gpt4 book ai didi

java - 为什么 loadUserByUserName 没有被调用?

转载 作者:行者123 更新时间:2023-12-01 11:59:47 27 4
gpt4 key购买 nike

以下 spring-security-context:

<security:http auto-config="true" use-expressions="true">
<security:access-denied-handler error-page="/403" />
<security:intercept-url pattern="/admin/**" access="hasRole('ADMIN')" />
<security:form-login login-page="/" username-parameter="user" password-parameter="pass" login-processing-url="/" default-target-url="/admin"/>
</security:http>

<security:authentication-manager>
<security:authentication-provider>
<security:jdbc-user-service data-source-ref="xaDataSource"
authorities-by-username-query="select name, role from users where name = ?"
users-by-username-query="select name, password, enabled from users_auth where name = ?" />
</security:authentication-provider>
</security:authentication-manager>

在index.jsp中我有以下形式:

<body>
<h2>Hello, dear user</h2>
<form id="login" method="POST">
<!-- <label for="user">User: <label/> -->
<input type="text" name="user" /><br/>
<!-- <label for="password">Passowrd: <label/> -->
<input type="text" name="pass" /><br/>
<input type="submit" value="login">
</body>

问题是点击提交按钮后403页面已呈现。为什么?我检查了org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl在调试器下,loadUserByUsername(String username), loadUsersByUsername(String username), loadUserAuthorities(String username), loadGroupAuthorities(String username) 都没有被称为。以下web.xml :

<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/coreContext.xml /WEB-INF/securityContext.xml</param-value>
</context-param>

<!-- servlets -->

<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

出了什么问题?

最佳答案

试试这个...

您的安全性是使用以下页面定义的:

login-page="/"

但表单在 index.jsp 中给出,并且也没有任何操作。

尝试:

change security context to login-page=/index.jsp

And try change the form also to use action=/index.jsp

请指定一个authentication-failure-url,只是为了检查它是否进行了调用。

查看示例 here

关于java - 为什么 loadUserByUserName 没有被调用?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/28065951/

27 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com