Java “春季安全部队”;http「;认证
我无法使用spring security登录 错误是(在Mozilla中) 最近我添加了一个服务,可以从数据库中获取用户。以前一切都很好,但现在我惊呆了。请告诉我在哪里挖 我收到此错误的url是:Java “春季安全部队”;http「;认证,java,spring,spring-mvc,spring-security,http-authentication,Java,Spring,Spring Mvc,Spring Security,Http Authentication,我无法使用spring security登录 错误是(在Mozilla中) 最近我添加了一个服务,可以从数据库中获取用户。以前一切都很好,但现在我惊呆了。请告诉我在哪里挖 我收到此错误的url是: https://localhost:8180/j_spring_security_check spring-security.xml <http auto-config="true"> <http-basic/> <intercept-url patte
https://localhost:8180/j_spring_security_check
spring-security.xml
<http auto-config="true">
<http-basic/>
<intercept-url pattern="/sec/moderation.html" access="ROLE_MODERATOR"/>
<intercept-url pattern="/admin/*" access="ROLE_ADMIN"/>
<intercept-url pattern="/treeview" access="ROLE_ADMIN"/>
<form-login login-page="/login" default-target-url="/home" authentication-failure-url="/error"/>
<logout logout-success-url="/home"/>
</http>
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="customUserDetailsService">
<password-encoder hash="plaintext"></password-encoder>
</authentication-provider>
</authentication-manager>
CustomUserDetailsService.java
@Service
@Transactional(readOnly=true)
public class CustomUserDetailsService implements UserDetailsService {
@Autowired
private UserDao userDao;
@Override
public UserDetails loadUserByUsername(String login) throws UsernameNotFoundException {
UserEntity domainUser = userDao.getUser(login);
boolean enabled = true;
boolean accountNonExpired = true;
boolean credentialsNonExpired = true;
boolean accountNonLocked = true;
return new User(
domainUser.getLogin(),
domainUser.getPassword(),
enabled,
accountNonExpired,
credentialsNonExpired,
accountNonLocked,
getAuthorities(domainUser.getRole())
);
}
public Collection<? extends GrantedAuthority> getAuthorities(Integer role) {
List<GrantedAuthority> authList = getGrantedAuthorities(getRoles(role));
return authList;
}
public List<String> getRoles(Integer role) {
List<String> roles = new ArrayList<String>();
if (role.intValue() == 1) {
roles.add("ROLE_MODERATOR");
roles.add("ROLE_ADMIN");
} else if (role.intValue() == 2) {
roles.add("ROLE_MODERATOR");
}
return roles;
}
public static List<GrantedAuthority> getGrantedAuthorities(List<String> roles) {
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
for (String role : roles) {
authorities.add(new SimpleGrantedAuthority(role));
}
return authorities;
}
@服务
@事务(只读=真)
公共类CustomUserDetailsService实现UserDetailsService{
@自动连线
私有UserDao UserDao;
@凌驾
public UserDetails loadUserByUsername(字符串登录)引发UsernameNotFoundException{
UserEntity domainUser=userDao.getUser(登录名);
布尔启用=真;
布尔值accountNonExpired=true;
布尔CredentialsNoExpired=true;
布尔值accountNonLocked=true;
返回新用户(
domainUser.getLogin(),
domainUser.getPassword(),
启用,
会计非预期,
证书未经检验,
帐户未锁定,
GetAuthories(domainUser.getRole())
);
}
public Collectionspring security生成的默认登录页不使用https,因此我假设您使用的是自定义页。https的要求必须在该页的
元素中。登录页是spring生成的登录页还是您自己的?我使用了自己的登录页。感谢您的建议,它解决了我的问题。
@Service
@Transactional(readOnly=true)
public class CustomUserDetailsService implements UserDetailsService {
@Autowired
private UserDao userDao;
@Override
public UserDetails loadUserByUsername(String login) throws UsernameNotFoundException {
UserEntity domainUser = userDao.getUser(login);
boolean enabled = true;
boolean accountNonExpired = true;
boolean credentialsNonExpired = true;
boolean accountNonLocked = true;
return new User(
domainUser.getLogin(),
domainUser.getPassword(),
enabled,
accountNonExpired,
credentialsNonExpired,
accountNonLocked,
getAuthorities(domainUser.getRole())
);
}
public Collection<? extends GrantedAuthority> getAuthorities(Integer role) {
List<GrantedAuthority> authList = getGrantedAuthorities(getRoles(role));
return authList;
}
public List<String> getRoles(Integer role) {
List<String> roles = new ArrayList<String>();
if (role.intValue() == 1) {
roles.add("ROLE_MODERATOR");
roles.add("ROLE_ADMIN");
} else if (role.intValue() == 2) {
roles.add("ROLE_MODERATOR");
}
return roles;
}
public static List<GrantedAuthority> getGrantedAuthorities(List<String> roles) {
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
for (String role : roles) {
authorities.add(new SimpleGrantedAuthority(role));
}
return authorities;
}