2. 질의 응답
  3. 인증 실패는

인증 실패는

2016-08-06 1 views
0

이것은이 file.Here 내가 그것을 점점되지 않은 사용자 이름과 암호를 입력 url.after 인증 실패를 얻고 스프링 security.xml 내 .jsp로 페이지인증 실패는

<div class="banner"> 
    <div class="container"> 
<div id="errorDiv" align="center"><% 
       String sl = request.getParameter("sl"); 
       if(sl != null && sl.equalsIgnoreCase("f")){%> 
        <b>Invalid Login!</b> 
       <%} %> 
    </div> 
     <div class="spacer-60px"></div> 
     <div class="spacer-60px"></div> 
     <div class="row"> 
      <div class="span14"> 
       <div class="span4"></div> 
       <div class="span4"> 
        <form name="login" action="/missionbhageeratha/login.html" method="POST" > 

         <div class="boxcontainer" > 

          <div class="widget_login"> 
           <div class="login-username" style="height: 20"> 
            <input type="text" class="form-control" type="text" style="height: 20" 
             name="username" placeholder="username" autofocus="autofocus" /> 
           </div> 
           <div class="login-password"> 
            <input class="form-control" type="password" name="password" 
             placeholder="password" /> 

             <a href="javascript:call();" class="btn" id="continueBtn" tabindex='22'>Log In</a> 
             <a href="/missionbhageeratha/newUserCreation.html" class="btn" id="continueBtn" tabindex='22'>new user registration</a> 
           </div> 

          </div> 
         </div> 
         <script type="text/javascript"> 

function call(){ 
    document.login.username.value = document.login.username.value.toLowerCase(); 
    submitForm(); 
} 
function enterKey(evt) { 
    var evt = (evt) ? evt : ((event) ? event : null); 
    if (evt.keyCode == 13) { 
     call(); 
    } 
} 
document.onkeypress = enterKey; 
</script> 
        </form> 
       </div> 
      </div> 
     </div> 
    </div> 
</div>

입니다 즉, 내가 원하는 페이지로 리디렉션 ... 코드 here`

<%@page import="com.cgg.util.StringUtils"%> 
<%@ page contentType="text/html; charset=UTF-8"%> 
<div class="banner"> 
<div class="spacer-20px;"></div> 
       <div class="container clearfix"> 
       <div class="row"> 
       <div class="span12"> 
       <div class="pageTitle"> 
<marquee><font >WELCOME Administrator</font></marquee>    </div> 
       <br> 
       </div> 
       </div> 
       </div> 
</div> 
<?xml version="1.0" encoding="UTF-8" ?> 
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xmlns:sec="http://www.springframework.org/schema/security" 
    xmlns:mvc="http://www.springframework.org/schema/mvc" 
    xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd 
     http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd 
     http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd"> 


    <http auto-config="true" use-expressions="true" xmlns="http://www.springframework.org/schema/security"> 
    <!-- <intercept-url pattern="/*.html" access="hasRole('USER')"/> 
     <intercept-url pattern="/*.html" access="hasRole('ADMIN')"/> 
     <intercept-url pattern="/*.html" access="hasRole('AUTH')"/> 
     <intercept-url pattern="/*.html" access="permitAll"/> --> 
     <intercept-url pattern="/**" access="permitAll"/> 
     <form-login login-page="/signin.html" default-target-url="/signin.html" authentication-failure-url="/signin.html?sl=f" 
        always-use-default-target="true" login-processing-url="/login.html" username-parameter="username" password-parameter="password"/> 

     <logout logout-success-url="/signin.html" logout-url="/auth/springSecurityLogoutAction.html" delete-cookies="JSESSIONID"/> 

     <anonymous /> 
    </http> 

     <authentication-manager alias="authenticationManager" xmlns="http://www.springframework.org/schema/security"> 
     <authentication-provider> 
      <jdbc-user-service data-source-ref="myDataSource" 
      users-by-username-query="select username password, case when active_flg = 'Y' then 'true' else 'false' end enabled from public.user_mst where username=?" 
      authorities-by-username-query="select u.username, r.role_desc from public.user_mst u, public.role_mst r where u.username = r.role_desc 
      and u.username = ?"  role-prefix="none" /> 
      <password-encoder hash="md5"> 
       <salt-source user-property="username"/> 
      </password-encoder> 
     </authentication-provider> 
    </authentication-manager> 


</beans>

이 내 web.xml을 입력

<?xml version="1.0" encoding="UTF-8"?> 
<web-app id="WebApp_ID" version="2.5" 
xmlns="http://java.sun.com/xml/ns/javaee" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> 
<display-name>MissionBhageeratha</display-name> 
<listener> 
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> 
</listener> 

    <filter> 
     <filter-name>springSecurityFilterChain</filter-name> 
     <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> 
    </filter> 

    <filter-mapping> 
     <filter-name>springSecurityFilterChain</filter-name> 
     <url-pattern>/*</url-pattern> 
    </filter-mapping> 


<context-param> 
      <param-name>contextConfigLocation</param-name> 
      <param-value>/WEB-INF/spring-application.xml, 
      /WEB-INF/spring-hibernate.xml, 
      /WEB-INF/spring-security.xml 
      </param-value> 
    </context-param> 


    <servlet> 
      <servlet-name>MissionBhageeratha</servlet-name> 
      <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> 
      <load-on-startup>2</load-on-startup> 
    </servlet> 
    <servlet-mapping> 
      <servlet-name>MissionBhageeratha</servlet-name> 
      <url-pattern>*.html</url-pattern> 
    </servlet-mapping> 

<welcome-file-list> 
       <welcome-file>index.jsp</welcome-file> 
    </welcome-file-list> 
    <session-config> 
       <session-timeout>20</session-timeout> 
    </session-config> 
</web-app>

출처

2016-08-06 M Sreenivasa Reddy

답변

0

이렇게하면됩니다. security.xml

<security:http auto-config="true" use-expressions="true" authentication-manager-ref="webAccess"> 

    <security:intercept-url pattern="/user/**" access="hasRole('ROLE_ADMIN')" />   
    <security:access-denied-handler error-page="/403" /> 

    <security:form-login 
     login-processing-url="/login" 
     login-page="/loginform" 
     default-target-url="/" 
     authentication-failure-url="/loginform?error=1" 
     username-parameter="username" 
     password-parameter="password" /> 

    <security:logout logout-url="/logout" logout-success-url="/" delete-cookies="JSESSIONID" /> 
    <security:csrf /> 

</security:http> 

    <security:authentication-manager id="webAccess"> 


     <security:authentication-provider> 
     <security:user-service> 
      <security:user name="admin" password="admin" authorities="ROLE_ADMIN" /> 
      <security:user name="user" password="user" authorities="ROLE_EDITOR" /> 
     </security:user-service> 
    </security:authentication-provider> 

    </security:authentication-manager>

그리고 당신의

는 JSP :

 <spring:url value="/login" var="loginURL"/>    
    <form name='loginForm' action="${loginURL}" method='post'> 

     <!-- username --> 
      <input id="Username" name="username" type="text"> 
     </div> 

     <!-- password --> 
     <input id="Password" name="password" type="password"> 
     </div> 

     <!-- CSRF -->    
     <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" /> 

     <br/> 

     <!-- submit -->      
     <input type="submit" value="Login" class="btn btn-success center-block" /> 

    </form>

출처

2016-08-07 23:23:18

관련 문제

 관련 문제