Spring - 表示不向DB提交值

时间:2017-04-26 23:19:03

标签: java mysql spring spring-mvc

我在春天制作网络应用程序。我创建了一个简单的表单来创建用户密码(对于Spring安全性),我无法将这些值传递给MySql。我有另一种工作形式,所以连接没问题。控制台中没有例外。

这是代码。

.jsp文件

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
    pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

    <%@ taglib prefix="sf" uri="http://www.springframework.org/tags/form"%>



<center><h2>Dodaj Użytkownika</h2>
<sf:form action="${pageContext.request.contextPath}/usercreate" method="post"
    modelAttribute="users">

    <table>
        <tr>
            <td>Nazwa użytkownika</td>
            <td><sf:input path="${username}" name="username"
                    type="text" /><br />
            <div class="error">
                    <sf:errors path="username"></sf:errors>
                </div></td>
        </tr>
        <tr>
            <td class="label">Hasło:</td>
            <td><sf:input path="${password}"
                    name="password" type="password" />
                <div class="error">
                    <sf:errors path="password"></sf:errors>
                </div></td>
        </tr>
        <tr>
            <td class="label"></td>
            <td><input class="control"  type="submit" value="Dodaj Użytkownika"/></td>
        </tr>
    </table>

</sf:form>
</center>

控制器

@Controller
public class UserController {

private Servicu servicu;

@Autowired
public void setServicu(Servicu servicu) {
    this.servicu = servicu;
}
@Autowired
PasswordEncoder PasswordEncoder;

@RequestMapping("/users")
public String newUser(Model model){
    model.addAttribute("users", new Users());

    return "users";

}

@RequestMapping(value="/usercreate", method= RequestMethod.POST)
public String userCreated(@ModelAttribute("users") Users users,Model model){


//      if(result.hasErrors()){
//          return "login";
//      }
    model.addAttribute("users", users);

    users.setEnabled(true);
    users.setAuthority("ROLE_USER");

        servicu.create(users);
        servicu.createAuth(users);

    return "home";
}

DAO

@Component("userDAO")
public class UserDAO {

private NamedParameterJdbcTemplate jdbc;

@Autowired
private PasswordEncoder PasswordEncoder;

@Autowired
public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
    PasswordEncoder = passwordEncoder;
}

@Autowired
public void setDataSource(DataSource jdbc) {
    this.jdbc = new NamedParameterJdbcTemplate(jdbc);
}


public boolean createUser(Users users) {

    MapSqlParameterSource params = new MapSqlParameterSource();

    params.addValue("username", users.getUsername());
    params.addValue("password", PasswordEncoder.encode(users.getPassword()));
    params.addValue("enabled", users.isEnabled());

    return jdbc.update("insert into users (username, password,enabled) values (:username, :password,:enabled)",
            params) == 1;

}

public boolean createAuth(Users users) {

    MapSqlParameterSource params = new MapSqlParameterSource();

    params.addValue("username", users.getUsername());

    params.addValue("authority", users.getAuthority());

    return jdbc.update("insert into authorities (username, authority) values (:username, :authority)", params) == 1;
}

临时弹簧秒允许访问所有jsps,验证标签被删除。

编辑:

我的服务文件

@Service("servicu")
public class Servicu {

    @Autowired
    private OffersDAO offersDAO;
    @Autowired
    private UserDAO userDAO;

    @Autowired
    public void setOffersDAO(OffersDAO offersDAO) {
        this.offersDAO = offersDAO;
    }

    @Autowired
    public void setUserDAO(UserDAO userDAO) {
        this.userDAO = userDAO;
    }

    public List<Hospitals> getCurrent(){
        return offersDAO.getHosps();
    }



    public void create(OrdersPatient ordersPatient) {
        offersDAO.createPatient(ordersPatient);


    }

    public void create(Orders orders) {
        offersDAO.createOrder(orders);

    }

    public void create(Users users) {
        userDAO.createUser(users);

    }

    public void createAuth(Users users) {
        userDAO.createAuth(users);

    }

和安全上下文xml

    <?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"


xmlns:security="http://www.springframework.org/schema/security"


xsi:schemaLocation="http://www.springframework.org/schema/beans 
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security 
http://www.springframework.org/schema/security/spring-security-3.1.xsd">


<security:authentication-manager>

    <security:authentication-provider>
        <security:jdbc-user-service data-source-ref="dataSource"
        authorities-by-username-query='select * from authorities where username = ?'
            users-by-username-query='select * from users where username = ?'
            id="jdbcUserService" />

        <security:password-encoder ref="PasswordEncoder"></security:password-encoder>
    </security:authentication-provider>

</security:authentication-manager>
<security:http use-expressions="true">

    <security:intercept-url pattern="/users" access="permitAll" />
    <security:intercept-url pattern="/userlist" access="permitAll"  />
    <security:intercept-url pattern="/usercreated" access="permitAll"   />
    <security:intercept-url pattern="/orderForm" access="permitAll"/>
    <security:intercept-url pattern="/create" access="permitAll" />
    <security:intercept-url pattern="/showorders" access="permitAll" />
    <security:intercept-url pattern="/success" access="permitAll" />
    <security:intercept-url pattern="/login" access="permitAll" />
    <security:intercept-url pattern="/home" access="permitAll" />
    <security:intercept-url pattern="/" access="permitAll" />
    <security:intercept-url pattern="/static/**" access="permitAll" />
    <security:intercept-url pattern="/**" access="denyAll" />

    <security:form-login login-page="/login"
        authentication-failure-url="/login?error=true" />
    <security:logout logout-success-url="/home" />


</security:http>
<bean id="PasswordEncoder"
    class="org.springframework.security.crypto.password.StandardPasswordEncoder">
</bean>
<security:global-method-security secured-annotations="enabled"></security:global-method-security>

1 个答案:

答案 0 :(得分:0)

解决这个问题是微不足道的。我发现我没有把

<security:intercept-url pattern="/usercreate" access="permitAll"/>

在我的安全环境中。

这映射到我的方法。现在一切正常。