Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/351.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java UsernamePasswordAuthenticationFilter问题_Java_Spring_Spring Security - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java UsernamePasswordAuthenticationFilter问题

Java UsernamePasswordAuthenticationFilter问题

java spring spring-security

Java UsernamePasswordAuthenticationFilter问题,java,spring,spring-security,Java,Spring,Spring Security,我有一个SpringSecurity3应用程序,我登录和注销都很好。我想为我的应用程序实现我自己的用户名PasswordAuthenticationFilter。我遵循了那个教程: 我的过滤类是: package security; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import o

我有一个SpringSecurity3应用程序,我登录和注销都很好。我想为我的应用程序实现我自己的用户名PasswordAuthenticationFilter。我遵循了那个教程:

我的过滤类是:

package security;

import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class CustomUsernamePasswordAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
    @Override
    protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, Authentication authResult) throws IOException, ServletException {
        super.successfulAuthentication(request, response, authResult);
        System.out.println("==successful login==");
    }

    @Override
    protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) throws IOException, ServletException {
        super.unsuccessfulAuthentication(request, response, failed);
        System.out.println("==failed login==");
    }
}
我的安全xml配置文件:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
             xmlns:beans="http://www.springframework.org/schema/beans"
             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xsi:schemaLocation="http://www.springframework.org/schema/beans
                    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                    http://www.springframework.org/schema/security
                    http://www.springframework.org/schema/security/spring-security-3.0.xsd">

    <global-method-security/>

    <http entry-point-ref="loginUrlAuthenticationEntryPoint"/>
    <beans:bean id="loginUrlAuthenticationEntryPoint"
                class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
        <beans:property name="loginFormUrl" value="/login.html"/>
    </beans:bean>
    <beans:bean id="customUsernamePasswordAuthenticationFilter"
                class="security.CustomUsernamePasswordAuthenticationFilter">
        <beans:property name="authenticationManager" ref="authenticationManager"/>
        <beans:property name="authenticationFailureHandler" ref="failureHandler"/>
        <beans:property name="authenticationSuccessHandler" ref="successHandler"/>
    </beans:bean>
    <beans:bean id="successHandler"
                class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
        <beans:property name="defaultTargetUrl" value="/login.html"/>
    </beans:bean>
    <beans:bean id="failureHandler"
                class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
        <beans:property name="defaultFailureUrl" value="/login.html?login_error=true"/>
    </beans:bean>
    <http auto-config="false" disable-url-rewriting="true">
        <custom-filter position="FORM_LOGIN_FILTER" ref="customUsernamePasswordAuthenticationFilter"/>
        <intercept-url pattern="/login.html" filters="none"/>
        <intercept-url pattern="/css/*" filters="none"/>
        <intercept-url pattern="/**" access="ROLE_USER"/>
    </http>
    <authentication-manager alias="authenticationManager">
        <authentication-provider>
            <password-encoder hash="sha-256"/>
            <user-service>
                <user name="sdf" password="6b86d273ff34fce19d6dddf5747ada4eaa22f1d49c01e52ddb7875b4b"
                      authorities="ROLE_USER"/>
            </user-service>
        </authentication-provider>
    </authentication-manager>

</beans:beans>
我所有的网页。有什么想法吗?我的应用程序配置好了吗

PS:在教程中写道:

注意:由于我们正在替换默认的FORM\u LOGIN\u过滤器,因此我们应该 不用 所以我删除了:

    <form-login
            login-page="/login3.html"
            login-processing-url="/j_spring_security_check"
            default-target-url="/index.html"
            always-use-default-target="true"/>
    <logout logout-url="/j_spring_security_logout"
            logout-success-url="/login.html"/>
从我的XML文件

还需要定义successHandler和failureHandler,因为我没有覆盖它们。如果我这样做是因为我正在更换过滤器(或者因为-
http auto-config=“false”

我不知道这句话的真正目的,如果你解释你是受欢迎的)我应该定义任何其他的安全吗

我是Spring Security 3和Spring的新手。

我解决了以下问题:入口点ref=“loginUrlAuthenticationEntryPoint”不应位于不同的http标记处

    <form-login
            login-page="/login3.html"
            login-processing-url="/j_spring_security_check"
            default-target-url="/index.html"
            always-use-default-target="true"/>
    <logout logout-url="/j_spring_security_logout"
            logout-success-url="/login.html"/>