错误404:/ j_spring_security_check不可用

时间:2014-04-14 14:05:55

标签: jsf spring-security

我尝试在身份验证表单中将Spring Security集成到JSF上,私有页面现在需要进行身份验证,但是当我输入登录名和密码时,此错误会被显示

Error 404 : Project/j_spring_security_check is not available

所以我创建了一个JSF表单:

    <h:form id="loginForm" prependId="false" >
  <label for="exampleInputEmail1">Email address</label>
<h:inputText class="form-control"  id="j_username" required="true"/>
 <label for="exampleInputPassword1">Password</label>
 <h:inputSecret  class="form-control" id="j_password" required="true"/>
   <h:commandButton  type="submit" class="btn btn-primary btn-block" action="#{authentication.doLogin()}" value="Login" />
 </h:form>

身份验证bean中的函数doLogin()定义如下:

public String doLogin() throws ServletException, IOException
    {
        ExternalContext context=FacesContext.getCurrentInstance().getExternalContext();
        RequestDispatcher dispatcher=((ServletRequest)context.getRequest()).getRequestDispatcher("j_spring_security_check");
        dispatcher.forward((ServletRequest)context.getRequest(),(ServletResponse)context.getResponse());
        FacesContext.getCurrentInstance().responseComplete();
        return null;
    }

Spring-security.xml:

<http auto-config="true">
<intercept-url pattern="/j_spring_security_check" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/login.xhtml*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/Backoff/*" access="ROLE_USER"/>
<form-login login-page="/login.xhtml" default-target-url="/Backoff/activities.xhtml"
always-use-default-target="true" 
authentication-failure-url="/Front/error.xhtml"  /> 
</http>

我应该添加什么才能使它有效?

2 个答案:

答案 0 :(得分:1)

要解决此问题,您可以按照以下步骤操作:

1 - 像这样更改Spring-security.xml:

 <http use-expressions="true">

<intercept-url pattern="/login.xhtml*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/Backoff/*" access="ROLE_USER"/>
<form-login 
       login-page="/login.xhtml" 
       default-target-url="/Backoff/activities.xhtml"
       always-use-default-target="true" 
       authentication-failure-url="/Front/error.xhtml"
       <!--
        if you want to use primefaces components you can use this:
        password-parameter="j_idt10" : Name of password input
        username-parameter="j_idt8" : Name of username input 
        ==>To get the name of your inputs you can use "element inspection" offred by you browser (chrome,firefox)
          -->

     />  
</http>

2 - 像这样更改您的JSF表单

<h:form id="loginForm" prependId="false" onsubmit="document.getElementById('loginForm').action='j_spring_security_check';" >
  <label for="exampleInputEmail1">Email address</label>
<h:inputText id="exampleInputEmail1" class="form-control"  name="j_username" required="true"/>
 <label for="exampleInputPassword1">Password</label>
 <h:inputSecret  id="exampleInputPassword1" class="form-control" name="j_password" required="true"/>
   <h:commandButton  type="submit" class="btn btn-primary btn-block" value="Login" />
 </h:form>

您可以注意到我删除了commandButton的操作,并且我将输入的id更改为name,我还在表单中添加了onsubmit函数

希望这可以帮到你

答案 1 :(得分:1)

尝试添加<dispatcher>FORWARD</dispatcher>

<filter>
   <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
  <filter-name>springSecurityFilterChain</filter-name>
  <url-pattern>/*</url-pattern>
  <dispatcher>FORWARD</dispatcher>
  <dispatcher>REQUEST</dispatcher>
</filter-mapping>

Custom login page with JSF and Spring-Security 3