2011-02-07 224 views
2

我開發一個Struts2的+彈簧+瓷磚+休眠+彈簧安全應用春季安全工作不

當我去到URL /註冊我正確地重定向到登錄頁面, 但與用戶名登錄並密碼在配置文件中指定, 我被重定向回登錄頁面,其URL爲「login?error = true」,這意味着登錄失敗,正如我所提到的「authentication-failure-url =」/ login?error = true「」

我已配置基於表單的登錄,並且具有以下配置

//web.xml

<listener> 
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> 
</listener> 
<context-param> 
    <param-name>contextConfigLocation</param-name> 
    <param-value> 
    /WEB-INF/applicationContext.xml 
    /WEB-INF/medic-security.xml 
    </param-value> 
</context-param> 

<filter> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <filter-class> 
     org.springframework.web.filter.DelegatingFilterProxy 
    </filter-class> 
</filter> 

<filter-mapping> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <url-pattern>/*</url-pattern> 
</filter-mapping> 

<filter> 
<filter-name>struts2</filter-name> 
<filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class> 
</filter> 

<filter-mapping> 
<filter-name>struts2</filter-name> 
<url-pattern>/*</url-pattern> 
</filter-mapping> 

//medics-security.xml

<http auto-config="true" access-denied-page="/error"> 
<intercept-url pattern="/" access="IS_AUTHENTICATED_ANONYMOUSLY"/> 
<intercept-url pattern="/register*" access="ROLE_USER" /> 
<intercept-url pattern="/messagePost*" access="ROLE_USER" /> 
<intercept-url pattern="/messageDelete*" access="ROLE_ADMIN" /> 
<form-login login-page="/login" authentication-failure-url="/login?error=true"/> 
<remember-me/> 
<logout/> 

</http> 

<authentication-manager> 
    <authentication-provider> 
     <user-service> 
     <user name="admin" password="secret" authorities="ROLE_USER"/> 
     </user-service> 
    </authentication-provider> 
</authentication-manager> 

//login.jsp

<form action="j_spring_security_check"> 
    <label for="j_username">Username</label> 
<input type="text" name="j_username" id="j_username"/><br/> 
    <label for="j_password">Password</label> 
<input type="password" name="j_password" id="j_password"/><br/> 
    <input type='checkbox' name='_spring_security_remember_me'/> Remember me<br/> 
    <input type="submit" value="Login"/> 
<input type="reset" value="Reset"/> 
</form> 

//struts.xml

<package name="default" namespace="/" extends="struts-default"> 
    <action name="login" class="com.medics.action.LoginAction"> 
    <result name="SUCCESS" type="tiles">login</result> 
    </action> 

    <action name="register" class="com.medics.action.RegisterAction"> 
    <result name="SUCCESS">/Register.jsp</result> 
    </action> 
</package> 

動作類除了返回「S UCCESS「

回答

3

由於您尚未爲<form>指定method,因此它使用GET,即defaultspring-security 3.x默認情況下不允許使用GET進行身份驗證。

您可以嘗試添加method="post"並查看是否有幫助?

+0

謝謝!你在 – 2011-02-07 12:07:02