大家好，目前有个状况是
只要一开 spring security, post method 就会进不去...
以下是设定档跟程式片段
Test.java
...
@RequestMapping(value = { "/test" }, method = RequestMethod.POST)
public void testPost() {
System.out.println("post");
}
@RequestMapping(value = { "/test" }, method = RequestMethod.GET)
public void testGet(HttpServletRequest req) {
System.out.println("get");
}
...
spring-security.xml
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/test" access="permitAll" />
...
</http>
web.xml
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>
org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
result
同时做了/test的post跟get method, 结果只有出现get...
2015-05-14 WARN PageNotFound:198 - Request method 'POST' not supported
get
...
想请问一下这样是否有办法看出哪边设定出错？
(如果spring-security.xml的permitAll改成denyAll的话,get会被挡住,
所以设定上应该没问题才是?)
或者是说有其他的方式可以不要检查 /test post method?
感谢 <(_ _)>

解开了orz 另外开一个 <http /> 就好...<http pattern="/test*" security="none"/>

如果是最新版的话 csrf防护默认是开的 POST要附_csrfhttp://goo.gl/xjDXHKsecurity="none"就没意义了建议把security的log level调到debug 会看得更清楚~

感谢,我研究看看 ^^>