Spring 未指定值的错误页面上未显示安全用户名

Spring security username not displayed on error page which value is not specified

这是我的错误处理程序控制器。当 links/urls 不存在时,它会转到 404 页面。我也在使用 spring 安全性。基本上,当用户登录时,会显示用户的用户名。但如果用户输入错误或输入错误 url/link,它会显示 404 错误页面,但不会显示用户名。

package com.syntacks.controller;

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
public class HTTPErrorHandlers{

    String path = "/user";

    @RequestMapping(value="/400")
    public String error400(){
        return path+"/404";
    }

     @RequestMapping(value="/404")
     public String error404(){
         return path+"/404";
     }

     @RequestMapping(value="/500")
     public String error500(){
         return path+"/404";
     }


}

我已经在这里添加了 sec-authorize 来确定用户是否登录。这放在我的每一页上。

    <sec:authorize ifAnyGranted="ROLE_USER,ROLE_ADMIN">
    <a class="active" href="/Project/profile?user=${pageContext.request.userPrincipal.name}">${pageContext.request.userPrincipal.name}</a>
                                        <ul class="dropdown">
                                        <li><a href="/Project/<c:url value='logout'/>">Logout</a></li>
                                        </ul>
</sec:authorize>

在 web.xml 我添加了错误代码

<error-page>
        <error-code>400</error-code>
        <location>/400</location>
    </error-page>
    <error-page>
        <error-code>123</error-code>
        <location>/123</location>
    </error-page>
    <error-page>
        <error-code>404</error-code>
        <location>/404</location>
    </error-page>
        <error-page>
        <error-code>405</error-code>
        <location>/405</location>
    </error-page>
    <error-page>
        <error-code>500</error-code>
        <location>/500.jsp</location>
    </error-page>

因此,如果用户键入 404 或我指定的任何映射值 return 用户名,但如果未指定值或 link,它只会显示 404 页面,其中未找到错误页面没有显示用户名的文本。非常感谢您的帮助:)

Spring-security.xml

<beans:beans xmlns:security="http://www.springframework.org/schema/security"
      xmlns:beans="http://www.springframework.org/schema/beans" 
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:schemaLocation="http://www.springframework.org/schema/beans
              http://www.springframework.org/schema/beans/spring-beans.xsd
              http://www.springframework.org/schema/security
              http://www.springframework.org/schema/security/spring-security.xsd">



     <security:http auto-config='true'>
            <security:access-denied-handler error-page="/403" />

            <security:intercept-url pattern="/questions/ask" access="ROLE_USER,ROLE_ADMIN" />
            <security:intercept-url pattern="/profile" access="ROLE_USER" />    
            <security:intercept-url pattern="/view-tags" access="ROLE_ADMIN" />
            <security:intercept-url pattern="view-questions" access="ROLE_ADMIN" />
            <security:intercept-url pattern="/view-users" access="ROLE_ADMIN" />                            
            <security:form-login login-page="/login" default-target-url="/" authentication-failure-url="/login?error"/>
            <security:logout logout-success-url="/login?logout" logout-url="/logout" 
            invalidate-session="false"/>
        </security:http>


     <security:authentication-manager>
            <security:authentication-provider>
                <security:jdbc-user-service data-source-ref="dataSource"  
                    users-by-username-query="select username,password, enabled from users where username=?"  
                    authorities-by-username-query="select username, role from users where username =?  " />
            </security:authentication-provider>
          </security:authentication-manager>
    </beans:beans>

使用以下代码行获取当前登录的用户:

<security:authorize access="isAuthenticated()">
    authenticated as <security:authentication property="principal.username" /> 
</security:authorize>