![](/img/trans.png)
[英]Spring Security suddenly stopped authenticating even tho it was working fine before
[英]Spring Security Suddenly Stopped working
我試圖將關系映射OneToOne添加到我的User實體中,並在前面添加了一些關系映射注釋,但是當我似乎無法弄清楚Spring Security出了什么問題時,我將其刪除。 我更改的唯一類是用戶實體,並添加了ROLE實體並添加了關系注釋,然后突然我無法登錄。 用戶名和密碼不正確,我想知道是否有人可以幫助我。 謝謝。
Securty.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.2.xsd">
<security:http auto-config="true" use-expressions="true" >
<security:intercept-url pattern="/login.html" access="permitAll" />
<security:intercept-url pattern="/home.html" access="isAuthenticated()" />
<security:intercept-url pattern="/users.html" access="isAuthenticated()" />
<security:intercept-url pattern="/userProfile.html" access="isAuthenticated()" />
<security:intercept-url pattern="/patientsProfile.html" access="isAuthenticated()" />
<security:intercept-url pattern="/patients.html" access="isAuthenticated()" />
<security:form-login login-page="/login.html"
default-target-url="/home.html"
authentication-failure-url="/loginfailed.html"/>
<security:logout logout-success-url="/logout.html" />
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:jdbc-user-service data-source-ref="dataSource"
users-by-username-query="SELECT user_name, password, active FROM user WHERE user_name = ?"
authorities-by-username-query="select u.user_name, ur.role from user u, user_roles ur where u.user_id = ur.user_id and u.user_name = ? " />
</security:authentication-provider>
</security:authentication-manager>
</beans>
實體
package com.chart.model;
import java.util.Date;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;
import javax.persistence.Table;
@Entity
@Table(name="user")
public class User {
@Id
@GeneratedValue
@Column(name="USER_ID")
private Long userId;
@Column(name="FIRST_NAME")
private String firstName;
@Column(name="MIDDLE_INI")
private String middleIni;
@Column(name="LAST_NAME")
private String lastName;
@Column(name="BIRTH_DATE")
private Date birthDate;
@Column(name="USER_NAME")
private String username;
@Column(name="PASSWORD")
private String password;
@Column(name="ACTIVE")
private String active;
...................
//getters and setters here
}
JSP
<div class="container">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">Please Sign in</h3>
</div>
<div class="panel-body">
<c:if test="${not empty error}">
<div class="alert alert-danger">
<spring:message code="AbstractUserDetailsAuthenticationProvider.badCredentials"/><br/>
</div>
</c:if>
<form action="<c:url value="/j_spring_security_check"></c:url>" method="post">
<fieldset>
<div class="form-group">
<input class="form-control" placeholder="User Name" name='j_username' type="text">
</div>
<div class="form-group">
<input class="form-control" placeholder="Password" name='j_password' type="password" value="">
</div>
<input class="btn btn-lg btn-success btn-block" type="submit" value="Login">
</fieldset>
</form>
</div>
</div>
</div>
</div>
</div>
依存關系
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>3.1.4.RELEASE</version>
<exclusions>
<exclusion>
<artifactId>spring-asm</artifactId>
<groupId>org.springframework</groupId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>3.1.4.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>3.1.4.RELEASE</version>
</dependency>
更新:但是當我使用它時,它將起作用。
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="Admin" password="Admin123" authorities="ROLE_ADMIN" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
我認為您的User實體應該實現UserDetails接口,以便spring可以在身份驗證上下文中實際使用它。
但這只是一個提示,至少就是我的實現方式。 也請看這里:
http://docs.spring.io/spring-security/site/docs/3.1.7.RELEASE/reference/core-services.html
同樣,如果您不確定發生了什么,則可以實現自己的身份驗證管理器並覆蓋其身份驗證方法。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.