Warning: file_get_contents(/data/phpspider/zhask/data//catemap/0/search/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Spring security Spring安全登录/注销问题_Spring Security - Fatal编程技术网
Fatal编程技术网

Spring security Spring安全登录/注销问题

spring-security

Spring security Spring安全登录/注销问题,spring-security,Spring Security,我已经编写了自定义UserDetails服务来验证数据库中的用户。第一次它工作正常,但当同一用户在第二次注销后尝试登录时,它给出了错误。我的应用程序基于 Spring3.1,Tomcat7上的SpringSecurity与漂亮面孔 org.springframework.security.authentication.BadCredentialsException: Bad credentials 以下是我的配置详细信息web.xml <?xml version="1.0" encodi

我已经编写了自定义UserDetails服务来验证数据库中的用户。第一次它工作正常,但当同一用户在第二次注销后尝试登录时,它给出了错误。我的应用程序基于 Spring3.1,Tomcat7上的SpringSecurity与漂亮面孔

org.springframework.security.authentication.BadCredentialsException: Bad credentials
以下是我的配置详细信息web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
     xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
     version="2.5" metadata-complete="true">

<!-- The definition of the Root Spring Container shared by all Servlets 
    and Filters -->
<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>
        /WEB-INF/spring/application-context.xml,
        /WEB-INF/spring/application-context-security.xml
    </param-value>
</context-param>

<context-param>
    <param-name>primefaces.THEME</param-name>
    <param-value>redmond</param-value>
</context-param>



<!-- Creates the Spring Container shared by all Servlets and Filters -->
<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>

<listener>
    <listener-class>
        org.springframework.web.context.request.RequestContextListener
    </listener-class>
</listener>

<listener>
    <listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener>

<filter>
    <filter-name>CharacterEncodingFilter</filter-name>
    <filter-class>
        org.springframework.web.filter.CharacterEncodingFilter
    </filter-class>
    <init-param>
        <param-name>encoding</param-name>
        <param-value>UTF-8</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>CharacterEncodingFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

<context-param>
    <param-name>log4jConfigLocation</param-name>
    <param-value>/WEB-INF/classes/log4j.properties</param-value>
</context-param>
<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>REQUEST</dispatcher>
</filter-mapping>

<!-- Processes application requests -->
<servlet>
    <servlet-name>appServlet</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <init-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>
            /WEB-INF/spring/application-context.xml,
            /WEB-INF/spring/application-context-security.xml
        </param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
    <servlet-name>appServlet</servlet-name>
    <url-pattern>/jcsb</url-pattern>
</servlet-mapping>

     <!-- Pretty Face -->
<filter>
    <filter-name>Pretty Filter</filter-name>
    <filter-class>com.ocpsoft.pretty.PrettyFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>Pretty Filter</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>ERROR</dispatcher>

</filter-mapping>

<context-param>
    <param-name>facelets.DEVELOPMENT</param-name>
    <param-value>true</param-value>
</context-param>
<servlet>
    <servlet-name>Faces Servlet</servlet-name>
    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>*.jsf</url-pattern>
</servlet-mapping>

<error-page>
    <exception-type>org.springframework.security.access.AccessDeniedException</exception-type>
    <location>/login.xhtml</location>
</error-page>

<session-config>
    <session-timeout>10</session-timeout>
</session-config>

<error-page>
    <exception-type>javax.faces.application.ViewExpiredException</exception-type>
    <location>/index.html</location>
</error-page>
从Spring 3.1开始,通常会导致一些问题。我通过关闭上述功能解决了这个问题

<bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
    <property name="eraseCredentialsAfterAuthentication" value="false"/>
</bean>
如果您使用的是名称空间,则可以使用

<authentication-manager erase-credentials="false">
从Spring 3.1开始,通常会导致一些问题。我通过关闭上述功能解决了这个问题

<bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
    <property name="eraseCredentialsAfterAuthentication" value="false"/>
</bean>
如果您使用的是名称空间,则可以使用

<authentication-manager erase-credentials="false">

<bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
    <property name="eraseCredentialsAfterAuthentication" value="false"/>
</bean>

<authentication-manager erase-credentials="false">