Spring身份验证无法按预期工作

Question

我有一个页面（相关的上一个问题：https://stackoverflow.com/questions/34086914/best-way-to-implement-social-oauth-with-facebook），我需要使用经典的用户名密码和他的社交帐户对用户进行身份验证。

以下是一些代码：

Index.xhtml

<h:form id="loginForm" prependId="false" style="margin:5px 5px 5px 5px;">
        <p:growl id="growl" sticky="false" life="3000" showDetail="false" />
        <p:focus for="j_username"/>

        <p:panelGrid columns="1">
            <f:facet name="header">
                Please Login
            </f:facet>

            <p:watermark for="j_username" value="username@isp.com"/>                            
            <p:panelGrid columns="3">
                <h:outputLabel value="Email" for="j_username" />
                <p:inputText id="j_username" value="#{loginBean.userName}" 
                             required="true" label="Email" requiredMessage="Email is required"
                             validatorMessage="Please use a valid email address">
                    <f:validateRegex pattern="[\w\.-]*[a-zA-Z0-9_]@[\w\.-]*[a-zA-Z0-9]\.[a-zA-Z][a-zA-Z\.]*[a-zA-Z]" />
                </p:inputText>
                <p:message for="j_username"/>
                <h:outputLabel value="Password" for="j_password"/>
                <p:password id="j_password" value="#{loginBean.password}" feedback="false"
                            required="true" label="Password" requiredMessage="Password is required"
                            validatorMessage="Password must be at least 7 characters" />
                <p:message for="j_password"/>                                

                <h:outputText value=""/>
                <p:commandButton action="#{loginBean.doLogin()}" value="Login" ajax="false"/>
            </p:panelGrid>
        </p:panelGrid>
    </h:form>
 ....`enter code here`
 <h:form> 
      <h:commandLink id="facebook" action="#{loginBean.doFBLogin}" > 
          <h:graphicImage value="resources/images/fb-login.png" /> 
      </h:commandLink> 
 </h:form>

支持bean

LoginBean.java::doLogin()


public String doLogin() throws IOException, ServletException {
  LOG.debug("**** Executing doLogin method of LoginBean...");
  ExternalContext context = FacesContext.getCurrentInstance()
        .getExternalContext();

  RequestDispatcher dispatcher = ((ServletRequest) context.getRequest())
        .getRequestDispatcher("/j_spring_security_check?j_username=" + userName
                + "&j_password=" + new String(password));

  // Forwards to original destination or to error page
  dispatcher.forward((ServletRequest) context.getRequest(),
        (ServletResponse) context.getResponse());
  FacesContext.getCurrentInstance().responseComplete();

  // It's OK to return null here because Faces is just going to exit.
  return null;
}




public String doSocialAuthorization(String userName, char[] pass) throws IOException, ServletException {
        LOG.debug("**** Executing doLogin method for user coming from OAuth authentication");
        ExternalContext context = FacesContext.getCurrentInstance()
                .getExternalContext();
        String passS = new String(pass);
        RequestDispatcher dispatcher = ((ServletRequest) context.getRequest())
                .getRequestDispatcher("/j_spring_security_check?j_username=" + userName
                        + "&j_password=" + passS);

        // Forwards to original destination or to error page
        dispatcher.forward((ServletRequest) context.getRequest(),
                (ServletResponse) context.getResponse());
        FacesContext.getCurrentInstance().responseComplete();

        LOG.debug("**** User authenticated through facebook finished");
        return null;
    }

当用户使用他的Facebook帐户选择身份验证时，将调用

LoginBean.java::doFBLogin()。 Method doFBLogin()调用库scrib - java获取详细信息，最后系统从用户处获取电子邮件并在数据库中创建记录。然后它会触发doSocialAuthorization()。 这由于某种原因失败了。奇怪的部分是在创建之后我手动输入表格中的数据，经典的方式，一切正常！用户可以访问！