SpringSecurity + JSF自定義身份驗證

我試圖找到解決方案，但沒有人工作。我有一些用JSF編寫的spring安全配置和前端。我發現在一些intenter但CONFIGS一起，他們不想要工作SpringSecurity + JSF自定義身份驗證

<http> 
    <intercept-url pattern="/index*" access="IS_AUTHENTICATED_ANONYMOUSLY" /> 
    <intercept-url pattern="/javax.faces.resource/**" 
     access="IS_AUTHENTICATED_ANONYMOUSLY" /> 
    <intercept-url pattern="/**" access="ROLE_USER" /> 
    <intercept-url pattern="/admin/*" access="ROLE_SUPERVISOR" /> 
    <form-login login-page="/index.html" default-target-url="/home.html" 
     always-use-default-target="true" authentication-failure-url="/index.xhtml?login_error=1" /> 
    <logout logout-url="/logout.html" /> 
</http>

和：

<authentication-manager> 
    <authentication-provider>    
     <user-service> 
      <user name="admin" password="admin" authorities="ROLE_USER, ROLE_SUPERVISOR" /> 
      <user name="anonim" password="anonim" authorities="" /> 
      <user name="user" password="user" authorities="ROLE_USER" /> 
     </user-service> 
    </authentication-provider> 
</authentication-manager>

我想做出一些自定義的類，它會像自定義記錄器，我發現的解決方案，將類似於這些：

public class LoginBeenController { 
    private static final Logger LOGGER = Logger.getLogger(LoginBeenController.class); 

    private String login; 
    private String password; 
    @Autowired 
    private AuthenticationManager authenticationManager; 

    public LoginBeenController() { 

    } 

    public String getLogin() { 
     return login; 
    } 

    public String getPassword() { 
     return password; 
    } 

    public void setLogin(String login) { 
     this.login = login; 
    } 

    public void setPassword(String password) { 
     this.password = password; 
    } 

    public String login(){ 
     Authentication authentication = authenticationManager 
       .authenticate(new UsernamePasswordAuthenticationToken(
         this.login, this.password)); 
     if (authentication.isAuthenticated()) { 
      SecurityContextHolder.getContext().setAuthentication(
        authentication); 
     } 
     return new String(); 
    } 

}

這裏是主要的形式：

<h:form>  
    <h:panelGrid columns="2" cellpadding="5"> 
     <h:outputLabel for="username" name='j_username' value="Username:" /> 
     <p:inputText id="username" value="#{loginBeenController.login}" required="true" label="username" /> 

     <h:outputLabel for="password" value="Password:" /> 
     <h:inputSecret id="password" value='#{loginBeenController.password}' required="true" label="password" /> 

     <f:facet name="footer"> 
      <p:commandButton ajax='false' id="loginButton" value="Login" action="#{loginBeenController.login()}" /> 
     </f:facet> 
    </h:panelGrid>    
</h:form>

來源

2012-12-17 vermer

請告訴我你的問題，究竟什麼問題？ – micha

我不知道如何鏈接這些作品如何使用primefaces自定義授權 – vermer

您應該轉發到Spring Security身份驗證URL，而不是使用AuthenticationManager。試試這個：

public String doLogin() throws ServletException, IOException { 

    FacesContext context = FacesContext.getCurrentInstance(); 

     String springCheckUrl = this.buildSpringSecurityCheckUrl(); 

     HttpServletRequest request = (HttpServletRequest) context 
       .getExternalContext().getRequest(); 

     RequestDispatcher dispatcher = request 
       .getRequestDispatcher(springCheckUrl); 

     dispatcher.forward((ServletRequest) request, 
       (ServletResponse) context.getExternalContext.getResponse()); 

     context.responseComplete(); 

     return null; 
    } 

    private String buildSpringSecurityCheckUrl() { 
     StringBuilder springCheckUrl = new StringBuilder(
       "/j_spring_security_check").append("?").append("j_username") 
       .append("=").append(this.userName.trim()).append("&") 
       .append("j_password").append("=") 
       .append(this.userPassword.trim()); 
     return springCheckUrl.toString(); 
    } 
}

來源

2012-12-18 02:20:44 ElderMael

但這些是基於servlet重定向maby的解決方案，也是JSF的另一個嚴格 – vermer

好，我找到解決辦法，我只好只添加：

@Autowired 
@Qualifier("authenticationManager") 
AuthenticationManager authenticationManager;

來源

2012-12-18 12:57:00 vermer

SpringSecurity + JSF自定義身份驗證

回答

相關問題