个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
27
4
Spring Security 3.0 + PostgreSql
当我创建第一个用户并登录后,身份验证工作正常。
问题:在我创建另一个用户并尝试登录后,我收到用户名或密码错误的验证错误;
这是 xml 配置:
<b:beans xmlns="http://www.springframework.org/schema/security"
xmlns:b="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<global-method-security pre-post-annotations="enabled">
<expression-handler ref="expressionHandler"/>
</global-method-security>
<http realm="Facebook">
<intercept-url pattern="/login" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/register" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/**" access="ROLE_USER"/>
<form-login login-page="/login" authentication-failure-url="/login?login_error=1"/>
<http-basic/>
<logout />
<custom-filter ref="switchUserProcessingFilter" position="SWITCH_USER_FILTER"/>
</http>
<b:bean id="daoAuthenticationProvider"
class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<!-- b:property name="saltSource" ref="saltSource"/>
<b:property name="passwordEncoder" ref="passwordEncoder"/> -->
<b:property name="userDetailsService" ref="userDetailsService"/>
</b:bean>
<b:bean id="authenticationManager"
class="org.springframework.security.authentication.ProviderManager">
<b:property name="providers">
<b:list>
<b:ref local="daoAuthenticationProvider" />
</b:list>
</b:property>
</b:bean>
<authentication-manager>
<authentication-provider user-service-ref="userDetailsService">
<password-encoder hash="md5"/>
</authentication-provider>
</authentication-manager>
<b:bean id="loggerListener" class="org.springframework.security.authentication.event.LoggerListener"/>
<b:bean id="switchUserProcessingFilter" class="org.springframework.security.web.authentication.switchuser.SwitchUserFilter" autowire="byType">
<b:property name="targetUrl" value="/secure/index.htm"/>
</b:bean>
<b:bean id="expressionHandler" class="org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler">
<b:property name="permissionEvaluator" ref="permissionEvaluator"/>
</b:bean>
<b:bean id="permissionEvaluator" class="org.springframework.security.acls.AclPermissionEvaluator">
<b:constructor-arg ref="aclService"/>
</b:bean>
</b:beans>
这是记录器输出:
2011-12-19 17:45:50,545 DEBUG [org.springframework.security.web.access.ExceptionTranslationFilter] - <Chain processed normally>
2011-12-19 17:45:50,545 DEBUG [org.springframework.security.web.context.HttpSessionSecurityContextRepository] - <SecurityContext contents are anonymous - c
ontext will not be stored in HttpSession. >
2011-12-19 17:45:50,558 DEBUG [org.springframework.security.web.context.SecurityContextPersistenceFilter] - <SecurityContextHolder now cleared, as request
processing completed>
2011-12-19 17:46:06,668 DEBUG [org.springframework.security.web.FilterChainProxy] - <Converted URL to lowercase, from: '/j_spring_security_check'; to: '/j_
spring_security_check'>
2011-12-19 17:46:06,669 DEBUG [org.springframework.security.web.FilterChainProxy] - <Candidate is: '/j_spring_security_check'; pattern is /**; matched=true
>
2011-12-19 17:46:06,669 DEBUG [org.springframework.security.web.FilterChainProxy] - </j_spring_security_check at position 1 of 11 in additional filter chai
n; firing Filter: 'org.springframework.security.web.context.SecurityContextPersistenceFilter@7f69378d'>
2011-12-19 17:46:06,670 DEBUG [org.springframework.security.web.context.HttpSessionSecurityContextRepository] - <HttpSession returned null object for SPRIN
G_SECURITY_CONTEXT>
2 011-12-19 17:46:06,670 DEBUG [org.springframework.security.web.context.HttpSessionSecurityContextRepository] - <No SecurityContext was available from the
HttpSession: org.apache.catalina.session.StandardSessionFacade@ec139fb. A new one will be created.>
2011-12-19 17:46:06,671 DEBUG [org.springframework.security.web.FilterChainProxy] - </j_spring_security_check at position 2 of 11 in additional filter chai
n; firing Filter: 'org.springframework.security.web.authentication.logout.LogoutFilter@47568bde'>
2011-12-19 17:46:06,671 DEBUG [org.springframework.security.web.FilterChainProxy] - </j_spring_security_check at position 3 of 11 in additional filter chai
n; firing Filter: 'org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@2f8c069'>
2011-12-19 17:46:06,672 DEBUG [org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter] - <Request is to process authenticatio
n>
2011-12-19 17:46:06,672 DEBUG [org.springframework.security.authentication.ProviderManager] - <Authentication attempt using org.springframework.security.au
thentication.dao.DaoAuthenticationProvider>
Hibernate: select user0_.id as id2_, user0_.active as active2_, user0_.avatarLocation as avatarLo3_2_, user0_.registration_date as registra4_2_, user0_.ema
il as email2_, user0_.name as name2_, user0_.password as password2_, user0_.surname as surname2_, user0_.username as username2_ from Member user0_ limit ?
