我是Spring Security的新手,我試圖設置對PostgreSQL數據庫的認證/授權。我遵循前三章here並獲得了內存中用戶名/密碼的正常工作。創建模式(here)所需的表,然後用所需的春天所有的豆子一起設立在Tomcat中(here)JNDI數據源後,登錄正與此消息失敗:Spring Security with JDBC Authentication - No AuthenticationProvider found
你的登錄嘗試不成功,再試一次。
原因:沒有的AuthenticationProvider發現 org.springframework.security.authentication.UsernamePasswordAuthenticationToken
這裏的豆在我的servlet-context.xml中定義:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/mvc"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:jee="http://www.springframework.org/schema/jee"
xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee.xsd">
<!-- DispatcherServlet Context: defines this servlet's request-processing infrastructure -->
<jee:jndi-lookup id="dataSource" jndi-name="jdbc/TyedArtDB"/>
<!-- Enables the Spring MVC @Controller programming model -->
<annotation-driven />
<context:component-scan base-package="com.tyedart.web" />
<!-- Handles HTTP GET requests for /resources/** by efficiently serving up static resources in the ${webappRoot}/resources directory -->
<resources mapping="/resources/**" location="/resources/" />
<!-- Resolves views selected for rendering by @Controllers to .jsp resources in the /WEB-INF/views directory -->
<beans:bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<beans:property name="prefix" value="/WEB-INF/views/" />
<beans:property name="suffix" value=".jsp" />
</beans:bean>
<beans:bean id="userDetailsService" class="org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl">
<beans:property name="dataSource" ref="dataSource"/>
</beans:bean>
<beans:bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
<beans:bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<beans:property name="userDetailsService" ref="userDetailsService"/>
<beans:property name="passwordEncoder" ref="passwordEncoder"/>
</beans:bean>
<beans:bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
<beans:property name="providers">
<beans:list>
<beans:ref bean="daoAuthenticationProvider"/>
</beans:list>
</beans:property>
</beans:bean>
</beans:beans>
這是我的SecurityConfig等級:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
// auth
// .inMemoryAuthentication()
// .withUser("rob").password("22").roles("ADMIN");
InitialContext ctx = new InitialContext();
DataSource dataSource = (DataSource) ctx.lookup("java:/comp/env/jdbc/TyedArtDB");
auth
.jdbcAuthentication()
.dataSource(dataSource)
.withDefaultSchema()
.passwordEncoder(new BCryptPasswordEncoder());
}
@Override
public void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/manage/**").hasRole("ADMIN")
.and()
.formLogin();
}
}
任何想法我在做什麼克錯了嗎?
謝謝,這兩個項目正是我所需要的!注入數據源時是否遇到問題?我有另一個帖子在這裏:http://stackoverflow.com/questions/21826538/spring-jndi-datasource-no-qualifying-bean-of-type-javax-sql-datasource-found –
很高興有幫助。我將數據源配置爲Hibernate上的JPA的一部分。我使用Spring而不是JNDI來訪問數據源。 I.E.數據源用@Bean註釋。我有相同的設置git hub項目(減去彈簧安全性。你想要的網址? – lorinpa