如何启用Spring Security的日志记录? [英] How do I enable logging for Spring Security?
问题描述
我正在设置Spring Security以处理日志用户。我已经以用户身份登录,成功登录后被带到访问被拒绝的错误页面。我不知道我的用户实际被分配了什么角色,或导致访问被拒绝的规则,因为我无法弄清楚如何启用Spring Security库的调试。
I am setting up Spring Security to handle logging users in. I have logged in as a user, and am taken to an Access Denied error page upon successful login. I don't know what roles my user has actually been assigned, or the rule that causes access to be denied, because I can't figure out how to enable debugging for the Spring Security library.
我的安全性xml:
<?xml version="1.0" encoding="UTF-8"?>
<beans ... >
<!-- security -->
<security:debug/><!-- doesn't seem to be working -->
<security:http auto-config="true">
<security:intercept-url pattern="/Admin**" access="hasRole('PROGRAMMER') or hasRole('ADMIN')"/>
<security:form-login login-page="/Load.do"
default-target-url="/Admin.do?m=loadAdminMain"
authentication-failure-url="/Load.do?error=true"
username-parameter="j_username"
password-parameter="j_password"
login-processing-url="/j_spring_security_check"/>
<security:csrf/><!-- enable Cross Site Request Forgery protection -->
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:jdbc-user-service data-source-ref="loginDataSource"
users-by-username-query="SELECT username, password, active FROM userinformation WHERE username = ?"
authorities-by-username-query="
SELECT ui.username, r.rolename
FROM role r, userrole ur, userinformation ui
WHERE ui.username=?
AND ui.userinformationid = ur.userinformationid
AND ur.roleid = r.roleid "
/>
<security:password-encoder hash="md5"/>
</security:authentication-provider>
</security:authentication-manager>
</beans>
我还尝试添加 log4j.logger.org.springframework.security = DEBUG
到我的log4j.properties
I've also tried adding log4j.logger.org.springframework.security=DEBUG
to my log4j.properties
如何获取Spring Security的调试输出?
How can I get debug output for Spring Security?
推荐答案
可以使用Spring的 DebugFilter
进行基本调试,如下所示:
Basic debugging using Spring's DebugFilter
can be configured like this:
@EnableWebSecurity
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
public void configure(WebSecurity web) throws Exception {
web.debug(true);
}
}
这篇关于如何启用Spring Security的日志记录?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!