0

我正在通过阅读学习Spring4。现在,我遇到了一个关于Spring Security的问题。当我请求“/ home”时,我得到了登录页面,但是当我填写表单并提交时,我无法进入UserDetailsS​​ervice 但直接转到控制器然后返回登录页面。我调试它,发现 spitterUserDetailsS​​ervice 不为空,它是自动装配的。所以我不知道是什么问题。这是我的代码。提前致谢。

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {


    @Autowired
    private UserDetailsService spitterUserDetailsService;

    @Override
    protected void configure(HttpSecurity http) throws Exception{
        http.formLogin().loginPage("/spitter/login").permitAll()
           .and().rememberMe()
           .and().authorizeRequests().antMatchers("/spitter/home").hasRole("SPITTER")
           .anyRequest().permitAll();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception{
        auth.userDetailsService(spitterUserDetailsService);
    }

}



@Service
public class SpitterUserDetailsService implements UserDetailsService {

    @Autowired
    private SpitterRepository spitterRepository;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        System.err.println("---------- User Details Service start -----------");
        Spitter spitter = spitterRepository.findByUsername(username);
        if(spitter == null){
            throw new UsernameNotFoundException(username + " not found ");
        }
        List<SimpleGrantedAuthority> authorities = new ArrayList<SimpleGrantedAuthority>();
        authorities.add(new SimpleGrantedAuthority("ROLE_SPITTER"));
        System.out.println(spitter.getUsername() + " : ROLE_SPITTER");
        return new User(spitter.getUsername(), spitter.getPassword(), authorities);
    }

}



@Controller
@RequestMapping("/spitter")
public class SpitterController {

    @Autowired
    private SpitterRepository spitterRepository;

    @RequestMapping(value= "/login", method = RequestMethod.GET)
    public String login(Model model){
        model.addAttribute("spitter", new Spitter());
        return "spitter/login";
    }

    @RequestMapping(value= "/loginForm", method = RequestMethod.POST)
    public String login(@ModelAttribute("spitter") Spitter spitter){
        System.out.println(spitter.getUsername() + " logined..");
        return "redirect:home";
    }

    @RequestMapping(value = "/register", method = RequestMethod.GET)
    public String showRegistrationForm(Model model){
        model.addAttribute("spitter", new Spitter());
        return "spitter/registerForm";
    }

    @RequestMapping(value="/register", method = RequestMethod.POST)
    public String register(@ModelAttribute("spitter") Spitter spitter){
        spitterRepository.addSpitter(spitter);
        return "spitter/registerSuccessfully";
    }

    @RequestMapping("/home")
    public String hello(){
        return "spitter/helloWorld";
    }
}
4

1 回答 1

-1

有你的解决方法。在 SecurityConfig.configure 方法中将“/spitter/home”替换为“/*”。您需要 Spring Security 来拦截除“/spitter/login”之外的所有请求。

于 2017-03-27T10:38:30.523 回答