在处理同一问题之前,我使用过的一件事是拥有2个单独的DispatcherServlet:
<listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class></listener><servlet> <servlet-name>flex</servlet-name> <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> <load-on-startup>1</load-on-startup></servlet><servlet-mapping> <servlet-name>flex</servlet-name> <url-pattern>/messagebroker/*</url-pattern></servlet-mapping><servlet> <servlet-name>spring-mvc</servlet-name> <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> <load-on-startup>1</load-on-startup></servlet><servlet-mapping> <servlet-name>spring-mvc</servlet-name> <url-pattern>/spring/*</url-pattern></servlet-mapping>
您还需要通过将MVC路径修改为以下内容来更新安全配置:
/spring/...
我几乎可以肯定,当您使用SpringDS而不是BlazeDS时,这不是最佳解决方案。必须有一个更好的方法!
您也可以尝试删除:
<security:http pattern="/messagebroker/**" entry-point-ref="entryPoint"> <security:anonymous enabled="false"/></security:http>
而不是尝试使用此:
<flex:message-broker mapping-order="1"> <flex:mapping pattern="/messagebroker/*"/> <flex:message-service default-channels="amf, polling-amf, longpolling-amf" /> <flex:secured> <flex:secured-channel channel="amf" access="ROLE_SOME_ROLE" /> </flex:secured></flex:message-broker>
请记住,身份验证应通过Flex客户端上的channelSet完成!
