HTTP状态[404]?弹簧安全中的/ login登录[Not Found]

时间:2017-06-08 09:28:50

标签: spring spring-mvc spring-security

我在spring security中遇到了自定义登录表单的问题。我是春天mvc的新手。截至目前,我在登录表单中点击提交按钮时找不到404。

以下代码:

headerindex.jsp 

<form class="navbar-form navbar-right" method="post" action="<c:url value="/login" />" id="form_login">
    <div class="form-group">
        <input type="text" class="form-control" name="username"
            placeholder="Username">
    </div>
    <div class="form-group">
        <input type="text" class="form-control" name="password"
            placeholder="Password">
    </div>
    <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
    <button type="submit" class="btn btn-default">Sign In</button>
</form>

安全-context.xml中 

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:security="http://www.springframework.org/schema/security"
    xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">

    <security:authentication-manager>
        <security:authentication-provider>
            <security:jdbc-user-service data-source-ref="dataSource"
                users-by-username-query="select username, password, enabled from user where binary username = ?" />

        </security:authentication-provider>
    </security:authentication-manager>
    <security:http use-expressions="true">
        <security:intercept-url pattern="/" access="permitAll" />
        <security:intercept-url pattern="/index" access="permitAll" />
        <security:intercept-url pattern="/login" access="permitAll" />
        <security:intercept-url pattern="/**" access="denyAll" />
        <security:form-login authentication-success-forward-url="/home"
            login-page="/" password-parameter="password"
            username-parameter="username"
            authentication-failure-forward-url="/login?error=true" />
        <security:logout logout-success-url="/loggedout" />
        <security:access-denied-handler error-page="/denied" />
    </security:http>
    <security:global-method-security secured-annotations="enabled"></security:global-method-security>
</beans>

UsersDao.java 

@Component("usersDao")
public class UsersDao {

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Autowired
    private SessionFactory sessionFactory;


    public Session session() { 
        return sessionFactory.getCurrentSession();
    }

    @Transactional
    public void create(User user) {

        System.out.println(user);
        user.setPassword(passwordEncoder.encode(user.getPassword()));
        session().save(user);
    }

    public boolean exists(String username) {

        return getUser(username) != null;
    }

    @SuppressWarnings("unchecked")
    public List<User> getAllUsers() {

        return session().createQuery("from user").list();

    }

    public User getUser(String username) {
        Criteria criteria = session().createCriteria(User.class);
        criteria.add(Restrictions.idEq(username));
        return (User)criteria.uniqueResult();
    }

2 个答案:

答案 0 :(得分:1)

@Component("usersDao")
public class UsersDao {

@Autowired
private PasswordEncoder passwordEncoder;

@Autowired
private SessionFactory sessionFactory;


public Session session() { 
    return sessionFactory.getCurrentSession();
}

@Transactional
public void create(User user) {

    System.out.println(user);
    //user.setPassword(passwordEncoder.encode(user.getPassword()));
    session().save(user);
}

public boolean exists(String username) {

    return getUser(username) != null;
}

@SuppressWarnings("unchecked")
public List<User> getAllUsers() {

    return session().createQuery("from user").list();

}

答案 1 :(得分:-1)

我解决了我的问题。检查我的DAO代码后,我发现我使用的是PasswordEncoder,而我没有在security-context.xml的bean中设置它。我刚刚评论了PasswordEncoder,我现在可以登录了。 :)

<强> UsersDao.java 

@Component("usersDao")
public class UsersDao {

    //@Autowired
    //private PasswordEncoder passwordEncoder;

    @Autowired
    private SessionFactory sessionFactory;


    public Session session() { 
        return sessionFactory.getCurrentSession();
    }

    @Transactional
    public void create(User user) {

        System.out.println(user);
        //user.setPassword(passwordEncoder.encode(user.getPassword()));
        session().save(user);
    }

    public boolean exists(String username) {

        return getUser(username) != null;
    }

    @SuppressWarnings("unchecked")
    public List<User> getAllUsers() {

        return session().createQuery("from user").list();

    }

    public User getUser(String username) {
        Criteria criteria = session().createCriteria(User.class);
        criteria.add(Restrictions.idEq(username));
        return (User)criteria.uniqueResult();
    }
相关问题
最新问题