我尝试使用弹簧安全设备登录,但我的错误访问被拒绝了。
弹簧security.xml文件:
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:aop="http://www.springframework.org/schema/aop" xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<security:http auto-config="true" use-expressions="true">
<security:intercept-url pattern="/login" access="hasRole('ROLE_ANONYMOUS')"/>
<security:logout logout-url="/j_spring_security_logout" logout-success-url="/"/>
<security:form-login
login-processing-url="/j_spring_security_check"
login-page="/login"
always-use-default-target="true"
default-target-url="/index"/>
<security:intercept-url pattern="/index" access="hasAnyRole('admin','human')" />
<security:csrf/>
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:jdbc-user-service
data-source-ref="serverDataSource"
users-by-username-query="
select LOGIN,PASSWORD, case is_blocked when 1 then 0 else 1 end enabled
from USERS where LOGIN=?"
authorities-by-username-query="
select u.login,p.name from (select up.permission_id as perm,us.login from users_permissions up,(select id,login from users where login = ?) us where us.id=up.user_id) u, permissions p where p.id = u.perm" />
</security:authentication-provider>
</security:authentication-manager>
</beans>
的login.jsp
<%@taglib uri="http://www.springframework.org/tags/form" prefix="form" %>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>JBookShelf</title>
</head>
<body>
<h1 id="banner">Login to Security Demo</h1>
<form name='login' action="j_spring_security_check" method='POST'>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
<table>
<tr>
<td>User:</td>
<td><input type='text' name='username' value=''></td>
</tr>
<tr>
<td>Password:</td>
<td><input type='password' name='password' /></td>
</tr>
<tr>
<td><input name="submit" type="submit" value="submit" /></td>
</tr>
</table>
</form>
${sessionScope["SPRING_SECURITY_LAST_EXCEPTION"].message}
</body>
</html>
登录控制器
@Controller
public class LoginController {
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String loginPage(Model model) {
return "login";
}
}
Tomcat记录
23:46:14,196 [http-apr-8082-exec-1] DEBUG JstlView - Forwarding to resource [/WEB-INF/views/login.jsp] in InternalResourceView 'login'
23:46:14,212 [http-apr-8082-exec-1] DEBUG FilterChainProxy - /WEB-INF/views/login.jsp at position 1 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
23:46:14,212 [http-apr-8082-exec-1] DEBUG FilterChainProxy - /WEB-INF/views/login.jsp at position 2 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
23:46:14,212 [http-apr-8082-exec-1] DEBUG FilterChainProxy - /WEB-INF/views/login.jsp at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
23:46:14,212 [http-apr-8082-exec-1] DEBUG FilterChainProxy - /WEB-INF/views/login.jsp at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter'
23:46:14,212 [http-apr-8082-exec-1] DEBUG FilterChainProxy - /WEB-INF/views/login.jsp at position 5 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
23:46:14,212 [http-apr-8082-exec-1] DEBUG AntPathRequestMatcher - Request 'GET /web-inf/views/login.jsp' doesn't match 'POST /j_spring_security_logout
23:46:14,212 [http-apr-8082-exec-1] DEBUG FilterChainProxy - /WEB-INF/views/login.jsp at position 6 of 13 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
23:46:14,212 [http-apr-8082-exec-1] DEBUG AntPathRequestMatcher - Request 'GET /web-inf/views/login.jsp' doesn't match 'POST /j_spring_security_check
23:46:14,212 [http-apr-8082-exec-1] DEBUG FilterChainProxy - /WEB-INF/views/login.jsp at position 7 of 13 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
23:46:14,212 [http-apr-8082-exec-1] DEBUG FilterChainProxy - /WEB-INF/views/login.jsp at position 8 of 13 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
23:46:14,212 [http-apr-8082-exec-1] DEBUG FilterChainProxy - /WEB-INF/views/login.jsp at position 9 of 13 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
23:46:14,212 [http-apr-8082-exec-1] DEBUG FilterChainProxy - /WEB-INF/views/login.jsp at position 10 of 13 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
23:46:14,212 [http-apr-8082-exec-1] DEBUG AnonymousAuthenticationFilter - SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.AnonymousAuthenticationToken@905571d8: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@0: RemoteIpAddress: 127.0.0.1; SessionId: 20D4252DE71CF4419119CC79CD34581C; Granted Authorities: ROLE_ANONYMOUS'
23:46:14,212 [http-apr-8082-exec-1] DEBUG FilterChainProxy - /WEB-INF/views/login.jsp at position 11 of 13 in additional filter chain; firing Filter: 'SessionManagementFilter'
23:46:14,212 [http-apr-8082-exec-1] DEBUG FilterChainProxy - /WEB-INF/views/login.jsp at position 12 of 13 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
23:46:14,243 [http-apr-8082-exec-1] DEBUG FilterChainProxy - /WEB-INF/views/login.jsp at position 13 of 13 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
23:46:14,243 [http-apr-8082-exec-1] DEBUG FilterChainProxy - /WEB-INF/views/login.jsp reached end of additional filter chain; proceeding with original chain
23:46:14,371 [http-apr-8082-exec-1] DEBUG ExceptionTranslationFilter - Chain processed normally
23:46:14,371 [http-apr-8082-exec-1] DEBUG DispatcherServlet - Successfully completed request
23:46:14,371 [http-apr-8082-exec-1] DEBUG HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
23:46:14,371 [http-apr-8082-exec-1] DEBUG ExceptionTranslationFilter - Chain processed normally
23:46:14,371 [http-apr-8082-exec-1] DEBUG SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
23:46:16,591 [http-apr-8082-exec-2] DEBUG FilterChainProxy - /j_spring_security_check at position 1 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
23:46:16,591 [http-apr-8082-exec-2] DEBUG HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
23:46:16,591 [http-apr-8082-exec-2] DEBUG HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@7eea159c. A new one will be created.
