kam*_*aci 5 java spring spring-security
我有一个 Spring Security 3 应用程序,我登录和注销效果很好。我想为我的应用程序实现我自己的 UsernamePasswordAuthenticationFilter 。我遵循了该教程:
http://mrather.blogspot.com/2010/02/extending-usernamepasswordauthenticatio.html
我的过滤器类是:
package security;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class CustomUsernamePasswordAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
@Override
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, Authentication authResult) throws IOException, ServletException {
super.successfulAuthentication(request, response, authResult);
System.out.println("==successful login==");
}
@Override
protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) throws IOException, ServletException {
super.unsuccessfulAuthentication(request, response, failed);
System.out.println("==failed login==");
}
}
我的安全 xml 配置文件:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<global-method-security/>
<http entry-point-ref="loginUrlAuthenticationEntryPoint"/>
<beans:bean id="loginUrlAuthenticationEntryPoint"
class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
<beans:property name="loginFormUrl" value="/login.html"/>
</beans:bean>
<beans:bean id="customUsernamePasswordAuthenticationFilter"
class="security.CustomUsernamePasswordAuthenticationFilter">
<beans:property name="authenticationManager" ref="authenticationManager"/>
<beans:property name="authenticationFailureHandler" ref="failureHandler"/>
<beans:property name="authenticationSuccessHandler" ref="successHandler"/>
</beans:bean>
<beans:bean id="successHandler"
class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<beans:property name="defaultTargetUrl" value="/login.html"/>
</beans:bean>
<beans:bean id="failureHandler"
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<beans:property name="defaultFailureUrl" value="/login.html?login_error=true"/>
</beans:bean>
<http auto-config="false" disable-url-rewriting="true">
<custom-filter position="FORM_LOGIN_FILTER" ref="customUsernamePasswordAuthenticationFilter"/>
<intercept-url pattern="/login.html" filters="none"/>
<intercept-url pattern="/css/*" filters="none"/>
<intercept-url pattern="/**" access="ROLE_USER"/>
</http>
<authentication-manager alias="authenticationManager">
<authentication-provider>
<password-encoder hash="sha-256"/>
<user-service>
<user name="sdf" password="6b86d273ff34fce19d6dddf5747ada4eaa22f1d49c01e52ddb7875b4b"
authorities="ROLE_USER"/>
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
但是,当我运行我的应用程序时,它不会重定向到登录页面,它默认情况下会转到索引页面并给出
404 Not found error
对于我的所有网页。有任何想法吗?我的应用程序配置得好吗?
PS:教程中写道:
注意:由于我们要替换默认的 FORM_LOGIN_FILTER,因此我们不应该使用
所以我删除了:
<form-login
login-page="/login3.html"
login-processing-url="/j_spring_security_check"
default-target-url="/index.html"
always-use-default-target="true"/>
<logout logout-url="/j_spring_security_logout"
logout-success-url="/login.html"/>
来自我的 XML 文件。
还需要定义 successHandler 和 failureHandler 因为我没有覆盖它们。如果我这样做是因为我要更换过滤器(或者因为 -http auto-config="false"
我不知道该行的真正目的,如果您解释一下,欢迎)我应该为安全定义其他内容吗?
我是 Spring Security 3 和 Spring 的新手。
| 归档时间: |
|
| 查看次数: |
16674 次 |
| 最近记录: |