[英]Spring security: user and admin login fails
這應該是一個簡單的解決方案,但我似乎無法弄清楚。
問題:每次我嘗試以用戶或管理員身份登錄時,用戶名和密碼始終返回“對此用戶的訪問被拒絕”(即使用戶名和角色確實在數據庫中)。
這是我的文件:
的LoginController:
@Controller
public class LoginController {
@RequestMapping("login")
public ModelAndView getLoginForm(
@RequestParam(required = false) String authfailed, String logout,
String denied) {
String message = "";
if (authfailed != null) {
message = "Invalid username of password, try again !";
} else if (logout != null) {
message = "Logged Out successfully, login again to continue !";
} else if (denied != null) {
message = "Access denied for this user !";
}
return new ModelAndView("login", "message", message);
}
@RequestMapping("user")
public String geUserPage() {
return "user";
}
@RequestMapping("admin")
public String geAdminPage() {
return "admin";
}
@RequestMapping("403page")
public String ge403denied() {
return "redirect:login?denied";
}
}
安全servlet.xml中:
<http auto-config="true" use-expressions="true">
<access-denied-handler error-page="/403page" />
<intercept-url pattern="/anonymous" access="isAnonymous"/>
<intercept-url pattern="/user**" access="hasRole('ROLE_USER')" />
<intercept-url pattern="/admin**" access="hasRole('ROLE_ADMIN')" />
<form-login login-page='/login' username-parameter="username"
password-parameter="password" default-target-url="/user"
authentication-failure-url="/login?authfailed" />
<logout logout-success-url="/login?logout" />
</http>
<authentication-manager>
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="select username,password, enabled from users where username=?"
authorities-by-username-query="select username, role from user_roles where username =? " />
</authentication-provider>
</authentication-manager>
通過在pom.xml中使用正確的安全版本解決了此問題
如何在沒有spring security的情況下創建admin的登錄模塊(僅登錄)並在spring中驗證用戶?
[英]How to Create login module of admin (only signIn) and validate user in spring without spring security?
Spring Security和Spring Batch管理控制台-自定義登錄頁面
[英]Spring Security & Spring Batch Admin Console - custom login page
Spring Security ProviderNotFoundException when user authentication failed
[英]Spring Security ProviderNotFoundException when user authentication fails
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.