스프링 보안 로그인 문제 -

Question

저는 스프링/스프링 시큐리티에 대해 다소 새로운 것입니다. 이미이 문제를 해결하기 위해 최선을 다했지만 더 이상 반복하지 않는 것 같습니다. 문제는 다음과 같습니다. 로그인이 제대로 작동하지 않습니다. 올바른 자격 증명을 사용하더라도 올바르지 않은 것으로 계속 표시됩니다. 저는 Spring Security와 Spring mvc + Oracle (hibernate + jpa)를 사용하고 있습니다. 어떤 도움을 주셔서 감사합니다. 미리 감사드립니다.

다음은 구성 파일입니다.

1. security.xml 

<http auto-config="true"> 
    <intercept-url pattern="/welcome*" access="ROLE_USER" /> 
    <form-login login-page="/login" default-target-url="/welcome" 
     authentication-failure-url="/loginfailed" /> 
    <logout logout-success-url="/logout" /> 
</http> 

<!-- <password-encoder hash="md5" /> --> 

<authentication-manager> 
    <authentication-provider> 
     <jdbc-user-service data-source-ref="dataSource" 
      users-by-username-query=" 
      SELECT username, password, 'TRUE' 
      FROM users WHERE username=?" 

      authorities-by-username-query=" 
      SELECT u.username, ur.authority FROM users u, user_roles ur 
      WHERE u.user_id = ur.user_id AND u.username=? " /> 
    </authentication-provider> 
</authentication-manager> 

2. web.xml 

<filter> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> 
</filter> 

<filter-mapping> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <url-pattern>/*</url-pattern> 
</filter-mapping> 

3. data.xml 

<!-- Transaction managing using the @Transactional annotation --> 
<tx:annotation-driven transaction-manager="transactionManager" /> 

<!-- Transaction Manager --> 
<bean id="transactionManager" 
    class="org.springframework.orm.hibernate3.HibernateTransactionManager"> 
    <property name="sessionFactory" ref="sessionFactory" /> 
</bean> 


<bean 
    class="org.springframework.web.servlet.view.InternalResourceViewResolver"> 
    <property name="prefix"> 
     <value>/WEB-INF/pages/</value> 
    </property> 
    <property name="suffix"> 
     <value>.jsp</value> 
    </property> 
</bean> 

<bean id="messageSource" 
    class="org.springframework.context.support.ReloadableResourceBundleMessageSource"> 
    <property name="basenames"> 
     <list> 
      <value>msgs</value> 
     </list> 
    </property> 
    <property name="defaultEncoding" value="UTF-8" /> 
</bean> 

<!-- ////////////////////////////////////////////////////////////////////////// --> 

    <bean id="propertyConfigurer" 
    class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer" 
    p:location="/WEB-INF/jdbc.properties"/> 

<!-- ////////////////////////////////////////////////////////////////////////// "--> 

<bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource" 
    destroy-method="close"> 
    <property name="driverClass" value="${jdbc.driverClassName}" /> 
    <property name="jdbcUrl" value="${jdbc.databaseurl}" /> 
    <property name="user" value="${jdbc.username}" /> 
    <property name="password" value="${jdbc.password}" /> 

</bean> 

<!-- ////////////////////////////////////////////////////////////////////////// --> 

<!-- Hibernate SessionFactory configuration --> 
<bean id="sessionFactory" 
    class="org.springframework.orm.hibernate3.annotation.AnnotationSessionFactoryBean"> 
    <property name="dataSource" ref="dataSource" /> 
    <property name="packagesToScan" value="com.tsystems.javaschool.kts.domain" /> 
    <property name="hibernateProperties"> 
     <props> 
      <prop key="hibernate.show_sql">true</prop> 
      <prop key="hibernate.dialect">${jdbc.dialect}</prop> 
      <prop key="hibernate.connection.charSet">UTF-8</prop> 
     </props> 
    </property> 
</bean> 

Answer 1

지금 오류가 어렵다,하지만 난 당신에게 예를 마녀를 얻을 수 있습니다 나를 위해 작동 (부품) : web.xml 파일의

부분 :

<filter> 
<filter-name>springSecurityFilterChain</filter-name> 
<filter-class> 
org.springframework.web.filter.DelegatingFilterProxy 
</filter-class> 
</filter> 
<filter-mapping> 
<filter-name>springSecurityFilterChain</filter-name> 
<url-pattern>/*</url-pattern> 
</filter-mapping> 

... ....

XML 파일 (security.xml)을 web.xml (web.xml의 다른 부분)에 포함 시켰습니까? JSP 페이지의

<http auto-config='true'> 
     <intercept-url pattern="/login**" access="IS_AUTHENTICATED_ANONYMOUSLY" /> 
     <intercept-url pattern="/admin/**" access="ROLE_ADMIN" /> 
     <intercept-url pattern="/**" access="ROLE_GUEST, ROLE_ADMIN" /> 
     <form-login login-page="/login.jsp" authentication-failure-url="/login.jsp?login_error=t"/> 
     <logout logout-success-url="/login.jsp?logout=t"/> 
    </http> 
    <authentication-manager> 
     <authentication-provider> 
     <password-encoder hash="md5"/> 
      <jdbc-user-service data-source-ref="ds" authorities-by-username-query="select USERNAME as username, ROLE as authority from DATA.ROLE where USERNAME=?" 
      users-by-username-query="select USERNAME as username, PASSWORD as password, 'true' AS enabled from DATA.USER where USERNAME=?"/> 
     </authentication-provider> 
    </authentication-manager> 

및 부품 (의 login.jsp) :

<c:when test="${param.logout == 't'}"> 

// show when I logout 
....... 

</c:when> 
<c:when test="${param.login_error == 't'}"> 

// show when username or password is not correct 
....... 

</c:when> 
<c:otherwise> 
..... 
<form method="POST" action="<%= response.encodeURL(request.getContextPath() + "/j_spring_security_check") %>" > 
...... 
<input class="input" type="text" name="j_username" /> 
...... 
<input class="input" type="password" name="j_password" /> 
..... 
<input type="submit" value="Login" name="Login" /> 
..... 
</c:otherwise> 

<listener> 
    <listener-class> 
    org.springframework.web.context.ContextLoaderListener 
    </listener-class> 
</listener> 
    <context-param> 
    <param-name>contextConfigLocation</param-name> 
    <param-value>/WEB-INF/security-config.xml</param-value> 
    </context-param> 

보안-config.xml 파일의 일부는 (DATA는 쉐마, 역할 및 사용자의 테이블)

그래도 안되면 여기에 적어주십시오.