Spring Security OpenID - 无法处理声称的身份“null”

时间:2010-01-29 22:13:23

标签: java spring google-app-engine openid spring-security

我无法使Spring Security OpenID功能正常运行。当我使用http://spring.security.test.myopenid.com/作为输入时,我收到以下错误。这是一个指向spring source的链接,它显示抛出异常的位置。有什么想法吗?

  

无法处理声明的身份   'NULL'。

的applicationContext-security.xml文件:

<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
        http://www.springframework.org/schema/security
        http://www.springframework.org/schema/security/spring-security-3.0.xsd">

    <http>
        <intercept-url pattern="/**" access="ROLE_USER" />
        <intercept-url pattern="/login/" filters="none" />
        <intercept-url pattern="/" filters="none" />
        <logout />
        <openid-login login-page="/login/" authentication-failure-url="/login/?login_error=true">
            <attribute-exchange>
                <openid-attribute name="email" type="http://schema.openid.net/contact/email" />
                <openid-attribute name="name" type="http://schema.openid.net/namePerson/friendly" />
            </attribute-exchange>
        </openid-login>
        <remember-me token-repository-ref="tokenRepository"/>
    </http>

    <beans:bean id="tokenRepository" 
        class="org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl" />

    <authentication-manager alias="authenticationManager" />

    <user-service id="userService">
          <user name="http://spring.security.test.myopenid.com/" password="password" authorities="ROLE_SUPERVISOR,ROLE_USER" />
    </user-service>

</beans:beans>

的login.jsp:

<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
    <head>
        <title>Test GAE</title>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
    </head>
    <body>
        <h3>Please Enter Your OpenID Identity</h3>

        <c:if test="${not empty param.login_error}">
            Your login attempt was not successful, try again.<br/><br/>
            Reason: <c:out value="${SPRING_SECURITY_LAST_EXCEPTION.message}"/>.
        </c:if>

        <form action="<c:url value='/j_spring_openid_security_check'/>" method="post">
            <table>
                <tr><td>OpenID Identity:</td><td><input type='text' name='j_username' value='<c:if test="${not empty param.login_error}"><c:out value="${SPRING_SECURITY_LAST_USERNAME}"/></c:if>'/></td></tr>
                <tr><td><input type="checkbox" name="_spring_security_remember_me" /></td><td>Remember me on this computer.</td></tr>
                <tr><td colspan='2'><input name="submit" type="submit" /></td></tr>
                <tr><td colspan='2'><input name="reset" type="reset" /></td></tr>
            </table>
        </form>
    </body>
</html>

1 个答案:

答案 0 :(得分:1)

您可能应在j_username名称中将openid_identifier替换为<input ...>

来自消息来源:

/** 
 * The name of the request parameter containing the OpenID identity, as submitted from     the initial login form. 
 * 
 * @param claimedIdentityFieldName defaults to "openid_identifier" 
 */