1

我想从一些见解中询问,因为我不确定这里有什么问题。我需要通过数据库存储的详细信息添加身份验证,所以我正在尝试这样做。问题是我用来访问主页的每个用户详细信息都会返回登录失败页面。

DAO 层

    @Transactional
    @Repository ("staffDAO")
    public class StaffDAO extends AbstractDAO<Staff>{

public StaffDAO() {
    super(Staff.class);

}


@Autowired
@Resource(name="sessionFactory")
private SessionFactory sessionFactory;
private Transaction transaction;

public void setSessionFactory(SessionFactory sessionFactory) {
    this.sessionFactory = sessionFactory;}


@SuppressWarnings("unchecked")
public List<Authority> getAuthority() {
    Session session = sessionFactory.getCurrentSession();
    Query query = session.createQuery("from Authority ");
    return query.list();}


public void saveAuthority(Authority authority) {

    try {
        Session session = sessionFactory.getCurrentSession();
        transaction = session.beginTransaction();
        session.save(authority);
        transaction.commit();
    } catch (Exception e) {
        transaction.rollback();}}

@Transactional("hibernatetransactionManager")
public Staff getUserByUserName(String userName){

  Query queryResult;
  queryResult =getCurrentSession().createQuery("from Staff where username=:userName");
        queryResult.setParameter("userName", new String(userName));
        return (Staff) queryResult.list().get(0)}}

服务层

    public interface StaffService{

    List<Authority> getAuthorities();

    public void saveAuthority(Authority authority);

    public Staff getUserByUserName(String userName);}


    @Service("staffService")
    @Transactional(propagation = Propagation.REQUIRED, readOnly = true)
    public class StaffServiceImpl implements StaffService {
    @Autowired
    StaffDAO staffDAO;

    private AbstractDAO<Staff> sessionFactory;

    public StaffDAO getStaffDAO() {
        return staffDAO;}

    public void setStaffDAO(StaffDAO staffDAO) {
        this.staffDAO = staffDAO;}

    @Override
    public List<Authority> getAuthorities() {
        return staffDAO.getAuthority();}

    @Override
    public void saveAuthority(Authority authority) {
        staffDAO.saveAuthority(authority);}

    @Override
    public Staff getUserByUserName(String userName) {
        return staffDAO.getUserByUserName(userName);}}

CustomUserDetailsS​​ervice

    @Repository("customUserDetailsService")
    @Service
    @Component
    public class CustomUserDetailsService implements UserDetailsService{
@Resource
private StaffService staffService;

public CustomUserDetailsService(){
}

public CustomUserDetailsService(StaffService staffService) {
    this.staffService = staffService; }

@Override
public UserDetails loadUserByUsername(String userName)
        throws UsernameNotFoundException {
    Staff staff;

    try {
       staff = staffService.getUserByUserName(userName);
    } catch (Exception e) {
        throw new UsernameNotFoundException(
                "getUserByUserName returned null.");}
    return (UserDetails) staff;}}

楷模

   @Entity
   @Table(name = "staff")
   @Component
   public class Staff implements Serializable, UserDetails{

private static final long serialVersionUID = 8825646974241476909L;

@Id
    @Column(name = "staff_id")
    private String staffId;

@Column(name = "name")
    private String name;

@Column(name = "username")
    private String username;

@Column(name = "password")
    private String password;

    ***** getters and setters


public void setAuthorities(Set<Authority> authorities) {
    this.authorities = authorities;
}

@Override
public Set<Authority> getAuthorities() {
    return authorities;
}}


     @Entity
     @Table(name="authorities") 
     @Component
     public class Authority implements Serializable, GrantedAuthority{

    private static final long serialVersionUID = 1L;


public Authority(){
    // must have one default constructor 
}

@Id
@Column(name = "authority")
private String authority;

@Column(name = "role_name",nullable=false,unique=true)
private String roleName;

public String getRoleName() {
    return roleName;
}

public void setRoleName(String roleName) {
    this.roleName = roleName;
}

@Override
public String getAuthority() {
    return authority;
}

public void setAuthority(String authority) {
    this.authority = authority;
}

public Authority(String authority,String roleName){
    this.authority=authority;
    this.roleName=roleName;
}}

XML 配置

    <authentication-manager>
    <authentication-provider user-service-ref="customUserDetailsService"/>
    </authentication-manager>

    <beans:bean id="customUserDetailsService"          

    class="com.project.professional.service.CustomUserDetailsService">
    </beans:bean>

    <http auto-config="true" use-expressions="true" >

    <intercept-url pattern="/j_spring_security_check" access="permitAll"/>
    <intercept-url pattern='/home' access="hasRole('ROLE_USER')" /> 

    <form-login login-page='/login' always-use-default-target="true" default-target-  

     url="/home" authentication-failure-url="/auth/loginFailed"/>   

    <logout invalidate-session="true" logout-success-url='/login' /> 

     </http>

控制器

      @RequestMapping(value="/login", method = RequestMethod.GET)
  public String getLoginPage(ModelMap model) {
    return "login";}

  @RequestMapping(value = "/home", method = RequestMethod.GET)
  public String getHomePage(Locale locale, Model model) {
    return "/home";}

jsp

          <c:url value="/j_spring_security_check" var="loginUrl"/>  
    <form action="${loginUrl}" method="post" name="loginForm">

    <p>
    <label for="j_username">Username</label>
    <input id="j_username" name="j_username" type="text" />
    </p>

    <p>
    <label for="j_password">Password</label>
    <input id="j_password" name="j_password" type="password" />
    </p>

           <input  type="submit" 

           value="Login"/>                              

    </form>

所以我要问的是我是否缺少任何东西,为什么它不进行身份验证并返回主页。我将不胜感激对此的任何见解。

4

0 回答 0