![](/img/trans.png)
[英]How to show a user disabled message to client when user is disabled in spring security
[英]User account is disabled - Spring Security
我正在开发一个 web 应用程序,它使用 Spring Security 4.0.2 来验证用户的用户名/密码。
当我尝试使用现有用户名登录时,spring 安全性告诉我“用户帐户已禁用”,但我不知道如何更改它。
我的背景:
<!-- enable use-expressions -->
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/private/**" access="hasRole('ROLE_USER')" />
<!-- Erro aqui -->
<form-login login-page="/public/login.xhtml"
username-parameter="j_username" password-parameter="j_password"
login-processing-url="/j_spring_security_check"
authentication-failure-url="/public/login.xhtml?login_error=1"
authentication-success-handler-ref="authenticationSuccessHandler" />
<logout logout-success-url="/public/login.xhtml" />
<csrf disabled="true" />
</http>
<b:bean id="authenticationSuccessHandler"
class="br.com.jway.security.UrlAuthenticationSuccessHandler" />
<!-- Select users and user_roles from database -->
<authentication-manager>
<authentication-provider>
<password-encoder hash="md5" />
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="SELECT login,senha,role FROM usuario WHERE login = ?"
authorities-by-username-query="SELECT login, role FROM usuario WHERE login = ? " />
</authentication-provider>
</authentication-manager>
任何人都知道如何解决这个问题?
I was also facing the same issue. Just return "true" in isEnabled method where you are implementing " UserDetails "
public class UserPrinciple implements UserDetails {
@Override
public boolean isEnabled() {
return true;
}
UserDetailsService
( JdbcDaoImpl
)的标准JDBC
实现要求表为用户加载密码,帐户状态(启用或禁用)和权限列表(角色)。
问题是您的查询未加载帐户状态:
users-by-username-query="SELECT login,senha,role FROM usuario WHERE login = ?
该查询应提供username
, password
并enabled
。 我猜你应该用enabled
替换role
,我不知道senha
实际上是什么!
扩展查询以获取已enabled
属性:
users-by-username-query :查询给定用户名的用户名,密码和启用状态的SQL语句。 默认是
select username, password, enabled from users where username = ?
您可以在Spring Security文档JDBC用户服务中找到详细信息。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.