAndView("secure/login");
You can try giving names of the views in the Controller like
<property name="formView" value="secure/admin"/>
<property name="successView" value="secure/admin2"/>
having prefix and suffix mapped as below
<bean id="viewResolver"
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/jsp/" />
<property name="suffix" value=".jsp" />
This will eventually map to /WEB-INF/jsp/secure/admin.jsp and /WEB-INF/jsp/secure/admin2.jsp
You need to set the alwaysUseFullPath property in in the Handler to true:
<bean id="handlerMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
...
<property name="alwaysUseFullPath" value="true" />
</bean>
This will force the handler to use the '/secure/' part of the URI and then the resolver will include it when looking for a JSP in WEB-INF/jsp.
It seems like this ought to work, according to the docs:
http://static.springsource.org/spring/docs/3.0.x/api/org/springframework/web/servlet/mvc/UrlFilenameViewController.html
The configs you have shown seem to match up with the examples in the doc. If your Spring MVC dispatcher servlet is mapped to "/" then requests to "{context}/secure/whatever.jsp" should get translated to view name "secure/whatever". Maybe it has something to do with the "**" wildcard? Or maybe some of your other configs are not right? Can you include the portion of your web.xml where you set up your Spring dispatcher servlet and also include the full paths you're requesting in your browser?
Another way to find the problem would be to to download the Spring MVC source code and include it in your app, then use a debugger to see exactly what is going on in both the SimpleUrlHandlerMapping and UrlFilenameViewController beans to try to pinpoint the error. You should be able to pretty quickly determine where things are going wrong that way.
You need to set the property as follows:
<property name="prefix" value="/WEB-INF/jsp/"/>
and then you can access the URI secure/admin1.jsp
All sub folders can be accessed by using wild card in prefix
From controller you can simply return jsp name as string and the jsp will be displayed even if it is under sub folders of /WEB-INF/jsp/ like /WEB-INF/jsp/abc