Spring安全jsf登录页面未调用

我的问题是当我想请求一些页面时，login.xhtml没有打开以验证用户。

这是security-config.xml:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:security="http://www.springframework.org/schema/security"
       xsi:schemaLocation="http://www.springframework.org/schema/beans
       http://www.springframework.org/schema/beans/spring-beans.xsd
       http://www.springframework.org/schema/security
       http://www.springframework.org/schema/security/spring-security.xsd">
    <security:http auto-config="false" use-expressions="true">
        <security:csrf disabled="true"/>
        <security:intercept-url pattern="/faces/login2.xhtml" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
        <security:intercept-url pattern="/faces/MyCard.xhtml" access="hasRole('ROLE_USER')"/>
        <security:form-login login-page="/faces/login2.xhtml" default-target-url="/Home.xhtml"
                             authentication-failure-url="/faces/login2.xhtml?error=1" login-processing-url="/j_spring_security_check"/>
    </security:http>
    <security:authentication-manager>
        <security:authentication-provider>
            <security:user-service>
                <security:user name="sajjad" authorities="ROLE_USER" password="ssss"/>
            </security:user-service>
        </security:authentication-provider>
    </security:authentication-manager>
</beans>

这是web.xml

<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>/WEB-INF/applicationContext.xml
        /WEB-INF/security-config.xml
    </param-value>
</context-param>
<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>

<!-- SPRING SECURITY RELATED CONFIG-->
<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>REQUEST</dispatcher>
</filter-mapping>

这是login bean:

@ManagedBean
@SessionScoped
public class LoginBean {
private String username;
private String password;
public String login() throws IOException, ServletException {
    FacesContext context = FacesContext.getCurrentInstance();
    ExternalContext externalContext = context.getExternalContext();
    RequestDispatcher dispatcher = ((ServletRequest) externalContext.getRequest())
            .getRequestDispatcher("/j_spring_security_check?j_username=" + username
                    + "&j_password=" + password);
    dispatcher.forward((ServletRequest) externalContext.getRequest(), (ServletResponse) externalContext.getResponse());
    context.responseComplete();
    return null;
}
//getter/setters

似乎您没有在配置文件中精确设置正确的登录页面名称。是login不是login2:

<security:http auto-config="false" use-expressions="true">
    ...
    <security:form-login login-page="/faces/login.xhtml" default-target-url="/Home.xhtml"
    ...
</security:http>

如果不工作，省略.xhtml，否则只保留"login"的登录页面属性

相关内容

最新更新

热门标签：