[英]Spring security authentication: always redirect to error login page
我的應用程序上的 spring 安全登錄有問題。 我的登錄頁面在賣家/登錄 url 上,處理 url 設置為 /loginProcessing,在表單上提交登錄數據后:
<form name="loginform" action="/loginProcessing" method="POST">
<table>
<tr>
<td>Enter username:</td>
<td><input type='text' name='username' value=''></td>
</tr>
<tr>
<td>Enter password:</td>
<td><input type='password' name='password' /></td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
<tr>
<td colspan='2'><input name="submit" type="submit" value="Submit" /></td>
</tr>
</table>
</form>
無論登錄名和密碼是否正確,我總是被重定向到 loginProcessing 狀態為 302 的登錄錯誤頁面。 你知道為什么每次都會發生嗎? spring-security.xml 中用於檢查登錄數據的 Sql 查詢看起來正確,數據庫中的密碼以純文本形式存儲
我的配置文件:
彈簧security.xml:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans
xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<!-- enable use-expressions -->
<http auto-config="true">
<intercept-url pattern="/admin/*" access="hasRole('admin')" />
<intercept-url pattern="/seller/login" access="permitAll" />
<intercept-url pattern="/customer/login" access="permitAll" />
<intercept-url pattern="/changePassword" access="permitAll" />
<intercept-url pattern="/index" access="permitAll" />
<!-- user-defined login form redirection -->
<form-login login-page="/seller/login" login-processing-url="/loginProcessing" default-target-url="/main"
username-parameter="email" password-parameter="password"
authentication-failure-url="/seller/login/error" />
<!-- logout url -->
<logout logout-success-url="/seller/login/logout" />
<!-- csrf disabled -->
<csrf disabled="true" />
</http>
<!-- Select users and user_roles from database -->
<authentication-manager>
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query=
"select email,password from users where email=?"
authorities-by-username-query=
"select u.email, r.name from users u, role r, user_roles ur where u.id = ur.user_id and ur.roles_id = r.id and u.email =?" />
</authentication-provider>
</authentication-manager>
應用上下文.xml:
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.2.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd http://www.springframework.org/schema/mvc https://www.springframework.org/schema/mvc/spring-mvc.xsd">
<context:component-scan base-package="application"/>
<context:annotation-config />
<mvc:annotation-driven />
<tx:annotation-driven transaction-manager="transactionManager1"/>
<import resource="classpath:spring-security.xml" />
<bean class="org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor" />
<bean id="entityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
<property name="persistenceUnitName" value="punit"/>
<property name="dataSource" ref="dataSource"/>
<property name="packagesToScan" value="application"/>
<property name="jpaVendorAdapter">
<bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">
<property name="showSql" value="true"/>
</bean>
</property>
<property name="jpaPropertyMap">
<map>
<entry key="hibernate.dialect" value="org.hibernate.dialect.PostgreSQL9Dialect"/>
<entry key="hibernate.hbm2ddl" value="true"/>
<entry key="hibernate.hbm2ddl.auto" value="update"/>
<entry key="hibernate.format_sql" value="true"/>
<entry key="hibernate.show_sql" value="true"/>
</map>
</property>
</bean>
<bean id="transactionManager1" class="org.springframework.orm.jpa.JpaTransactionManager">
<property name="entityManagerFactory" ref="entityManagerFactory"/>
</bean>
<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName" value="org.postgresql.Driver"/>
<property name="url" value="jdbc:postgresql://localhost:5432/khn"/>
<property name="username" value="postgres"/>
<property name="password" value="admin"/>
</bean>
servlet.xml
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/mvc https://www.springframework.org/schema/mvc/spring-mvc.xsd">
<mvc:default-servlet-handler/>
<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/pages/"/>
<property name="suffix" value=".html"/>
</bean>
網頁.xml:
<web-app version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<display-name>khn</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:/applicationContext.xml</param-value>
</context-param>
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet
</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>WEB-INF/servlet.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
好的,我自己找到答案。 我錯過了 spring-security.xml 和 servlet.xml 中的一些模式聲明
現在在 servlet.xml 我有:
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd">
在 spring-security.xml 中:
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
我還編輯了 users-by-username-query,這個查詢需要額外的啟用列
select email,password,1 as enabled from users where email=?
現在我們可以使用有效憑據登錄
Spring Security自定義身份驗證提供程序始終重定向到登錄頁面
[英]Spring Security Custom Authentication Provider always redirect to login page
Spring boot & Spring security 總是重定向到 Login
[英]Spring boot & Spring security always redirect to Login
Spring Security登錄顯示錯誤頁面,身份驗證失敗?
[英]Spring security login gives error page, is authentication failing?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.