我在春天制作网络应用程序。我创建了一个简单的表单来创建用户密码(对于Spring安全性),我无法将这些值传递给MySql。我有另一种工作形式,所以连接没问题。控制台中没有例外。
这是代码。
.jsp文件
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<%@ taglib prefix="sf" uri="http://www.springframework.org/tags/form"%>
<center><h2>Dodaj Użytkownika</h2>
<sf:form action="${pageContext.request.contextPath}/usercreate" method="post"
modelAttribute="users">
<table>
<tr>
<td>Nazwa użytkownika</td>
<td><sf:input path="${username}" name="username"
type="text" /><br />
<div class="error">
<sf:errors path="username"></sf:errors>
</div></td>
</tr>
<tr>
<td class="label">Hasło:</td>
<td><sf:input path="${password}"
name="password" type="password" />
<div class="error">
<sf:errors path="password"></sf:errors>
</div></td>
</tr>
<tr>
<td class="label"></td>
<td><input class="control" type="submit" value="Dodaj Użytkownika"/></td>
</tr>
</table>
</sf:form>
</center>
控制器
@Controller
public class UserController {
private Servicu servicu;
@Autowired
public void setServicu(Servicu servicu) {
this.servicu = servicu;
}
@Autowired
PasswordEncoder PasswordEncoder;
@RequestMapping("/users")
public String newUser(Model model){
model.addAttribute("users", new Users());
return "users";
}
@RequestMapping(value="/usercreate", method= RequestMethod.POST)
public String userCreated(@ModelAttribute("users") Users users,Model model){
// if(result.hasErrors()){
// return "login";
// }
model.addAttribute("users", users);
users.setEnabled(true);
users.setAuthority("ROLE_USER");
servicu.create(users);
servicu.createAuth(users);
return "home";
}
DAO
@Component("userDAO")
public class UserDAO {
private NamedParameterJdbcTemplate jdbc;
@Autowired
private PasswordEncoder PasswordEncoder;
@Autowired
public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
PasswordEncoder = passwordEncoder;
}
@Autowired
public void setDataSource(DataSource jdbc) {
this.jdbc = new NamedParameterJdbcTemplate(jdbc);
}
public boolean createUser(Users users) {
MapSqlParameterSource params = new MapSqlParameterSource();
params.addValue("username", users.getUsername());
params.addValue("password", PasswordEncoder.encode(users.getPassword()));
params.addValue("enabled", users.isEnabled());
return jdbc.update("insert into users (username, password,enabled) values (:username, :password,:enabled)",
params) == 1;
}
public boolean createAuth(Users users) {
MapSqlParameterSource params = new MapSqlParameterSource();
params.addValue("username", users.getUsername());
params.addValue("authority", users.getAuthority());
return jdbc.update("insert into authorities (username, authority) values (:username, :authority)", params) == 1;
}
临时弹簧秒允许访问所有jsps,验证标签被删除。
编辑:
我的服务文件
@Service("servicu")
public class Servicu {
@Autowired
private OffersDAO offersDAO;
@Autowired
private UserDAO userDAO;
@Autowired
public void setOffersDAO(OffersDAO offersDAO) {
this.offersDAO = offersDAO;
}
@Autowired
public void setUserDAO(UserDAO userDAO) {
this.userDAO = userDAO;
}
public List<Hospitals> getCurrent(){
return offersDAO.getHosps();
}
public void create(OrdersPatient ordersPatient) {
offersDAO.createPatient(ordersPatient);
}
public void create(Orders orders) {
offersDAO.createOrder(orders);
}
public void create(Users users) {
userDAO.createUser(users);
}
public void createAuth(Users users) {
userDAO.createAuth(users);
}
和安全上下文xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<security:authentication-manager>
<security:authentication-provider>
<security:jdbc-user-service data-source-ref="dataSource"
authorities-by-username-query='select * from authorities where username = ?'
users-by-username-query='select * from users where username = ?'
id="jdbcUserService" />
<security:password-encoder ref="PasswordEncoder"></security:password-encoder>
</security:authentication-provider>
</security:authentication-manager>
<security:http use-expressions="true">
<security:intercept-url pattern="/users" access="permitAll" />
<security:intercept-url pattern="/userlist" access="permitAll" />
<security:intercept-url pattern="/usercreated" access="permitAll" />
<security:intercept-url pattern="/orderForm" access="permitAll"/>
<security:intercept-url pattern="/create" access="permitAll" />
<security:intercept-url pattern="/showorders" access="permitAll" />
<security:intercept-url pattern="/success" access="permitAll" />
<security:intercept-url pattern="/login" access="permitAll" />
<security:intercept-url pattern="/home" access="permitAll" />
<security:intercept-url pattern="/" access="permitAll" />
<security:intercept-url pattern="/static/**" access="permitAll" />
<security:intercept-url pattern="/**" access="denyAll" />
<security:form-login login-page="/login"
authentication-failure-url="/login?error=true" />
<security:logout logout-success-url="/home" />
</security:http>
<bean id="PasswordEncoder"
class="org.springframework.security.crypto.password.StandardPasswordEncoder">
</bean>
<security:global-method-security secured-annotations="enabled"></security:global-method-security>
答案 0 :(得分:0)
解决这个问题是微不足道的。我发现我没有把
<security:intercept-url pattern="/usercreate" access="permitAll"/>
在我的安全环境中。
这映射到我的方法。现在一切正常。