Java 404关于spring安全性的错误
使用spring security和hibernate,当用户进入/login并输入他的凭证时,他应该被转发到/users/home。但他不是第一次登录,他会显示一条404消息,说明请求的资源不可用(如果在live domain上,有时在/favicon.ico,如果在localhost上,则在/favicon.ico)。如果他返回登录页面并使用相同的凭据再次登录,则他将正确登录到/users/home。为什么呢 spring安全xml:Java 404关于spring安全性的错误,java,spring,spring-mvc,spring-security,Java,Spring,Spring Mvc,Spring Security,使用spring security和hibernate,当用户进入/login并输入他的凭证时,他应该被转发到/users/home。但他不是第一次登录,他会显示一条404消息,说明请求的资源不可用(如果在live domain上,有时在/favicon.ico,如果在localhost上,则在/favicon.ico)。如果他返回登录页面并使用相同的凭据再次登录,则他将正确登录到/users/home。为什么呢 spring安全xml: <security:form-login
<security:form-login
login-page="/login"
authentication-failure-url="/login?error=true"
default-target-url="/users/home"/>
<security:authentication-manager>
<security:authentication-provider user-service-ref="customUserDetailsService">
</security:authentication-provider>
</security:authentication-manager>
包web.service.common;
导入org.springframework.security.core.GrantedAuthority;
导入org.springframework.security.core.userdetails.User;
导入org.springframework.security.core.userdetails.userdetails;
导入org.springframework.security.core.userdetails.userdetails服务;
导入org.springframework.security.core.userdetails.UsernameNotFoundException;
导入org.springframework.stereotype.Repository;
导入web.dao.UsersDAO;
导入web.dao.impl.jpa.UsersDAOImpl;
导入web.entity.Users;
@服务
公共类CustomUserDetailsService实现UserDetailsService{
//@资源
@自动连线
私有用户dao userDAO;
公共用户详细信息loadUserByUsername(字符串电子邮件)
抛出UsernameNotFoundException、DataAccessException{
//声明一个空的Spring用户
UserDetails-springUser=null;
试一试{
System.out.println(“方法loadUserByUsername中从CustomUserDetailsService传递的电子邮件为:“+email”);
Users dbUser=userDAO.getUserByLoginId(电子邮件);
springUser=新用户(
dbUser.getEmail(),
dbUser.getPassword().toLowerCase(),
符合事实的
符合事实的
符合事实的
符合事实的
//getAuthories(dbUser.getAccess());
(二),;
}捕获(例外e){
e、 printStackTrace();
System.out.println(e.getMessage());
抛出新的UsernameNotFoundException(“检索用户时出错”);
}
System.out.println(“debug---4”);
返回用户;
}
公共集合权限(整数访问){
List authList=(List)新数组列表(2);
add(新授予的authorityImpl(“角色用户”);
返回authList;
}
}
Users dbUser = userDAO.getUserByLoginId(email);
if(dbUser==null){
return null;
}
已解决问题:)您需要允许访问favicon的所有功能。:) 你看到的痕迹是什么?请仅发布相关代码,即删除:注释、导入语句、sys out等。只是这样做了,但遗漏了一些导入,以便读者查看和了解我使用的类。其次,没有错误或堆栈跟踪您的上下文中有什么
viewsolver/user/home.jsppackage web.service.common;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Repository;
import web.dao.UsersDAO;
import web.dao.impl.jpa.UsersDAOImpl;
import web.entity.Users;
@Service
public class CustomUserDetailsService implements UserDetailsService{
//@Resource
@Autowired
private UsersDAO userDAO;
public UserDetails loadUserByUsername(String email)
throws UsernameNotFoundException, DataAccessException {
// Declare a null Spring User
UserDetails springUser = null;
try {
System.out.println("the email passed from CustomUserDetailsService in method loadUserByUsername is: " +email);
Users dbUser = userDAO.getUserByLoginId(email);
springUser = new User(
dbUser.getEmail(),
dbUser.getPassword().toLowerCase(),
true,
true,
true,
true,
//getAuthorities(dbUser.getAccess()) );
getAuthorities(2) );
} catch (Exception e) {
e.printStackTrace();
System.out.println(e.getMessage());
throw new UsernameNotFoundException("Error in retrieving user");
}
System.out.println("debug ---- 4");
return springUser;
}
public Collection<GrantedAuthority> getAuthorities(Integer access) {
List<GrantedAuthority> authList = (List<GrantedAuthority>) new ArrayList<GrantedAuthority>(2);
authList.add(new GrantedAuthorityImpl("ROLE_USER"));
return authList;
}
}
Users dbUser = userDAO.getUserByLoginId(email);
if(dbUser==null){
return null;
}
<security:intercept-url pattern="/favicon.ico" access="permitAll"/>
<security:intercept-url pattern="/" access="permitAll"/>