我使用的是spring security 3.2,我的代码是
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd">
<http auto-config="true">
<access-denied-handler error-page="/403page" />
<intercept-url pattern="/user**" access="ROLE_USER" />
<intercept-url pattern="/admin**" access="ROLE_ADMIN" />
<form-login login-page='/login' username-parameter="username"
password-parameter="password" default-target-url="/user"
authentication-failure-url="/login?authfailed" />
<logout logout-success-url="/login?logout" />
</http>
<!-- <authentication-manager> <authentication-provider> <user-service> <user
name="user" password="user@123" authorities="ROLE_ADMIN" /> </user-service>
</authentication-provider> </authentication-manager> -->
<authentication-manager>
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="select username,password,enabled from qforma_users where username=?"
authorities-by-username-query="select username, role from qforma_roles where username =? " />
</authentication-provider>
</authentication-manager>
</beans:beans>
// and login.jsp page is
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html>
<head>
<title>Login Form | www.beingjavaguys.com</title>
</head>
<body>
<center>
<h2>Login Here</h2>
<div style="text-align: center; padding: 30px;border: 1px solid green;width: 250px;">
<form method="post" action="<c:url value='j_spring_security_check' />">
<table>
<tr>
<td colspan="2" style="color: red">${message}</td>
</tr>
<tr>
<td>User Name:</td>
<td><input type="text" name="username" />
</td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" />
</td>
</tr>
<tr>
<td> </td>
<td><input type="submit" value="Login" />
</td>
</tr>
</table>
</form>
</div>
</center>
</body>
</html>
我收到错误
DEBUG o.s.jdbc.datasource.DataSourceUtils - 返回JDBC连接 到DataSource 16:41:52.273 [http-nio-8080-exec-7] DEBUG o.s.s.a.d.DaoAuthenticationProvider - 身份验证失败:密码 与存储的值不匹配 16:41:52.273 [http-nio-8080-exec-7] DEBUG o.s.s.w.a.UsernamePasswordAuthenticationFilter - 认证 请求失败: org.springframework.security.authentication.BadCredentialsException: 不好的信用史 16:41:52.273 [http-nio-8080-exec-7] DEBUG o.s.s.w.a.UsernamePasswordAuthenticationFilter - 更新 SecurityContextHolder包含null身份验证
请帮帮我
我提供了正确的用户名和密码,但仍然显示身份验证失败:password does not match stored value
答案 0 :(得分:0)
//I have solved the issue actually I have used by putting trim(password) .i //am using postgres sql character (100) and it was occupying all the spaces even //though my password length is 4 characters .
<authentication-manager>
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="select username,trim(password),enabled from qforma_users where username=?"
authorities-by-username-query="select username, role from qforma_roles where username =? " />
</authentication-provider>
</authentication-manager>