Spring Security无法验证用户

Question

I have a user with username sajjad and password 200200 :

<security:http auto-config="true" use-expressions="true">
    <security:intercept-url pattern="/hello/" access="hasRole('ROLE_USER')"/>
    <security:form-login login-page="/myLogin.jsp"
                         default-target-url="/pages/index.jsp"
                         login-processing-url="/j_spring_security_check"
                         authentication-failure-url="/myLogin.jsp?error=1"
                         username-parameter="username" password-parameter="password"/>
    <security:csrf disabled="true"/>
</security:http>

<security:authentication-manager>
    <security:authentication-provider>
        <security:user-service>
            <security:user name="sajjad" authorities="ROLE_USER" password="200200"/>
    </security:authentication-provider>
</security:authentication-manager>

And this is myLogin.jsp :

<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%@taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html>
<head>
</head>
<body>

<form action="<c:url value='/j_spring_security_check' />" method="POST">
    <label for="username">User Name:</label>
    <input id="username" name="j_username" type="text"/>
    <label for="password">Password:</label>
    <input id="password" name="j_password" type="password"/>
    <input type="submit" value="Log In"/>
</form>
</body>
</html>

But when i enter correct username/password and submit the form , it displays the failure-url and not authenticate the user.

web.xml

<servlet>
    <servlet-name>dispatcher</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
    <servlet-name>dispatcher</servlet-name>
    <url-pattern>/</url-pattern>
</servlet-mapping>

<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>

<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>
        /WEB-INF/security-config.xml
        /WEB-INF/dispatcher-servlet.xml
    </param-value>
</context-param>

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

Answer 1

You have changed the username parameter and password parameter in security config. But in form you are using the default one. change the name of inputs in your form to "username" and "password" and check it again.