正如Pavel在评论中提到的,您有两个
当我试图通过用户名为"sumit1"和密码为"123"进行身份验证时,它会将我重定向到登录错误页面,尽管我为用户名"sumit"定义了相同的角色。
这是我的springsecurityxml文件。
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd">
<!-- This is where we configure Spring-Security -->
<security:http auto-config="true" access-denied-page="/sumit/auth/denied.jsp" >
<security:intercept-url pattern="/admin**" access="ROLE_ADMIN"/>
<security:intercept-url pattern="/user**" access="ROLE_USER"/>
<security:form-login authentication-failure-url="/sumit/auth/invalid.jsp"/>
<!-- <security:form-login login-page="/sumit/auth/login.jsp"/> -->
<security:logout logout-success-url="/index.jsp"/>
</security:http>
<!-- Declare an authentication-manager to use a custom userDetailsService -->
<security:authentication-manager>
<security:authentication-provider>
<security:user-service><security:user name="sumit" password="123" authorities="ROLE_ADMIN"/></security:user-service>
<security:user-service><security:user name="sumit1" password="123" authorities="ROLE_ADMIN"/></security:user-service>
</security:authentication-provider>
</security:authentication-manager>
<!-- Use a Md5 encoder since the user's passwords are stored as Md5 in the database -->
<bean class="org.springframework.security.authentication.encoding.Md5PasswordEncoder" id="passwordEncoder"/>
<!-- An in-memory list of users. No need to access an external database layer.
See Spring Security 3.1 Reference 5.2.1 In-Memory Authentication -->
<!-- john's password is admin, while jane;s password is user -->
</beans>
<security:user-service>标记。您只需要一个用户,并且可以在同一用户下定义多个用户。
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="sumit" password="123" authorities="ROLE_ADMIN"/>
<security:user name="sumit1" password="123" authorities="ROLE_ADMIN"/>
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>