我正在尝试扩展UsernamePasswordAuthenticationFilter,如本教程所示:http://blog.awnry.com/post/16183749439/two-factor-authentication-and-spring-security-3
这是我的security.xml:
<security:http use-expressions="true" auto-config="false"
entry-point-ref="loginUrlAuthenticationEntryPoint">
<security:custom-filter position="FORM_LOGIN_FILTER"
ref="twoFactorAuthenticationFilter" />
<security:intercept-url pattern="/**"
access="isAuthenticated()" />
<security:logout logout-url="/player/logout"
success-handler-ref="playerLogoutSuccessHandler" />
</security:http>
<bean id="loginUrlAuthenticationEntryPoint"
class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
<property name="loginFormUrl" value="/demo/player/login" />
</bean>
<bean id="twoFactorAuthenticationFilter"
class="com.XXX.filter.TwoFactorAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationFailureHandler" ref="failureHandler" />
<property name="authenticationSuccessHandler" ref="playerAuthenticationSuccessHandler" />
<property name="filterProcessesUrl" value="/processLogin" />
<property name="postOnly" value="true" />
<property name="extraParameter" value="domain" />
</bean>
<bean id="failureHandler"
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<property name="defaultFailureUrl" value="/login?login_error=true" />
</bean>
<bean id="bCryptPasswordEncoder"
class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder" />
<security:authentication-manager
alias="authenticationManager">
<security:authentication-provider
ref="authenticationProvider">
</security:authentication-provider>
</security:authentication-manager>
</beans>
当我到达需要注册的页面时,我的自定义登录会出现,但在提交时没有任何附加内容。
我的登录信息:
<body>
<form method="post" action="http://localhost:8080/XXX/j_spring_security_check">
<div id="passwordLoginOption" class="form">
<div class="row">
<div class="label left">
<label for="j_username">login:</label>
</div>
<div class="right">
<div class="textWrapper">
<input type="text" name="j_username"/>
</div>
</div>
<div class="cl"></div>
</div>
<div class="row">
<div class="label left">
<label for="j_password">password:</label>
</div>
<div class="right">
<div class="textWrapper">
<input type="password" name="j_password"/>
</div>
</div>
<div class="cl"></div>
</div>
<div class="row">
<div class="label left">
<label for="brand">brand:</label>
</div>
<div class="right">
<div class="textWrapper">
<input type="text" name="brand"/>
</div>
</div>
<div class="cl"></div>
</div>
<div class="buttons">
<input type="submit" value="Login"/>
</div>
</div>
</form>
</body>
想法?
答案 0 :(得分:1)
您已指定filterProcessesUrl,因此您的登录表单需要提交。具体来说,你应该使用类似的东西:
<form method="post" action="/XXX/filterProcessesUrl">
当然,理想情况下,您不会对上下文根进行硬编码。如果您使用的是JSP,则可以使用<c:url>
标记自动包含上下文根。