23:46:16,591 [http-apr-8082-exec-2] DEBUG FilterChainProxy - /j_spring_security_check at position 2 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
23:46:16,592 [http-apr-8082-exec-2] DEBUG FilterChainProxy - /j_spring_security_check at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
23:46:16,592 [http-apr-8082-exec-2] DEBUG HstsHeaderWriter - Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@6f61511c
23:46:16,592 [http-apr-8082-exec-2] DEBUG FilterChainProxy - /j_spring_security_check at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter'
23:46:16,592 [http-apr-8082-exec-2] DEBUG FilterChainProxy - /j_spring_security_check at position 5 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
23:46:16,592 [http-apr-8082-exec-2] DEBUG AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/j_spring_security_logout'
23:46:16,593 [http-apr-8082-exec-2] DEBUG FilterChainProxy - /j_spring_security_check at position 6 of 13 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
23:46:16,593 [http-apr-8082-exec-2] DEBUG AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/j_spring_security_check'
23:46:16,593 [http-apr-8082-exec-2] DEBUG UsernamePasswordAuthenticationFilter - Request is to process authentication
23:46:16,593 [http-apr-8082-exec-2] DEBUG ProviderManager - Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider
23:46:16,599 [http-apr-8082-exec-2] DEBUG JdbcTemplate - Executing prepared SQL query
23:46:16,600 [http-apr-8082-exec-2] DEBUG JdbcTemplate - Executing prepared SQL statement [select LOGIN,PASSWORD, case is_blocked when 1 then 0 else 1 end enabled from USERS where LOGIN=?]
23:46:16,604 [http-apr-8082-exec-2] DEBUG DataSourceUtils - Fetching JDBC Connection from DataSource
23:46:16,705 [http-apr-8082-exec-2] DEBUG DataSourceUtils - Returning JDBC Connection to DataSource
23:46:16,707 [http-apr-8082-exec-2] DEBUG JdbcTemplate - Executing prepared SQL query
23:46:16,707 [http-apr-8082-exec-2] DEBUG JdbcTemplate - Executing prepared SQL statement [select u.login,p.name from (select up.permission_id as perm,us.login from users_permissions up,(select id,login from users where login = ?) us where us.id=up.user_id) u, permissions p where p.id = u.perm]
23:46:16,707 [http-apr-8082-exec-2] DEBUG DataSourceUtils - Fetching JDBC Connection from DataSource
23:46:16,710 [http-apr-8082-exec-2] DEBUG DataSourceUtils - Returning JDBC Connection to DataSource
23:46:16,712 [http-apr-8082-exec-2] DEBUG CompositeSessionAuthenticationStrategy - Delegating to org.springframework.security.web.csrf.CsrfAuthenticationStrategy@330f91bd
23:46:16,714 [http-apr-8082-exec-2] DEBUG CompositeSessionAuthenticationStrategy - Delegating to org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy@e482801
23:46:16,715 [http-apr-8082-exec-2] DEBUG UsernamePasswordAuthenticationFilter - Authentication success. Updating SecurityContextHolder to contain: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@ffffffc4: Principal: org.springframework.security.core.userdetails.User@586034f: Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: admin; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@0: RemoteIpAddress: 127.0.0.1; SessionId: 20D4252DE71CF4419119CC79CD34581C; Granted Authorities: admin
23:46:16,734 [http-apr-8082-exec-2] DEBUG DefaultRedirectStrategy - Redirecting to '/jbookshelf-1.0/index'
23:46:16,734 [http-apr-8082-exec-2] DEBUG HttpSessionSecurityContextRepository - SecurityContext 'org.springframework.security.core.context.SecurityContextImpl@ffffffc4: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@ffffffc4: Principal: org.springframework.security.core.userdetails.User@586034f: Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: admin; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@0: RemoteIpAddress: 127.0.0.1; SessionId: 20D4252DE71CF4419119CC79CD34581C; Granted Authorities: admin' stored to HttpSession: 'org.apache.catalina.session.StandardSessionFacade@7eea159c
23:46:16,734 [http-apr-8082-exec-2] DEBUG SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
23:46:16,745 [http-apr-8082-exec-3] DEBUG FilterChainProxy - /index at position 1 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
23:46:16,746 [http-apr-8082-exec-3] DEBUG HttpSessionSecurityContextRepository - Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@ffffffc4: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@ffffffc4: Principal: org.springframework.security.core.userdetails.User@586034f: Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: admin; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@0: RemoteIpAddress: 127.0.0.1; SessionId: 20D4252DE71CF4419119CC79CD34581C; Granted Authorities: admin'
23:46:16,746 [http-apr-8082-exec-3] DEBUG FilterChainProxy - /index at position 2 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
