Spring Security:hasAnyRole无效

时间:2014-05-19 12:48:40

标签: java spring spring-mvc spring-security

我无法通过在loadUserByUsername方法中实现UserDetailsS​​ervice来为用户设置角色。

登录时,它总是重定向到错误页面。它似乎总是返回false。

我是否在这里失踪,例如任何特定的依赖或什么?

是否必须使用数据库?

请查看以下相关文件。

安全context.xml中

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">


<bean id="userDaoBean" class="com.dao.UserServiceDao" />
<bean id="successHandler" class="com.util.RedirectHandler" />

<security:http auto-config="true" use-expressions="true">
    <security:intercept-url pattern="/resources/**" access="permitAll" />
    <security:intercept-url pattern="/login/**" access="permitAll" />
    <security:intercept-url pattern="/**" access="hasAnyRole('ROLE_USER','ADMINS','SUPER_USER')" />

    <security:form-login 
        login-processing-url="/j_spring_security_check"
        login-page="/login" 
        default-target-url="/home" 
        authentication-failure-url="/login?error" 
        authentication-success-handler-ref="successHandler"
        always-use-default-target="true" />

    <security:logout logout-success-url="/login?logout" />

</security:http>

<security:authentication-manager>
    <security:authentication-provider user-service-ref="userDaoBean" />
</security:authentication-manager>  

UserServiceDao

@Component
public class UserServiceDao implements UserDetailsService {

@Override
public UserDetails loadUserByUsername(String username)
        throws UsernameNotFoundException {

    User userObj = new User(username, "password", true, true, true, true,
            Arrays.asList(new SimpleGrantedAuthority("ADMINS")));       

    return userObj;
}
}

的Login.jsp

<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>

<div id="welcomePage">
<div id="header"><jsp:include page="loginHeader.jsp"/></div>
<div id="welcomePageContent" style="height: 70%;">

    <div class="display-table loginSection">
        <div class="display-table-row">
            <div class="display-table-cell align-left">
                <img src="resources/images/survey_icon.jpg"  class="loginImage"/>
            </div>  
            <div class="display-table-cell">
                <form action="<c:url value='j_spring_security_check' />" method="POST">
                    <div style="color:red;">${error}</div>
                    <p class="loginLabel"><label for="email">E-mail address</label></p>
                    <p><input name="j_username" type="email" id="email" class="loginTextBox" placeholder="mail@address.com"></p>        
                    <p class="loginLabel"><label for="password">Password</label></p>
                    <p><input name="j_password" type="password" id="password" class="loginTextBox" placeholder="password"></p>      
                    <p><button class="loginButton" type="submit">Login</button></p>
                </form>
            </div>      
        </div>  
    </div>      
</div>
<div id="footer"><jsp:include page="footer.jsp"/></div>

0 个答案:

没有答案