我正在使用Spring Security进行识别,但是当我尝试使用正确的用户名和密码识别时,它无法正常工作,我得到authentication-failure-url="/login.zul?error=true",我使用的是密码编码器,我先对密码进行编码,然后再保留密码数据库使用Spring Security提供的BCryptPasswordEncoder,我注意到在身份验证过程中,它从未执行过类CustomUserDetailsService。
这是我的配置:
<form-login login-page="/login.zul" default-target-url="/index.zul"
authentication-failure-url="/login.zul?error=true"
username-parameter="username" password-parameter="password" />
<intercept-url pattern="/profil.zul" access="isAuthenticated()" />
<intercept-url pattern="/*.zul" access="isAnonymous()" />
<logout logout-success-url="/index.zul" />
</http>
<beans:bean
class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"
id="passwordEncoder" />
<beans:bean id="customUserDetailsService"
class="ma.csimaroc.core.profil.services.impl.CustomUserDetailsService"
autowire="byName" />
<beans:bean id="authProvider"
class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<beans:property name="userDetailsService" ref="customUserDetailsService" />
<beans:property name="passwordEncoder" ref="passwordEncoder" />
</beans:bean>
<authentication-manager>
<authentication-provider ref="authProvider" />
</authentication-manager>
MyUserDetailService:
public class CustomUserDetailsService implements UserDetailsService {
UserDao userDao;
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException {
UserDetails user = null;
UserBD userBean = userDao.getUserByName(username);
System.out.println(userBean.getUsername());
List<GrantedAuthority> authList = new ArrayList<GrantedAuthority>();
authList.add(new SimpleGrantedAuthority(userBean.getUserRole()
.getRole()));
user = new User(userBean.getUsername(), userBean.getPassword()
.toLowerCase(), true, true, true, true, authList);
return user;
}
public UserDao getUserDao() {
return userDao;
}
public void setUserDao(UserDao userDao) {
this.userDao = userDao;
}
}
我的web.xml:
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/applicationContext.xml
/WEB-INF/security.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
答案 0 :(得分:1)
尝试在我自己的系统上复制问题后,我遇到了以下设置问题:
UserDao userDao;在您的CustomUserDetailsService函数中。
将其更改为:
@Autowired
private USerDao userDao;
如果这不起作用,请告诉我,我会进一步调查你。
答案 1 :(得分:1)
尝试调试,并在Spring中设置断点&#39; UsernamePasswordAuthenticationFilter。很容易看出失败的原因是什么。