23:46:16,746 [http-apr-8082-exec-3] DEBUG FilterChainProxy - /index at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
23:46:16,746 [http-apr-8082-exec-3] DEBUG HstsHeaderWriter - Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@6f61511c
23:46:16,746 [http-apr-8082-exec-3] DEBUG FilterChainProxy - /index at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter'
23:46:16,746 [http-apr-8082-exec-3] DEBUG FilterChainProxy - /index at position 5 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
23:46:16,746 [http-apr-8082-exec-3] DEBUG AntPathRequestMatcher - Request 'GET /index' doesn't match 'POST /j_spring_security_logout
23:46:16,746 [http-apr-8082-exec-3] DEBUG FilterChainProxy - /index at position 6 of 13 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
23:46:16,746 [http-apr-8082-exec-3] DEBUG AntPathRequestMatcher - Request 'GET /index' doesn't match 'POST /j_spring_security_check
23:46:16,746 [http-apr-8082-exec-3] DEBUG FilterChainProxy - /index at position 7 of 13 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
23:46:16,746 [http-apr-8082-exec-3] DEBUG FilterChainProxy - /index at position 8 of 13 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
23:46:16,746 [http-apr-8082-exec-3] DEBUG FilterChainProxy - /index at position 9 of 13 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
23:46:16,746 [http-apr-8082-exec-3] DEBUG FilterChainProxy - /index at position 10 of 13 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
23:46:16,746 [http-apr-8082-exec-3] DEBUG AnonymousAuthenticationFilter - SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@ffffffc4: Principal: org.springframework.security.core.userdetails.User@586034f: Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: admin; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@0: RemoteIpAddress: 127.0.0.1; SessionId: 20D4252DE71CF4419119CC79CD34581C; Granted Authorities: admin'
23:46:16,784 [http-apr-8082-exec-3] DEBUG FilterChainProxy - /index at position 11 of 13 in additional filter chain; firing Filter: 'SessionManagementFilter'
23:46:16,784 [http-apr-8082-exec-3] DEBUG FilterChainProxy - /index at position 12 of 13 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
23:46:16,784 [http-apr-8082-exec-3] DEBUG FilterChainProxy - /index at position 13 of 13 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
23:46:16,784 [http-apr-8082-exec-3] DEBUG AntPathRequestMatcher - Checking match of request : '/index'; against '/login'
23:46:16,784 [http-apr-8082-exec-3] DEBUG AntPathRequestMatcher - Checking match of request : '/index'; against '/index'
23:46:16,784 [http-apr-8082-exec-3] DEBUG FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /index; Attributes: [hasAnyRole('admin','human')]
23:46:16,784 [http-apr-8082-exec-3] DEBUG FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@ffffffc4: Principal: org.springframework.security.core.userdetails.User@586034f: Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: admin; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@0: RemoteIpAddress: 127.0.0.1; SessionId: 20D4252DE71CF4419119CC79CD34581C; Granted Authorities: admin
23:46:16,785 [http-apr-8082-exec-3] DEBUG AffirmativeBased - Voter: org.springframework.security.web.access.expression.WebExpressionVoter@19e2e283, returned: -1
23:46:16,787 [http-apr-8082-exec-3] DEBUG ExceptionTranslationFilter - Access is denied (user is not anonymous); delegating to AccessDeniedHandler
org.springframework.security.access.AccessDeniedException: Access is denied
at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:83)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:232)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:123)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:114)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:122)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:169)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:48)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:158)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:205)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:120)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:96)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:53)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:91)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:213)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:162)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:522)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1095)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:672)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2500)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2489)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
所以,我认为,登录表单接受正确的用户名并通过,但后来发生了一些事情,我不知道是什么。
你能告诉我,这里有什么问题吗?
谢谢!
答案 0 :(得分:2)
我想出了答案。我只是将数据库中的角色更改为大写。这很奇怪,但它确实有效。