Spring登录页面有效,但我的登录页面不行?

时间:2011-04-07 15:13:30

标签: java spring-mvc spring-security

Spring登录页面有效但我的登录页面不适用?

我正在使用MySQL在Spring3中构建一个系统。如果我使用Spring登录页面,一切都很好,但我不喜欢这个设计所以我做了一个login.jsp并更改了我的context.xml文件,但我不能让我的login.jsp显示? 

[CODE]<http auto-config="true" use-expressions="true" >
        <intercept-url pattern="/friends/**" access="hasRole('ROLE_USER')" />

    <form-login login-processing-url="/EPA/j_spring_security_check"
                login-page="/login"
                authentication-failure-url="/login?login_error=t"/>
</http>[/CODE]

以下是错误

[CODE][DEBUG,FilterChainProxy] Converted URL to lowercase, from: '/spring_security_login'; to: '/spring_security_login'
[DEBUG,FilterChainProxy] Candidate is: '/spring_security_login'; pattern is /**; matched=true
[DEBUG,FilterChainProxy] /spring_security_login at position 1 of 10 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
[DEBUG,HttpSessionSecurityContextRepository] Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@bbe24eac: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@bbe24eac: Principal: org.springframework.security.core.userdetails.User@5e22dd8: Username: guest; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_USER; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@ffff4c9c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: BD1B281579EB6F9693C81DD20B0B4E9E; Granted Authorities: ROLE_USER'
[DEBUG,FilterChainProxy] /spring_security_login at position 2 of 10 in additional filter chain; firing Filter: 'LogoutFilter'
[DEBUG,FilterChainProxy] /spring_security_login at position 3 of 10 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
[DEBUG,FilterChainProxy] /spring_security_login at position 4 of 10 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
[DEBUG,FilterChainProxy] /spring_security_login at position 5 of 10 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
[DEBUG,FilterChainProxy] /spring_security_login at position 6 of 10 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
[DEBUG,FilterChainProxy] /spring_security_login at position 7 of 10 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
[DEBUG,AnonymousAuthenticationFilter] SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@bbe24eac: Principal: org.springframework.security.core.userdetails.User@5e22dd8: Username: guest; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_USER; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@ffff4c9c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: BD1B281579EB6F9693C81DD20B0B4E9E; Granted Authorities: ROLE_USER'
[DEBUG,FilterChainProxy] /spring_security_login at position 8 of 10 in additional filter chain; firing Filter: 'SessionManagementFilter'
[DEBUG,FilterChainProxy] /spring_security_login at position 9 of 10 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
[DEBUG,FilterChainProxy] /spring_security_login at position 10 of 10 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
[DEBUG,ExpressionBasedFilterInvocationSecurityMetadataSource] Converted URL to lowercase, from: '/spring_security_login'; to: '/spring_security_login'
[DEBUG,ExpressionBasedFilterInvocationSecurityMetadataSource] Candidate is: '/spring_security_login'; pattern is /friends/**; matched=false
[DEBUG,FilterSecurityInterceptor] Public object - authentication not attempted
[DEBUG,FilterChainProxy] /spring_security_login reached end of additional filter chain; proceeding with original chain
[DEBUG,ExceptionTranslationFilter] Chain processed normally
[DEBUG,SecurityContextPersistenceFilter] SecurityContextHolder now cleared, as request processing completed[/CODE]

3 个答案:

答案 0 :(得分:1)

Spring安全性可能无法找到您的login.jsp,因此会进入默认登录页面。

您是否在某个地方进行了映射,将/login转换为您的网络应用中相应位置的login.jsp?像

这样的东西 
!-- View Resolver for JSPs -->
    <bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
        <property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/>
        <property name="prefix" value="/WEB-INF/jsp/"/>
        <property name="suffix" value=".jsp"/>
    </bean>

答案 1 :(得分:0)

您的表单登录信息为login-processing-url="/EPA/j_spring_security_check,但是请求是/j_spring_security_check而没有/ EPA。

答案 2 :(得分:0)

login-page属性的值不是视图名称。

你需要做两件事:
1. 将登录页面属性值映射到控制器。示例:

XML:

<form-login login-page="/mylogin.do" ...  />

控制器:

    @RequestMapping("/mylogin.do")
public String showLoginForm() { 
/* return a view name that will be used by your Viewresolver 
   if you return "login" then view resolver will resolve it to login.jsp
*/
... 
}

2. :授予对登录页面的访问权限:

<intercept-url patter="/mylogin.do" access="permitAll" />
相关问题
最新问题