Hibernate: select wallposts0_.author_id as author2_2_1_, wallposts0_.id as id1_, wallposts0_.id as id1_0_, wallposts0_.author_id as author2_1_0_, wallposts
0_.creationDate as creation3_1_0_ from WallPost wallposts0_ where wallposts0_.author_id=?
Hibernate: select mesaje0_.author_id as author2_2_1_, mesaje0_.id as id1_, mesaje0_.id as id3_0_, mesaje0_.author_id as author2_3_0_, mesaje0_.content as c
ontent3_0_, mesaje0_.receiver_Id as receiver4_3_0_, mesaje0_.subject as subject3_0_, mesaje0_.wall_post_id as wall6_3_0_ from Message mesaje0_ where mesaje
0_.author_id=?
Hibernate: select authoritie0_.id as id2_1_, authoritie0_.authority_Id as authority2_1_, authority1_.authority_Id as authority1_4_0_, authority1_.authority
as authority4_0_ from Member_Authorities authoritie0_ inner join Authorities authority1_ on authoritie0_.authority_Id=authority1_.authority_Id where autho
ritie0_.id=?
Hibernate: select wallposts0_.author_id as author2_2_1_, wallposts0_.id as id1_, wallposts0_.id as id1_0_, wallposts0_.author_id as author2_1_0_, wallposts
0_.creationDate as creation3_1_0_ from WallPost wallposts0_ where wallposts0_.author_id=?
Hibernate: select mesaje0_.author_id as author2_2_1_, mesaje0_.id as id1_, mesaje0_.id as id3_0_, mesaje0_.author_id as author2_3_0_, mesaje0_.content as c
ontent3_0_, mesaje0_.receiver_Id as receiver4_3_0_, mesaje0_.subject as subject3_0_, mesaje0_.wall_post_id as wall6_3_0_ from Message mesaje0_ where mesaje
0_.author_id=?
Hibernate: select authoritie0_.id as id2_1_, authoritie0_.authority_Id as authority2_1_, authority1_.authority_Id as authority1_4_0_, authority1_.authority
as authority4_0_ from Member_Authorities authoritie0_ inner join Authorities authority1_ on authoritie0_.authority_Id=authority1_.authority_Id where autho
ritie0_.id=?
2011-12-19 17:46:06,836 WARN [org.springframework.security.authentication.event.LoggerListener] - <Authentication event AuthenticationFailureServiceExcepti
onEvent: gogu; details: org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: 7A08BE43A052A
757AD35DB97351167A7; exception: result returns more than one elements>
2011-12-19 17:46:06,837 DEBUG [org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter] - <Authentication request failed: org.
springframework.security.authentication.AuthenticationServiceException: result returns more than one elements>
2011-12-19 17:46:06,838 DEBUG [org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter] - <Updated SecurityContextHolder to co
ntain null Authentication>
2011-12-19 17:46:06,838 DEBUG [org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter] - <Delegating to authentication failur
e handlerorg.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@fdb5ed9>
2011-12-19 17:46:06,839 DEBUG [org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler] - <Redirecting to /login?login_error=
1>
2011-12-19 17:46:06,839 DEBUG [org.springframework.security.web.DefaultRedirectStrategy] - <Redirecting to '/facebook-1.0.0-SNAPSHOT/login?login_error=1'>
2011-12-19 17:46:06,839 DEBUG [org.springframework.security.web.context.SecurityContextPersistenceFilter] - <SecurityContextHolder now cleared, as request
processing completed>
2011-12-19 17:46:06,842 DEBUG [org.springframework.security.web.FilterChainProxy] - <Converted URL to lowercase, from: '/login'; to: '/login'>
2011-12-19 17:46:06,842 DEBUG [org.springframework.security.web.FilterChainProxy] - <Candidate is: '/login'; pattern is /**; matched=true>
2011-12-19 17:46:06,843 DEBUG [org.springframework.security.web.FilterChainProxy] - </login?login_error=1 at position 1 of 11 in additional filter chain; f
iring Filter: 'org.springframework.security.web.context.SecurityContextPersistenceFilter@7f69378d'>
2011-12-19 17:46:06,843 DEBUG [org.springframework.security.web.context.HttpSessionSecurityContextRepository] - <HttpSession returned null object for SPRING_SECURITY_CONTEXT>
谢谢!
<小时/>谢谢乔恩!是的,我的 UserDetailsServiceImpl 有问题,因为当我使用 <jdbc-user-service data-source ref="myDataSource"/> 时效果很好。
UserDetailsServiceImpl - loadUserByUsername(用户名):
导入org.springframework.security.core.userdetails.User;
…….. …… .
