我尝试找到解决方案,但没有人工作。我有一些用JSF编写的spring security configs和frontend。我发现了一些内心的配置,但他们一起不想工作
<http>
<intercept-url pattern="/index*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/javax.faces.resource/**"
access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/**" access="ROLE_USER" />
<intercept-url pattern="/admin/*" access="ROLE_SUPERVISOR" />
<form-login login-page="/index.html" default-target-url="/home.html"
always-use-default-target="true" authentication-failure-url="/index.xhtml?login_error=1" />
<logout logout-url="/logout.html" />
</http>
和
<authentication-manager>
<authentication-provider>
<user-service>
<user name="admin" password="admin" authorities="ROLE_USER, ROLE_SUPERVISOR" />
<user name="anonim" password="anonim" authorities="" />
<user name="user" password="user" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
我想制作一些类似自定义记录器的自定义类我找到的解决方案类似于:
public class LoginBeenController {
private static final Logger LOGGER = Logger.getLogger(LoginBeenController.class);
private String login;
private String password;
@Autowired
private AuthenticationManager authenticationManager;
public LoginBeenController() {
}
public String getLogin() {
return login;
}
public String getPassword() {
return password;
}
public void setLogin(String login) {
this.login = login;
}
public void setPassword(String password) {
this.password = password;
}
public String login(){
Authentication authentication = authenticationManager
.authenticate(new UsernamePasswordAuthenticationToken(
this.login, this.password));
if (authentication.isAuthenticated()) {
SecurityContextHolder.getContext().setAuthentication(
authentication);
}
return new String();
}
}
这是主要形式:
<h:form>
<h:panelGrid columns="2" cellpadding="5">
<h:outputLabel for="username" name='j_username' value="Username:" />
<p:inputText id="username" value="#{loginBeenController.login}" required="true" label="username" />
<h:outputLabel for="password" value="Password:" />
<h:inputSecret id="password" value='#{loginBeenController.password}' required="true" label="password" />
<f:facet name="footer">
<p:commandButton ajax='false' id="loginButton" value="Login" action="#{loginBeenController.login()}" />
</f:facet>
</h:panelGrid>
</h:form>
答案 0 :(得分:2)
好的,我发现解决方案我只需要添加:
@Autowired
@Qualifier("authenticationManager")
AuthenticationManager authenticationManager;
答案 1 :(得分:0)
您应该转发到Spring Security身份验证URL,而不是使用AuthenticationManager。试试这个:
public String doLogin() throws ServletException, IOException {
FacesContext context = FacesContext.getCurrentInstance();
String springCheckUrl = this.buildSpringSecurityCheckUrl();
HttpServletRequest request = (HttpServletRequest) context
.getExternalContext().getRequest();
RequestDispatcher dispatcher = request
.getRequestDispatcher(springCheckUrl);
dispatcher.forward((ServletRequest) request,
(ServletResponse) context.getExternalContext.getResponse());
context.responseComplete();
return null;
}
private String buildSpringSecurityCheckUrl() {
StringBuilder springCheckUrl = new StringBuilder(
"/j_spring_security_check").append("?").append("j_username")
.append("=").append(this.userName.trim()).append("&")
.append("j_password").append("=")
.append(this.userPassword.trim());
return springCheckUrl.toString();
}
}