我有一个已配置的应用程序,因此我可以使用数据库对用户进行身份验证。
尝试使用设置的用户名和密码以用户或管理员身份登录会出现此错误:
HTTP Status 404 - /project/login_error.jsp
所以我试图通过将链接放在导航栏中来查看我的网址是否手动工作,当我使用此链接时会出现管理页面:
https://localhost:8443/project/admin
手动输入时也会出现其他一些页面,其他页面不显示但给我错误页面。
另一方面,当我使用它时,主页根本不显示:
https://localhost:8443/project/home
它没有给出任何错误,只是重定向回登录页面。
除了休眠 HQL 之外,堆栈跟踪中没有出现错误。
安全配置:
<global-method-security pre-post-annotations="enabled" />
<http pattern="/resources/css/**" security="none"/>
<http pattern="/login.jsp*" security="none"/>
<http auto-config="true" use-expressions="true" access-denied-page="/denied"
authentication-manager-ref="authManager">
<intercept-url pattern="/**" requires-channel="https" />
<intercept-url pattern="/index" access="permitAll" requires-
channel='https'/>
<intercept-url pattern="/login" access="permitAll" requires-
channel='https'/>
<intercept-url pattern='/home' access="hasRole('ROLE_USER')" requires-
channel='https'/>
<intercept-url pattern='/admin' access="hasRole('ROLE_ADMIN')" requires-
channel='https'/>
<form-login login-page='/login' login-processing-url='/j_spring_security_check'
always-use-default-target="true" default-target-url="/home" authentication-failure-
url="/login_error.jsp?error=true"/>
<logout invalidate-session="true" logout-success-url='/login' />
</http>
<authentication-manager id="authManager">
<authentication-provider user-service-ref="***UserDetailsService">
<password-encoder hash="md5"/>
</authentication-provider>
</authentication-manager>
<beans:bean id="**UserDetailsService" class="com.**.**.**.**UserDetailsService">
</beans:bean>
控制器
@Controller
public class ApplicationController {
@RequestMapping(value="/home", method = RequestMethod.GET)
public String home(ModelMap model) {
logger.info("Download and Upload Page {}.");
Date date = new Date();
DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL);
String formattedDate = dateFormat.format(date);
model.addAttribute("serverTime", formattedDate );
return "home";
}
@RequestMapping(value="/login", method = RequestMethod.GET)
public String login(ModelMap model) {
logger.info("This is the login page {}.");
return "login";
}
Jsp页面
<c:url value="/j_spring_security_check" var="loginUrl"/>
<form action="${loginUrl}" method="post" >
<label for="j_username">Username</label>
<input id="j_username" name="j_username" type="text" />
<label for="j_password">Password</label>
<input id="j_password" name="j_password" type="password" />
<input type="submit"
value="Login"/>
</form>
输出中显示的 HQL
Hibernate: select login0_.person_id as person1_1_, login0_1_.manager_id as
manager4_1_, login0_1_.email as email1_, login0_1_.name as name1_, login0_.enabled
as enabled3_, login0_.password as password3_, login0_.user_id as user5_3_,
login0_.username as username3_ from users login0_ inner join person login0_1_ on
login0_.person_id=login0_1_.person_id where login0_.username=?
我真的不知道我在这个实现中缺少什么。我将不胜感激有关问题所在的任何指示。
编辑 - 添加安全过滤器
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-
class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>