我正在使用 BCryptPasswordEncoder 在春季处理身份验证模块并面临身份验证失败,如下所示 我通过管理员帐户成功登录并创建虚拟用户。然后我通过虚拟用户成功登录并注销。 检查两个帐户用户(管理员,用户)后,当我尝试通过任何用户登录时,我收到登录失败错误。
注意:如果我不使用任何密码加密方案,那么我的模块工作正常。
<security:http auto-config="true" use-expressions="false">
<security:form-login login-page="/login" login-processing-url="/login" username-parameter="custom_username"
password-parameter="custom_password"
default-target-url="/index"
always-use-default-target="true"
authentication-failure-url="/login?error=true" />
<security:logout logout-url="/logout" logout-success-url="/login?logout=true"/>
<security:intercept-url pattern="/admin/*" access="ROLE_ADMIN"/>
<security:intercept-url pattern="/hrm/*" access="ROLE_HRM, ROLE_ADMIN"/>
<security:intercept-url pattern="/leave/*" access="ROLE_HRM, ROLE_USER, ROLE_ADMIN"/>
<security:intercept-url pattern="/index**" access="ROLE_HRM, ROLE_USER, ROLE_ADMIN"/>
<security:intercept-url pattern="/**" access="ROLE_ANONYMOUS, ROLE_HRM, ROLE_USER, ROLE_ADMIN"/>
</security:http>
<bean id="encoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder">
<constructor-arg name="strength" value="12" />
</bean>
<security:authentication-manager>
<security:authentication-provider>
<security:password-encoder ref="encoder"/>
<security:jdbc-user-service data-source-ref="dataSource"
authorities-by-username-query="select app_user.username, role.name from app_user
join app_user_role on app_user.id = app_user_role.users_id
join role on app_user_role.roles_id = role.id
where app_user.username = ?"
users-by-username-query="select username,password,enabled from app_user where username = ?" />
</security:authentication-provider>
</security:authentication-manager>