Gri*_*iff 4 spring struts2 spring-security tiles2
使用Spring Security 3以及Struts 2和Tiles 2,我有一个登录页面,当它应该出现并按预期执行登录时 - 但是当我输入错误的用户凭据时,我返回到登录页面而没有关于什么地方出了错.我已经检查了所有配置参数,但我看不出问题出在哪里.
我的Spring Security XML配置如下:
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/" access="permitAll" />
<intercept-url pattern="/css/**" access="permitAll" />
<intercept-url pattern="/images/**" access="permitAll" />
<intercept-url pattern="/js/**" access="permitAll" />
<intercept-url pattern="/public/**" access="permitAll" />
<intercept-url pattern="/home/**" access="permitAll" />
<intercept-url pattern="/user/**" access="hasRole('AUTH_MANAGE_USERS')" />
<intercept-url pattern="/group/**" access="hasRole('AUTH_MANAGE_USERS')" />
<intercept-url pattern="/**" access="isAuthenticated()" />
<access-denied-handler error-page="/403.html"/>
<form-login login-page="/public/login.do" always-use-default-target="false"/>
<logout invalidate-session="true" logout-success-url="/public/home.do"/>
</http>
我的Struts Action看起来像这样:
<package name="public" namespace="/public" extends="secure">
<action name="login">
<result name="success" type="tiles">tiles.login.panel</result>
<result name="input" type="tiles">tiles.login.panel</result>
<result name="error">/WEB-INF/jsp/error.jsp</result>
</action>
<action name="logout">
<result name="success" type="redirect">/j_spring_security_logout</result>
</action>
</package>
login.jsp页面(tile的一部分)从Spring Security中查找异常...
<c:if test="${not empty param.login_error}">
<span class="actionError">
Your login attempt was not successful, try again.<br/><br/>
Reason: <c:out value="${SPRING_SECURITY_LAST_EXCEPTION.message}"/>.
</span>
</c:if>
<form id="loginForm" name="loginForm" action="/j_spring_security_check" method="post">
...
</form>
谁能告诉我我失踪了什么?提前感谢任何/所有回复.
Spring Security未param.login_error自动设置.您需要按照以下方式进行操作:
<form-login
login-page="/public/login.do"
authentication-failure-url = "/public/login.do?login_error=1"
always-use-default-target="false"/>
| 归档时间: |
|
| 查看次数: |
7404 次 |
| 最近记录: |