[英]custom spring login form looping and never authenticating
我在JSP上使用过此工具,但我想使用Thymeleaf。 这是问题,一旦我登录,页面便被重定向回登录页面。 即使以表单操作将其发送到/ userLogin并在控制器中捕获它,我也无法通过登录页面。 我将发布Google chromes检查的摘要,以便您了解我在说什么。 它甚至不显示表单操作URL。
spring-security.xml
<context:component-scan base-package="com.practice.controller"></context:component-scan>
<security:authentication-manager alias="Drew">
<security:authentication-provider>
<security:user-service>
<security:user name="drew" authorities="admin" password="letmein" />
<security:user name="mike" authorities="admin" password="eagles" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
<security:http use-expressions="true">
<security:intercept-url pattern="/resources/**" access="permitAll" />
<security:intercept-url pattern="/login" access="permitAll" />
<security:intercept-url pattern="/index" access="isAuthenticated()" />
<security:intercept-url pattern="/form" access="isAuthenticated()" />
<security:intercept-url pattern="/" access="isAuthenticated()" />
<security:intercept-url pattern="/**" access="denyAll" />
<security:form-login
login-page="/login" />
</security:http>
login.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html xmlns:th="http://www.thymeleaf.org" xmlns:tiles="http://www.thymeleaf.org">
<head>
<title>Login Form</title>
</head>
<body onload='document.f.j_username.focus();'>
<h3>Login with Username and Password</h3>
<form name="f" th:action="@{/userLogin}" method="post">
<fieldset>
<legend>Please Login</legend>
<label for="username">Username</label>
<input type="text" id="username" name="u_username"/>
<label for="password">Password</label>
<input type="password" id="password" name="p_password"/>
<div class="form-actions">
<button type="submit" class="btn">Log in</button>
</div>
</fieldset>
</form>
</body>
</html>
LoginController.java
@Controller
public class LoginController {
@RequestMapping("/login")
public String showLogin(){
return "login";
}
@RequestMapping(value = "/userLogin", method = RequestMethod.POST)
public String getUserLogin(){
return "form";
}
}
dispatcher-servlet.xml
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.2.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.2.xsd">
<mvc:annotation-driven></mvc:annotation-driven>
<context:component-scan base-package="com.practice.controller"></context:component-scan>
<mvc:resources mapping="/resources/**" location="/resources/"/>
<mvc:default-servlet-handler/>
<bean id="jspViewResolver"
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/jsps/"></property>
<property name="suffix" value=".jsp"></property>
</bean>
</beans>
浏览器中的检查视图
----------------更新1 -----------------
不知道这是否与它有任何关系,但是如果您在我的dispatcher-servlet.xml中注意到了以下内容:
<bean id="jspViewResolver"
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/jsps/"></property>
<property name="suffix" value=".jsp"></property>
</bean>
在百里香叶站点上,提到了使用这种方法: 百里香叶与spring-MVC
<bean id="templateResolver"
class="org.thymeleaf.templateresolver.ServletContextTemplateResolver">
<property name="prefix" value="/WEB-INF/templates/" />
<property name="suffix" value=".html" />
<property name="templateMode" value="HTML5" />
</bean>
<bean id="templateEngine"
class="org.thymeleaf.spring4.SpringTemplateEngine">
<property name="templateResolver" ref="templateResolver" />
</bean>
<bean class="org.thymeleaf.spring4.view.ThymeleafViewResolver">
<property name="templateEngine" ref="templateEngine" />
</bean>
现在我正在使用.jsp,但使用了百里香叶技术。 我厌倦了遵循说明,但是没有用。
忠告? 我开始将问题缩小到百里香问题,但我确实不确定。
登录表单应提交到URL j_spring_security_check。 删除/ userLogin控制器并设置表单:
<th:form name="f" th:action="j_spring_security_check" method="post">
要么
<form name="f" action="j_spring_security_check" method="post">
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.