05-Jan-2016 23:44:35.610 SEVERE [http-apr-8080-exec-2] org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.doFilter尝试验证用户时发生内部错误。
org.springframework.security.authentication.InternalAuthenticationServiceException 引起:java.lang.NullPointerException at dao.UserDAOImpl.getUser(UserDAOImpl.java:36) at service.UserDetailsServiceImpl.loadUserByUsername(UserDetailsServiceImpl.java:38) 在org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:102)
我的web.xml
<display-name>Spring MVC Application</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/mvc-dispatcher-security.xml
/WEB-INF/mvc-dispatcher-servlet.xml
</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>mvc-dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>mvc-dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
的security.xml
<security:http auto-config="true" >
<security:intercept-url pattern="/admin-panel" access="ROLE_ADMIN"/>
<security:intercept-url pattern="/user_panel" access= "ROLE_USER"/>
<security:form-login login-page="/welcome"
default-target-url="/default"
username-parameter="username"
password-parameter="password"/>
</security:http>
<bean class="service.UserDetailsServiceImpl" id="userDetailsService" autowire="byType">
</bean>
<security:authentication-manager >
<security:authentication-provider user-service-ref="userDetailsService">
</security:authentication-provider>
</security:authentication-manager>
servlet.xml中
<context:component-scan base-package="springapp.mvc,service,dao,domain"/>
<context:annotation-config/>
<mvc:annotation-driven/>
<mvc:default-servlet-handler />
<mvc:resources mapping="/resources/**" location="resources/">
</mvc:resources>
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/pages/"/>
<property name="suffix" value=".jsp"/>
</bean>
<bean id="template" class="org.springframework.jdbc.core.JdbcTemplate">
<property name="dataSource" ref="dataSource">
</property>
</bean>
<bean id="dataSource"
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName" value="com.mysql.jdbc.Driver"/>
<property name="url" value="jdbc:mysql://localhost:3306/votingsystem"/>
<property name="username" value="root"/>
<property name="password" value="anl14anl14"/>
</bean>
User.java
package domain;
public class User
{
private String username;
private String password;
private String role;
public User(String username, String password,String role )
{
this.username = username;
this.password = password;
this.role=role;
}
public User() {
}
public boolean enter(String username, String password) {
this.username = username;
this.password = password;
return true;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getRole() {
return role;
}
public void setRole(String role) {
this.role = role;
}
}
UserDAO.java
package dao;
import domain.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import java.util.List;
public interface UserDAO
{
public User getUser(String username);
}
UserDAOImpl.java
package dao;
import domain.User;
import domain.UserMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Repository;
@Repository
public class UserDAOImpl implements UserDAO
{
private JdbcTemplate template;
private static final String find = "SELECT role FROM users WHERE username = ? ";
public UserDAOImpl() {
}
@Override
public User getUser(String username) {
return template.queryForObject(find, new Object[]{username}, User.class);
}
}
UserDetailsServiceImpl.java
package service;
import dao.UserDAO;
import domain.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.Set;
@Service
public class UserDetailsServiceImpl implements UserDetailsService
{
@Autowired
UserDAO userDAO;
@Override
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException
{
User user = userDAO.getUser(username);
Set<GrantedAuthority> roles = new HashSet();
if (user.getRole().equals("admin"))
roles.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
else if (user.getRole().equals("user"))
roles.add(new SimpleGrantedAuthority("ROLE_USER"));
UserDetails userDetails =new org.springframework.security.core.userdetails.User(user.getUsername(),user.getPassword(),roles);
return userDetails;
}
}
Controller.java
package springapp.mvc;
import dao.UserDAO;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
@Controller
public class HelloController
{
@RequestMapping (value = "/welcome")
public String get ( Model model )
{
return "welcome";
}
@RequestMapping (value = "/default")
public String adminPage ( HttpServletRequest request) {
if (request.isUserInRole("ROLE_ADMIN")) {
return "redirect:/admin-panel";
}
else if (request.isUserInRole("ROLE_USER"))
{
return "redirect:/user_panel";
}
return "redirect:/welcome";
}
@RequestMapping (value = "/user_panel")
public ModelAndView regPage ()
{
ModelAndView modelAndView = new ModelAndView();
modelAndView.setViewName("user_panel");
return modelAndView;
}
@RequestMapping (value = "/admin-panel")
public ModelAndView adminPage ()
{
ModelAndView modelAndView = new ModelAndView();
modelAndView.setViewName("admin-panel");
return modelAndView;
}
}
的welcome.jsp
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html>
<head>
<title> Hello </title>
<meta charset="utf-8">
<c:url value="/resources/theme/css/main1.css" var="main"/>
<link href="${main}" rel="stylesheet"/>
</head>
<body>
<div id="wrapper" >
<div id="header">
<h1> ACCESS TO ELECTIONS </h1>
</div>
<div id="form_user">
<div id="registration "> </div>
<div class="form">
<form method="post">
<div class="youInfo">
<div class="info youName">
<label for="name">Name<input type="text" id="name" required /><span></span></label>
<label for="login">Login<input type="email" id="login" required /><span></span></label>
<label for="password1">Password<input type="password" id="password1" required /><span></span></label>
<button type="submit">Register</button>
</div>
</div>
</form>
</div>
<p id="part"> </p>
<div id="enter"> </div>
<div class="form">
<form action="/j_spring_security_check" method="post" >
<div class="enter">
<div class="enterin">
<label for="username">Login<input type="text" name="username" id="username"/><span></span></label>
<label for="password">Password <input type="password" name="password" id="password" /><span></span></label>
<button type="submit">Sign in</button>
</div>
</div>
</form>
</div>
</div>
<div id ="footer"> </div>
</div>
</body>
</html>
答案 0 :(得分:0)
您可能错过了UserDAOImpl.java中@Autowired
上的private JdbcTemplate template;
。
@Repository
public class UserDAOImpl implements UserDAO {
@Autowired
private JdbcTemplate template;
...
}