Spring Security用户已登录,但已重定向到拒绝访问页面
[英]Spring Security user logged in but redirected to access denied page
问题描述
I am currently working on a project with Spring 4, Spring Security 4, Hibernate 4, MySQL 5. When I login with the user credentials, it logs in but takes me to unauthenticated user page. 
我目前正在使用Spring 4,Spring Security 4,Hibernate 4,MySQL 5进行项目。当我使用用户凭据登录时,它会登录,但会带我进入未经身份验证的用户页面。 I tried debugging the code in eclipse but I am not able to find out why it goes to the unauthenticated user page. 我尝试调试eclipse中的代码,但无法查明为何进入未经身份验证的用户页面。 We are using 4 different types of users for the project, so the database design given to me was a little different. 我们正在为该项目使用4种不同类型的用户,因此提供给我的数据库设计略有不同。
I have also asked the same question in coderanch 4 days ago but I didn't receive any answers. 我也于4天前在coderanch中问过同样的问题,但没有收到任何答案。 Here is the link to the question Coderanch . 这是问题Coderanch的链接。 I have added the source files there for reference. 我在其中添加了源文件以供参考。
If you guys need any more files, please ask me and I shall provide you the same here. 如果你们需要更多文件,请问我,我将在此处为您提供同样的文件。
3 个解决方案
解决方案1
0 2016-06-22 09:20:44
本教程将帮助您了解其工作原理,并解决以下问题: Spring MVC 4 + Spring Security 4 + Hibernate Example
解决方案2
0 已采纳 2016-06-23 03:49:34
For people looking answers to this question, here is the trick. 对于寻求该问题答案的人们,这是窍门。 You will have to add "ROLE_" in your SimpleGrantedAuthority object if you are fetching roles from database. 如果要从数据库中获取角色,则必须在SimpleGrantedAuthority对象中添加“ ROLE_”。 That is 那是
authorities.add(new SimpleGrantedAuthority("ROLE_" + user.getType());
The explanation of why we should add the "ROLE_" token is given in this doc . 为何要添加“ ROLE_”令牌的说明在此文档中给出。
From the docs,
The prefix "ROLE_" is a marker which indicates that a simple comparison with the user's authorities should be made.
解决方案3
0 2016-06-23 03:56:38
除了Parthe的答案以外,您可能还需要确保用于登录的用户帐户至少具有列出的角色之一(“ SUPER ADMIN”,“ ADMIN”,“ STAFF”)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.