@Override
@Transactional(readOnly = true)
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException, DataAccessException {
org.myapp.app.domain.User userEntity = userDao.getUserByName(username);
if (userEntity == null)
throw new UsernameNotFoundException("user not found");
String password = userEntity.getPassword();
Set<Authority> authorities = userEntity.getAuthorities();
Collection<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>();
for (Authority authority : authorities) {
grantedAuthorities.add(new GrantedAuthorityImpl(authority.getAuthority()));
}
return new User(username, password, true, true, true, true, grantedAuthorities);
有人对 UserDetailsServiceImpl 有类似的问题并可以给出提示
最佳答案
hibernate :
select
user0_.id as id2_,
user0_.active as active2_,
user0_.avatarLocation as avatarLo3_2_,
user0_.registration_date as registra4_2_,
user0_.email as email2_,
user0_.name as name2_,
user0_.password as password2_,
user0_.surname as surname2_,
user0_.username as username2_
from Member user0_ limit ?
您的用户请求似乎没有按名称过滤用户。检查您的 UserDetailsService 实现。
关于java - 数据库中超过一个用户的 Spring Security 身份验证不起作用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/8564062/
27
4
0
在 JSF2 应用程序中遇到验证属性的问题时,有两种主要方法。 使用 Annotation 在 ManagedBean 上定义验证 @ManagedBean public class MyBean {
我想实现一个不常见的功能,我认为 jquery 验证插件将是最好的方法(如果您在没有插件的情况下建议和回答,我们也会欢迎)。我想在用户在输入字段中输入正确的单词后立即隐藏表单。我试过这个: $("
我有几个下拉菜单(类名为month_dropdown),并且下拉菜单的数量不是恒定的。我怎样才能为它们实现 NotEqual 验证。我正在使用 jQuery 验证插件。 这就是我写的 - jQuery
我设法制作了这个网址验证代码并且它起作用了。但我面临着一个问题。我认为 stackoverflow 是获得解决方案的最佳场所。 function url_followers(){ var url=do
我目前正在使用后端服务,该服务允许用户在客户端应用程序上使用 Google Games 库登录。 用户可以通过他们的 gplay ID 向我们发送信息,以便登录或恢复旧帐户。用户向我们发送以下内容,包
我正在尝试验证输入以查看它是否是有效的 IP 地址(可能是部分地址)。 可接受的输入:172、172.112、172.112.113、172.112.113.114 Not Acceptable 输入
我从 Mongoose 验证中得到这条消息: 'Validator failed for path phone with value ``' 这不应该发生,因为不需要电话。 这是我的模型架构: var
我一直在尝试使用Python-LDAP (版本 2.4.19)在 MacOS X 10.9.5 和 Python 2.7.9 下 我想在调用 .start_tls_s() 后验证与给定 LDAP 服务
我正在处理一个仅与 IE6 兼容的旧 javascript 项目(抱歉...),我想仅在 VS 2017 中禁用此项目的 ESLint/CSLint/Javascript 验证/CSS 验证。 我知道
我正在寻找一种方法来验证 Spring 命令 bean 中的 java.lang.Double 字段的最大值和最小值(一个值必须位于给定的值范围之间),例如, public final class W
我正在尝试在 springfuse(JavaEE 6 + Spring Framework (针对 Jetty、Tomcat、JBoss 等)) 和 maven 的帮助下构建我的 webapps 工作
我试图在我们的项目中使用 scalaz 验证,但遇到了以下情况: def rate(username: String, params: Map[String, String]): Validation
我有一个像这样的 Yaml 文件 name: hhh_aaa_bbb arguments: - !argument name: inputsss des
我有一个表单,人们可以单击并向表单添加字段,并且我需要让它在单击时验证这些字段中的值。 假设我单击它两次并获取 2 个独立的字段集,我需要旋转 % 以确保它在保存时等于 100。 我已放入此函数以使其
在我的页面中有一个选项可以创建新的日期字段输入框。用户可以根据需要创建尽可能多的“截止日期”和“起始日期”框。就像, 日期_to1 || date_from1 日期到2 ||日期_from2 date
我有一个像这样的 Yaml 文件 name: hhh_aaa_bbb arguments: - !argument name: inputsss des
有没有办法在动态字段上使用 jquery 验证表单。 我想将其设置为必填字段 我正在使用 Jsp 动态创建表单字段。 喜欢 等等...... 我想使用必需的表单字段验证此表单字段。 最佳答
嗨,任何人都可以通过提供 JavaScript 代码来帮助我验证用户名文本框不应包含数字,它只能包含一个字符。 最佳答案 使用正则表达式: (\d)+ 如果找到匹配项,则字符串中就有一个数字。 关于J
我有两个输入字段holidayDate和Description(id=tags) $(document).ready(function() {
我遇到了这个问题,这些验证从电子邮件验证部分开始就停止工作。 我只是不明白为什么即使经过几天的观察,只是想知道是否有人可以在这里指出我的错误? Javascript部分: function valid
我是一名优秀的程序员,十分优秀!