I am trying to create a login form with Spring Security and Spring Boot, but it cannot find the user in the database. It just gives me the error when I put in the credentials. The registration form works though. You can take a look at the whole project here: https://github.com/ashofthephoenix/Blog/tree/master/src/main/java/com/paulthemenace/blog
It also gives me this:
Hibernate: select user0_.id as id1_2_, user0_.full_name as full_nam2_2_, user0_.password as password3_2_, user0_.username as username4_2_ from users user0_ where user0_.username=?
I am using UserRepository:
@Repository public interface UserRepository extends JpaRepository<User, Long> { User findByUsername(String username); }
my implementation of UserDetailsService:
@Service
public class UserDetailsServiceImpl implements UserDetailsService {
@Autowired
UserRepository userRepo;
private final Logger log = LoggerFactory.getLogger(UserDetailsService.class);
public UserDetailsServiceImpl() {
super();
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
// TODO Auto-generated method stub
log.debug("Authenticating {}", username);
final User user = userRepo.findByUsername(username);
if( user == null) {
throw new UsernameNotFoundException(username);
}
return new UserPrincipalImpl(user);
}
}
implementation of UserDetails:
public class UserPrincipalImpl implements UserDetails {
private final User user;
private static final long serialVersionUID = 1L;
public UserPrincipalImpl(User user) {
this.user = user;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
// TODO Auto-generated method stub
return null;
}
@Override
public String getPassword() {
// TODO Auto-generated method stub
return user.getPassword();
}
@Override
public String getUsername() {
// TODO Auto-generated method stub
return user.getUsername();
}
@Override
public boolean isAccountNonExpired() {
// TODO Auto-generated method stub
return true;
}
@Override
public boolean isAccountNonLocked() {
// TODO Auto-generated method stub
return true;
}
@Override
public boolean isCredentialsNonExpired() {
// TODO Auto-generated method stub
return true;
}
@Override
public boolean isEnabled() {
// TODO Auto-generated method stub
return true;
}
}
markup code:
<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org">
<head>
<link rel="stylesheet" href="../public/css/login.css"
th:href="@{/css/login.css}"/>
<title>Login</title>
</head>
<body>
<div class="container">
<div class="form">
<form method="post" th:action="@{/users/login}" class="login-form">
<p th:if="${param.error}"> Invalid username or password.</p>
<div><label for="username"></label></div>
<input type="text" placeholder="username"/>
<div><label for="password"></label></div>
<input type="password" placeholder="password"/>
<div><input type="submit" value="Login"/></div>
</form>
</div>
</div>
</body>
</html>
LoginController:
@Controller
public class LoginController {
@RequestMapping(value = "users/login", method = RequestMethod.GET)
public String login(Model model) {
return "users/login";
}
}
Security configuration:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsServiceImpl userDetailsService;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/").hasRole("USER").and().formLogin().loginPage("/users/login").permitAll()
.and().logout().permitAll();
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/resources/**", "/public/**", "/css/**", "/js/**", "/images/**");
}
@Override
protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenticationProvider());
}
@Bean
public DaoAuthenticationProvider authenticationProvider() {
final DaoAuthenticationProvider authProvider = new
DaoAuthenticationProvider();
authProvider.setUserDetailsService(userDetailsService);
return authProvider;
}
}
Thanks for the help. If I was not specific enough, I am sorry, but this issue is just killing me. If you're willing to help, then please tell me what information I didn't provide, and I'll give it to you.
Your login form elements are missing name attributes:
<input type="text" name="username" placeholder="username"/>
<input type="password" name="password" placeholder="password"/>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.