HTTP状态[404]?[未找到]用于/登录spring security
我对spring security中的自定义登录表单有问题。我是春季mvc的新手。到目前为止,在我的登录表单中单击提交按钮时,没有找到404 下面的代码: headerindex.jspHTTP状态[404]?[未找到]用于/登录spring security,spring,spring-mvc,spring-security,Spring,Spring Mvc,Spring Security,我对spring security中的自定义登录表单有问题。我是春季mvc的新手。到目前为止,在我的登录表单中单击提交按钮时,没有找到404 下面的代码: headerindex.jsp <form class="navbar-form navbar-right" method="post" action="<c:url value="/login" />" id="form_login"> <div class="form-group">
<form class="navbar-form navbar-right" method="post" action="<c:url value="/login" />" id="form_login">
<div class="form-group">
<input type="text" class="form-control" name="username"
placeholder="Username">
</div>
<div class="form-group">
<input type="text" class="form-control" name="password"
placeholder="Password">
</div>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
<button type="submit" class="btn btn-default">Sign In</button>
</form>
登录
安全上下文.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
<security:authentication-manager>
<security:authentication-provider>
<security:jdbc-user-service data-source-ref="dataSource"
users-by-username-query="select username, password, enabled from user where binary username = ?" />
</security:authentication-provider>
</security:authentication-manager>
<security:http use-expressions="true">
<security:intercept-url pattern="/" access="permitAll" />
<security:intercept-url pattern="/index" access="permitAll" />
<security:intercept-url pattern="/login" access="permitAll" />
<security:intercept-url pattern="/**" access="denyAll" />
<security:form-login authentication-success-forward-url="/home"
login-page="/" password-parameter="password"
username-parameter="username"
authentication-failure-forward-url="/login?error=true" />
<security:logout logout-success-url="/loggedout" />
<security:access-denied-handler error-page="/denied" />
</security:http>
<security:global-method-security secured-annotations="enabled"></security:global-method-security>
</beans>
UsersDao.java
@Component("usersDao")
public class UsersDao {
@Autowired
private PasswordEncoder passwordEncoder;
@Autowired
private SessionFactory sessionFactory;
public Session session() {
return sessionFactory.getCurrentSession();
}
@Transactional
public void create(User user) {
System.out.println(user);
user.setPassword(passwordEncoder.encode(user.getPassword()));
session().save(user);
}
public boolean exists(String username) {
return getUser(username) != null;
}
@SuppressWarnings("unchecked")
public List<User> getAllUsers() {
return session().createQuery("from user").list();
}
public User getUser(String username) {
Criteria criteria = session().createCriteria(User.class);
criteria.add(Restrictions.idEq(username));
return (User)criteria.uniqueResult();
}
@Component("usersDao")
public class UsersDao {
//@Autowired
//private PasswordEncoder passwordEncoder;
@Autowired
private SessionFactory sessionFactory;
public Session session() {
return sessionFactory.getCurrentSession();
}
@Transactional
public void create(User user) {
System.out.println(user);
//user.setPassword(passwordEncoder.encode(user.getPassword()));
session().save(user);
}
public boolean exists(String username) {
return getUser(username) != null;
}
@SuppressWarnings("unchecked")
public List<User> getAllUsers() {
return session().createQuery("from user").list();
}
public User getUser(String username) {
Criteria criteria = session().createCriteria(User.class);
criteria.add(Restrictions.idEq(username));
return (User)criteria.uniqueResult();
}
@组件(“usersDao”)
公共类UsersDao{
@自动连线
专用密码编码器;
@自动连线
私人会话工厂会话工厂;
公开会话(){
返回sessionFactory.getCurrentSession();
}
@交易的
公共无效创建(用户){
System.out.println(用户);
user.setPassword(passwordEncoder.encode(user.getPassword());
会话().save(用户);
}
存在公共布尔值(字符串用户名){
返回getUser(用户名)!=null;
}
@抑制警告(“未选中”)
公共列表getAllUsers(){
return session().createQuery(“来自用户”).list();
}
公共用户getUser(字符串用户名){
条件=会话().createCriteria(User.class);
添加(限制.idEq(用户名));
返回(用户)条件。uniqueResult();
}
我解决了我的问题。在检查我的DAO代码后,我发现我使用的是密码编码器
,我没有在安全上下文.xml的bean中设置它。我只是注释掉了密码编码器
,现在可以登录了。:)
UsersDao.java
@Component("usersDao")
public class UsersDao {
@Autowired
private PasswordEncoder passwordEncoder;
@Autowired
private SessionFactory sessionFactory;
public Session session() {
return sessionFactory.getCurrentSession();
}
@Transactional
public void create(User user) {
System.out.println(user);
user.setPassword(passwordEncoder.encode(user.getPassword()));
session().save(user);
}
public boolean exists(String username) {
return getUser(username) != null;
}
@SuppressWarnings("unchecked")
public List<User> getAllUsers() {
return session().createQuery("from user").list();
}
public User getUser(String username) {
Criteria criteria = session().createCriteria(User.class);
criteria.add(Restrictions.idEq(username));
return (User)criteria.uniqueResult();
}
@Component("usersDao")
public class UsersDao {
//@Autowired
//private PasswordEncoder passwordEncoder;
@Autowired
private SessionFactory sessionFactory;
public Session session() {
return sessionFactory.getCurrentSession();
}
@Transactional
public void create(User user) {
System.out.println(user);
//user.setPassword(passwordEncoder.encode(user.getPassword()));
session().save(user);
}
public boolean exists(String username) {
return getUser(username) != null;
}
@SuppressWarnings("unchecked")
public List<User> getAllUsers() {
return session().createQuery("from user").list();
}
public User getUser(String username) {
Criteria criteria = session().createCriteria(User.class);
criteria.add(Restrictions.idEq(username));
return (User)criteria.uniqueResult();
}
@组件(“usersDao”)
公共类UsersDao{
//@自动连线
//专用密码编码器;
@自动连线
私人会话工厂会话工厂;
公开会话(){
返回sessionFactory.getCurrentSession();
}
@交易的
公共无效创建(用户){
System.out.println(用户);
//user.setPassword(passwordEncoder.encode(user.getPassword());
会话().save(用户);
}
存在公共布尔值(字符串用户名){
返回getUser(用户名)!=null;
}
@抑制警告(“未选中”)
公共列表getAllUsers(){
return session().createQuery(“来自用户”).list();
}
公共用户getUser(字符串用户名){
条件=会话().createCriteria(User.class);
添加(限制.idEq(用户名));
返回(用户)条件。uniqueResult();
}
@组件(“usersDao”)
公共类UsersDao{
@自动连线
专用密码编码器;
@自动连线
私人会话工厂会话工厂;
公开会话(){
返回sessionFactory.getCurrentSession();
}
@交易的
公共无效创建(用户){
System.out.println(用户);
//user.setPassword(passwordEncoder.encode(user.getPassword());
会话().save(用户);
}
存在公共布尔值(字符串用户名){
返回getUser(用户名)!=null;
}
@抑制警告(“未选中”)
公共列表getAllUsers(){
return session().createQuery(“来自用户”).list();
}
您使用的是哪个spring security
版本?@jlumietu 4.2.2 sir也可以为可读性更改此操作=“”为操作=“/login”