spring security无法登录 [英] spring security can't login
本文介绍了spring security无法登录的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
这是我春季安全配置的摘录:
This is snippet from my spring security configuration:
<security:http use-expressions="true">
<security:intercept-url pattern="/*" access="permitAll"/>
<security:intercept-url pattern="/admin*" access="hasRole('ROLE_ADMIN')" />
<security:form-login login-page="/zaloguj" default-target-url="/"
authentication-success-handler-ref="loginSuccessHandler"
authentication-failure-url="/zaloguj?error"
login-processing-url="/login"
/>
<security:logout logout-url="/wyloguj"
invalidate-session="true"
logout-success-url="/"
/>
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="admin" authorities="ROLE_ADMIN" password="admin"/>
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
当我输入登录表单admin admin时,我被重定向到authentication-failure-url。我究竟做错了什么?我使用的是Spring Security版本3.2.0.RELEASE。在此先感谢您的帮助。最好的问候
When I type in login form admin admin I am redirected to authentication-failure-url. What am I doing wrong? I am using Spring Security version 3.2.0.RELEASE. Thanks in advance for any help. Best Regards
推荐答案
尝试激活Spring安全性的调试日志记录。
Try activating the debug logging for Spring security.
以下配置适用于我
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security" xmlns:p="http://www.springframework.org/schema/p"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
<security:http auto-config="true" use-expressions="true">
<security:intercept-url pattern="/welcome*" access="hasRole('ROLE_ADMIN')" />
<security:form-login login-page="/login" default-target-url="/welcome"
authentication-failure-url="/loginfailed" />
<security:logout logout-success-url="/logout" />
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="test" password="123456" authorities="ROLE_ADMIN" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
</beans>
我的日志配置(log4j.properties)
My logging configuration (log4j.properties)
# Root logger option
log4j.rootLogger=INFO, stdout
# Direct log messages to stdout
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.Target=System.out
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n
log4j.logger.org.springframework.security=DEBUG,stdout
以下是成功登录时打印的调试声明
And following are the debug statement printed on successful login
2014-03-09 03:56:08 DEBUG UsernamePasswordAuthenticationFilter:205 - Request is to process authentication
.........
2014-03-09 03:56:08 DEBUG SessionFixationProtectionStrategy:97 - Started new session: bq2ozweuwq07l16o2nspj4q3
2014-03-09 03:56:08 DEBUG UsernamePasswordAuthenticationFilter:319 - Authentication success. Updating SecurityContextHolder to contain: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@bf69f27c: Principal: org.springframework.security.core.userdetails.User@364492: Username: test; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffc7f0c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 1ajcb4rxv6p4ryg58262el5e8; Granted Authorities: ROLE_ADMIN
..................
2014-03-09 03:56:08 DEBUG SavedRequestAwareAuthenticationSuccessHandler:107 - Using default Url: /welcome
2014-03-09 03:56:08 DEBUG DefaultRedirectStrategy:36 - Redirecting to '/welcome'
这篇关于spring security无法登录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
