我使用spring安全性使用数据库登录。我可以看到登录页面,但是当我尝试登录时页面只是重复,即使没有错误消息。我不知道它是否有效,因为它返回到登录页面。 这是我的代码。
security xml
<http auto-config="true">
<intercept-url pattern="/j_spring_security_check" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/admin/**" access="ROLE_USER" />
<form-login login-page="/login" authentication-failure-url="/login" default-target-url="/admin"/>
</http>
<authentication-manager>
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="SELECT USERID, PASSWORD FROM USERINFO WHERE V_USERID=?"
authorities-by-username-query="SELECT USERID, USERNAME FROM USERINFO WHERE USERID = ? AND PASSWORD=?"/>
</authentication-provider>
</authentication-manager>
登录jsp
<form method="POST" action="<c:url value='/j_spring_security_check' />">
<table class="login">
<tr>
<td>ID</td>
<td><input type="text" name="j_username"></td>
</tr>
<tr>
<td>PASSWORD</td>
<td><input type="password" name="j_password"></td>
</tr>
<tr>
<td colspan="2"><input type="submit" name="submit" value="confirm">
<input type="reset" value="reset"></td>
</tr>
</table>
</form>
controller java
@RequestMapping(value="/login", method = RequestMethod.GET)
public String login(Model mode){
return "login";
}
@RequestMapping(value = "/admin", method = RequestMethod.GET)
public String home(
@RequestParam(value="list", required=false) String list, Model model) {
return "home";
}
答案 0 :(得分:1)
将authentication-failure-url="/login"更改为authentication-failure-url="/login?error=1"这样您就可以检查error=1的网址,甚至可以更好地检查jsp中的网址并显示错误消息。