我是apache shiro的新手,目前正在使用jdbcRealm。但在使用令牌登录时,SQL异常显示如下 -
org.apache.shiro.authc.AuthenticationException: There was a SQL error while authenticating user [nnnnnnnn]
18:08:47,738 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.shiro.realm.jdbc.JdbcRealm.doGetAuthenticationInfo(JdbcRealm.java:254)
18:08:47,748 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
....
Caused by: java.sql.SQLException: Invalid column index
....
[main]
# Own Realm
jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.permissionsLookupEnabled = true
# datasource
ds = oracle.jdbc.pool.OracleConnectionPoolDataSource
ds.URL = jdbc:oracle:thin:@192.168.2.10:1522:WBORCLSTDONE
ds.user = WISENPA
ds.password = issac123
jdbcRealm.dataSource = $ds
jdbcRealm.authenticationQuery = "SELECT PASSWORD FROM WB_NETB_USER_MASTER WHERE LOGINID = ?"
[users]
[roles]
[urls]
# enable authc filter for all application pages
/InternetBanking_v1/**=authc
我编写了一个REST服务,其中已经检查了值并尝试使用令牌登录。
/// ---从数据库表中获取实际的哈希密码
Query query = entityManager.createQuery("SELECT userLogin FROM UserLogin userLogin where userLogin.loginid=:loginid and userLogin.password=:passwd" )
.setParameter("loginid", login.getLoginid())
.setParameter("passwd",hashedPasswordBase64);
loggedInUser = (UserLogin) query.getSingleResult();
if (loggedInUser==null){
loggedInUser = new UserLogin();
}
//---- Creating Token
UsernamePasswordToken token = new UsernamePasswordToken(StrLoginId, hashedPasswordBase64);
token.setRememberMe(true);
SecurityUtils.setSecurityManager(sm);
Subject currentUser = SecurityUtils.getSubject();
try {
currentUser.login(token); ////// HERE ERROR APPEARS
System.out.println("----- Login Success -----");
} catch (IncorrectCredentialsException ice) {
System.out.println("Incorrect username/password!");
}
当包含 -
的行时currentUser.login(令牌);
is executed The Exception "java.sql.SQLException: Invalid column index" is coming.
如果shiro.ini文件中存在任何配置问题或我的代码中存在任何其他缺陷,请有人帮助我吗?
非常感谢,
Jayanta P。
答案 0 :(得分:3)
你应该删除引号"来自您的查询。
而不是:
jdbcRealm.authenticationQuery = "SELECT PASSWORD FROM WB_NETB_USER_MASTER WHERE LOGINID = ?"
DO
jdbcRealm.authenticationQuery = SELECT PASSWORD FROM WB_NETB_USER_MASTER WHERE LOGINID = ?