Using spring security with hibernate, When the user comes at /login and enters his credentials, he is supposed to be forwarded to /users/home . but he is not for the very first time he logins in, he is show a 404 message The requested resource is not available (some times at /favicon.ico if its on a live domain and localhost/ if its on localhost). If he returns back to the login page and logins again with SAME credentials, he is correctly landed to /users/home. why is that? http://pastie.org/8586150
spring security xml:
<security:form-login
login-page="/login"
authentication-failure-url="/login?error=true"
default-target-url="/users/home"/>
<security:authentication-manager>
<security:authentication-provider user-service-ref="customUserDetailsService">
</security:authentication-provider>
</security:authentication-manager>
-Controller--------
@RequestMapping(value = "/users/home" )
public String userHome(ModelMap model, HttpServletRequest request) {
User springUser = (User)SecurityContextHolder.getContext().getAuthentication().getPrincipal();
String loginId = springUser.getUsername(); //get logged in username
result = userService.getUserByLoginId(loginId);
Users user = (Users)result.getObject();
HttpSession session = request.getSession(true);
session.setAttribute("userName", user.getName());
// model.addAttribute("username", user.getName());
return "/users/home";
}
package web.service.common;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Repository;
import web.dao.UsersDAO;
import web.dao.impl.jpa.UsersDAOImpl;
import web.entity.Users;
@Service
public class CustomUserDetailsService implements UserDetailsService{
//@Resource
@Autowired
private UsersDAO userDAO;
public UserDetails loadUserByUsername(String email)
throws UsernameNotFoundException, DataAccessException {
// Declare a null Spring User
UserDetails springUser = null;
try {
System.out.println("the email passed from CustomUserDetailsService in method loadUserByUsername is: " +email);
Users dbUser = userDAO.getUserByLoginId(email);
springUser = new User(
dbUser.getEmail(),
dbUser.getPassword().toLowerCase(),
true,
true,
true,
true,
//getAuthorities(dbUser.getAccess()) );
getAuthorities(2) );
} catch (Exception e) {
e.printStackTrace();
System.out.println(e.getMessage());
throw new UsernameNotFoundException("Error in retrieving user");
}
System.out.println("debug ---- 4");
return springUser;
}
public Collection<GrantedAuthority> getAuthorities(Integer access) {
List<GrantedAuthority> authList = (List<GrantedAuthority>) new ArrayList<GrantedAuthority>(2);
authList.add(new GrantedAuthorityImpl("ROLE_USER"));
return authList;
}
}
It may be due to dosnt getting user from database. Try to return null when u not found any user from database.
Users dbUser = userDAO.getUserByLoginId(email);
if(dbUser==null){
return null;
}
I am also sharing tutorial develop by me for Spring security with UserService. It may be help you for further
<security:intercept-url pattern="/favicon.ico" access="permitAll"/>
<security:intercept-url pattern="/" access="permitAll"/>
solved the problem :)
You need to allow access to all for the favicon. :)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.