无法使用我的login.jsp页面登录

时间:2016-03-01 16:07:11

标签: java spring jsp spring-mvc spring-security

我正在使用Spring MVC 4.1和Spring Security 4.0。我想使用自己的登录页面,但Spring Security总是给我访问拒绝页面。如果我使用默认登录页面,一切都很好。这是我的security.xml     

<http auto-config="true">
    <intercept-url pattern="/"
                   access="permitAll"/>
    <intercept-url pattern="/login"
                   access="permitAll()"/>
    <intercept-url pattern="/signup"
                   access="permitAll"/>
    <intercept-url pattern="/logout"
                   access="permitAll"/>
    <intercept-url pattern="/errors/**"
                   access="permitAll"/>
    <intercept-url pattern="/users"
                   access="hasRole('USER')"/>
    <intercept-url pattern="/forum"
                   access="hasRole('USER')"/>
    <!-- access denied page -->
    <access-denied-handler
            error-page="/errors/403"/>

    <form-login
            login-page="/login"
            login-processing-url="/login"
            username-parameter="username"
            password-parameter="password"
    />


    <logout
            logout-success-url="/welcome"/>
    <!--logout-url="/j_spring_security_logout"-->
    <!-- enable csrf protection -->
    <!--<csrf/>-->
</http>


<b:import resource="classpath:ru/forque/service/applicationContext-service.xml"/>

<authentication-manager>
    <authentication-provider user-service-ref="myUserDetailsService">
        <password-encoder ref="passwordEncoder"/>
    </authentication-provider>
</authentication-manager>

这里是login.jsp 

<html>
<head>
<title>Log in</title>
</head>
<body>
<div class="row">
<div class="container">
    <h1>Forque Sign In</h1>
    <c:url value="/login" var="loginUrl"/>
    <form action="${loginUrl}" method="post">
        <c:if test="${param.error != null}">
            <div class="alert alert-error">
                Failed to login.
                <c:if test="${SPRING_SECURITY_LAST_EXCEPTION != null}">
                    Reason: <c:out value="${SPRING_SECURITY_LAST_EXCEPTION.message}" />
                </c:if>
            </div>
        </c:if>
        <c:if test="${param.logout != null}">
            <div class="alert alert-success">
                You have been logged out.
            </div>
        </c:if>
        <label for="username">Username</label>
        <input type="text" id="username" name="username"/>
        <label for="password">Password</label>
        <input type="password" id="password" name="password"/>
        <div class="form-actions">
            <input class="btn" type="submit" value="Login"/>
        </div>
    </form>
    </div>
    </div>
    </body>
  </html>

1 个答案:

答案 0 :(得分:0)

尝试删除登录处理网址

<form-login login-page="/login" username-parameter="username" password-parameter="password" authentication-failure-url="/Access_Denied"/>
相关问题
最新问题