Sql server spring security 4.0 sql server express 2014 jdbc登录问题
在我的安全上下文xml中,我可以看到一个警告“referenced bean dataSource not found”,如果我忽略它并尝试登录,就会在eclipse控制台中出现以下错误Sql server spring security 4.0 sql server express 2014 jdbc登录问题,sql-server,spring-mvc,jdbc,login,spring-security,Sql Server,Spring Mvc,Jdbc,Login,Spring Security,在我的安全上下文xml中,我可以看到一个警告“referenced bean dataSource not found”,如果我忽略它并尝试登录,就会在eclipse控制台中出现以下错误 SEVERE: An internal error occurred while trying to authenticate the user. org.springframework.security.authentication.InternalAuthenticationServiceException
SEVERE: An internal error occurred while trying to authenticate the user.
org.springframework.security.authentication.InternalAuthenticationServiceException: PreparedStatementCallback; SQL [select username, password from users where username=?]; The index 3 is out of range.; nested exception is com.microsoft.sqlserver.jdbc.SQLServerException: The index 3 is out of range.
at org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:126)
下面显示的是security-context.xml,它具有所有spring安全bean映射:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
<security:authentication-manager>
<security:authentication-provider>
<security:jdbc-user-service data-source-ref="dataSource"
users-by-username-query="select * from dbo.users where username=?"
authorities-by-username-query="select username, authority from dbo.authorities where username=?" />
</security:authentication-provider>
</security:authentication-manager>
<security:http use-expressions="true">
<security:intercept-url pattern="/createoffer"
access="isAuthenticated()" />
<security:intercept-url pattern="/doCreate"
access="isAuthenticated()" />
<security:intercept-url pattern="/offercreated"
access="isAuthenticated()" />
<security:intercept-url pattern="/" access="permitAll" />
<security:intercept-url pattern="/statc/**"
access="permitAll" />
<security:intercept-url pattern="/login"
access="permitAll" />
<security:intercept-url pattern="/offers"
access="permitAll" />
<security:intercept-url pattern="/**" access="denyAll" />
<security:form-login login-page="/login"
authentication-failure-url="/login?error?true" />
<security:csrf disabled="true" />
</security:http>
</beans>
无法确定这里出了什么问题。请提供帮助。查询应返回三列:用户名、密码和启用。您的表似乎只有用户名和密码列 您需要添加一个已启用的列,或者需要提供自己的
UserDetailsService
实现
请参阅Spring安全性参考:
UserDetailsService的标准JDBC实现
(JdbcDaoImpl)要求表加载密码、帐户状态
(启用或禁用)以及用户的权限(角色)列表。
您需要调整此架构以匹配您使用的数据库方言
正在使用
create table users(
username varchar_ignorecase(50) not null primary key,
password varchar_ignorecase(50) not null,
enabled boolean not null
);
另请参见以下代码:
受保护列表loadUsersByUsername(字符串用户名){
返回getJdbcTemplate().query(usersByUsernameQuery,新字符串[]{username},
新的行映射器(){
公共用户详细信息映射行(结果集rs,int rowNum)
抛出SQLException{
字符串用户名=rs.getString(1);
字符串密码=rs.getString(2);
布尔启用=rs.getBoolean(3);
返回新用户(用户名、密码、已启用、true、true、true、,
主管部门(无任何主管部门);
}
});
}
Ya当我在查询中添加enabled时,它起作用了。感谢您的回复。:-)
create table users(
username varchar_ignorecase(50) not null primary key,
password varchar_ignorecase(50) not null,
enabled boolean not null
);
protected List<UserDetails> loadUsersByUsername(String username) {
return getJdbcTemplate().query(usersByUsernameQuery, new String[] { username },
new RowMapper<UserDetails>() {
public UserDetails mapRow(ResultSet rs, int rowNum)
throws SQLException {
String username = rs.getString(1);
String password = rs.getString(2);
boolean enabled = rs.getBoolean(3);
return new User(username, password, enabled, true, true, true,
AuthorityUtils.NO_AUTHORITIES);
}
});
}