SpringSecurity&x2B;JSF自定义身份验证
我试图找到解决办法,但没有一个办法。我用JSF编写了一些spring安全配置和前端。我在intenter中找到了一些配置,但它们一起不想工作SpringSecurity&x2B;JSF自定义身份验证,spring,authentication,spring-mvc,spring-security,Spring,Authentication,Spring Mvc,Spring Security,我试图找到解决办法,但没有一个办法。我用JSF编写了一些spring安全配置和前端。我在intenter中找到了一些配置,但它们一起不想工作 <http> <intercept-url pattern="/index*" access="IS_AUTHENTICATED_ANONYMOUSLY" /> <intercept-url pattern="/javax.faces.resource/**" access="IS_AUTH
<http>
<intercept-url pattern="/index*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/javax.faces.resource/**"
access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/**" access="ROLE_USER" />
<intercept-url pattern="/admin/*" access="ROLE_SUPERVISOR" />
<form-login login-page="/index.html" default-target-url="/home.html"
always-use-default-target="true" authentication-failure-url="/index.xhtml?login_error=1" />
<logout logout-url="/logout.html" />
</http>
以下是基本形式:
<h:form>
<h:panelGrid columns="2" cellpadding="5">
<h:outputLabel for="username" name='j_username' value="Username:" />
<p:inputText id="username" value="#{loginBeenController.login}" required="true" label="username" />
<h:outputLabel for="password" value="Password:" />
<h:inputSecret id="password" value='#{loginBeenController.password}' required="true" label="password" />
<f:facet name="footer">
<p:commandButton ajax='false' id="loginButton" value="Login" action="#{loginBeenController.login()}" />
</f:facet>
</h:panelGrid>
</h:form>
您应该转发到Spring安全认证URL,而不是使用AuthenticationManager。试试这个:
public String doLogin() throws ServletException, IOException {
FacesContext context = FacesContext.getCurrentInstance();
String springCheckUrl = this.buildSpringSecurityCheckUrl();
HttpServletRequest request = (HttpServletRequest) context
.getExternalContext().getRequest();
RequestDispatcher dispatcher = request
.getRequestDispatcher(springCheckUrl);
dispatcher.forward((ServletRequest) request,
(ServletResponse) context.getExternalContext.getResponse());
context.responseComplete();
return null;
}
private String buildSpringSecurityCheckUrl() {
StringBuilder springCheckUrl = new StringBuilder(
"/j_spring_security_check").append("?").append("j_username")
.append("=").append(this.userName.trim()).append("&")
.append("j_password").append("=")
.append(this.userPassword.trim());
return springCheckUrl.toString();
}
}
好的,我找到了我只需添加的解决方案:
@Autowired
@Qualifier("authenticationManager")
AuthenticationManager authenticationManager;
你的问题是什么?具体问题是什么?我不知道如何将这些链接起来,如何使用PrimeFaces进行自定义授权,但这些是基于servlet的解决方案重定向maby是另一个严格适用于JSF的解决方案
public String doLogin() throws ServletException, IOException {
FacesContext context = FacesContext.getCurrentInstance();
String springCheckUrl = this.buildSpringSecurityCheckUrl();
HttpServletRequest request = (HttpServletRequest) context
.getExternalContext().getRequest();
RequestDispatcher dispatcher = request
.getRequestDispatcher(springCheckUrl);
dispatcher.forward((ServletRequest) request,
(ServletResponse) context.getExternalContext.getResponse());
context.responseComplete();
return null;
}
private String buildSpringSecurityCheckUrl() {
StringBuilder springCheckUrl = new StringBuilder(
"/j_spring_security_check").append("?").append("j_username")
.append("=").append(this.userName.trim()).append("&")
.append("j_password").append("=")
.append(this.userPassword.trim());
return springCheckUrl.toString();
}
}
@Autowired
@Qualifier("authenticationManager")
AuthenticationManager authenticationManager;