我是Spring的新手,我正在尝试创建一个简单的登录表单。我认为我的大部分代码/配置都很好,因为当我点击登录按钮时,我可以跟随我的代码一直到CustomAuthenticationProvider supports()和authenticate()方法。但是,当我随后尝试authentication.getCredentials()或authentication.getName()时,它们都返回一个空字符串。这就好像我的表单没有正确传递用户名/密码。
如下所示:
Login.jsp
<div class="login">
<h3>Login with Username and Password</h3>
<c:url value="/j_spring_security_check" var="loginUrl" />
<form name='loginForm' action="${loginUrl}" method="post">
<table>
<tr>
<td>Username:</td>
<td><input type='text' name='username'></td>
</tr>
<tr>
<td>Password:</td>
<td><input type='password' name='password' /></td>
</tr>
<tr>
<td colspan='2'>
<c:choose>
<c:when test="${showLoginForm}">
<% System.out.println( "Showing Login Form"); %>
<input name="submit" type="submit" value="Login" />
</c:when>
<c:otherwise>
<% System.out.println( "Showing Logout Form"); %>
<c:url value="/j_spring_security_logout" var="logoutUrl" />
<input type="button" onClick="location.href='${logoutUrl}'" value="Logout">
</c:otherwise>
</c:choose>
</td>
</tr>
<tr>
<td>
<button type="submit" class="btn">Log in2</button>
</td>
</tr>
</table>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
</form>
<c:if test="${not empty error}">
<div class="error">${error}</div>
</c:if>
<c:if test="${not empty loggedIn}">
<div class="loggedIn">${loggedIn}</div>
</c:if>
<c:if test="${not empty loggedOut}">
<div class="loggedOut">${loggedOut}</div>
</c:if>
</div>
CustomAuthenticationProvider
package com.craig.spring;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
public class CustomAuthenticationProvider implements AuthenticationProvider{
@Override
public Authentication authenticate(Authentication authentication)throws AuthenticationException {
// TODO Auto-generated method stub
authentication.getCredentials(); //returns ""
authentication.getName(); //returns ""
return authentication;
}
@Override
public boolean supports(Class<?> authentication) {
//return false;
return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
}
}
Web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>League</display-name>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>spring</servlet-name>
<servlet-class>
org.springframework.web.servlet.DispatcherServlet
</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>spring</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.css</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.js</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.gif</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.jpg</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.png</url-pattern>
</servlet-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring-security.xml
</param-value>
</context-param>
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
spring-security.xml
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd">
<http auto-config="true" disable-url-rewriting="true" entry-point-ref="loginUrlAuthenticationEntryPoint">
</http>
<beans:bean id="loginUrlAuthenticationEntryPoint"
class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
<beans:property name="loginFormUrl" value="/login.html"/>
</beans:bean>
<beans:bean id="customAuthenticationProvider" class="com.craig.spring.CustomAuthenticationProvider" />
<authentication-manager>
<authentication-provider ref="customAuthenticationProvider" />
</authentication-manager>
发布于 2014-06-27 01:53:13
尝试将输入表单域的名称更改为j_username和j_password。-叶夫根尼Jun 10 19:59
叶夫根尼在评论中给出了正确的答案。
https://stackoverflow.com/questions/24149142
复制相似问题