2013-10-04 73 views
0

我正在使用spring security 3.2,JSF2,Hibernate4。Spring security 3.2:一個自定義的UserDetails&UserDetailsS​​ervice需要一個自定義的AuthenticationManager嗎?

我已經完成了3/4的工作:)但我的認證系統還沒有工作。

我有一個UserService實現UserDetailsS​​ervice,一個實現UserDetails的域類用戶。

登錄系統永遠不會停止用戶訪問受保護的頁面,我想用戶名和密碼,誰也不在我的數據庫中...

感謝您的幫助。

我是誰試圖當他通過登錄表單連接到認證用戶loginBean:

public String login() { 

     try { 

      Authentication request = new UsernamePasswordAuthenticationToken(this.getUsername(), this.getPassword()); 
      Authentication result = authenticationManager.authenticate(request); 
      SecurityContextHolder.getContext().setAuthentication(result); 

     } catch (AuthenticationException e) { e.printStackTrace();} 

     return "secured"; 
    } 

我春天的安全看起來是這樣的:

`<security:global-method-security jsr250-annotations="enabled" pre-post-annotations="enabled" secured-annotations="enabled" /> 

<security:http auto-config="true" use-expressions="true"> 
     <security:intercept-url pattern="/Admin" access="isAuthenticated()" /> 
     <security:form-login login-page="/login.xhtml" authentication-failure-url="/" > </security:form-login> 
    </security:http> 

    <!-- User Data Access Object --> 
    <beans:bean id="userDao" class="com.clb.genomic.lyon.dao.UserDaoImpl" > 
     <beans:property name="sessionFactory" ref="sessionFactory"></beans:property> 
    </beans:bean> 

    <!-- User Business Object --> 
    <beans:bean id="userBo" class="com.clb.genomic.lyon.bo.UserBoImpl" > 
     <beans:property name="userDao" ref="userDao" /> 
    </beans:bean> 


    <beans:bean id="login" class="com.clb.genomic.lyon.beans.LoginBean" scope ="request"> 
     <beans:property name="authenticationManager" ref="authenticationManager" /> 
    </beans:bean> 

    <beans:bean id="standardPasswordEncoder" class="org.springframework.security.crypto.password.StandardPasswordEncoder"/> 

    <security:authentication-manager alias="authenticationManager"> 
     <security:authentication-provider user-service-ref="userBo" > 
      <security:password-encoder ref="standardPasswordEncoder"/> 
     </security:authentication-provider> 
    </security:authentication-manager>` 

這是誰出現的錯誤...

org.springframework.security.authentication.AuthenticationServiceException: 1 
at org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:109) 
at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:132) 
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156) 
at com.clb.genomic.lyon.beans.LoginBean.login(LoginBean.java:47)..... 

Caused by: java.lang.ArrayIndexOutOfBoundsException: 1 
    at com.clb.genomic.lyon.dao.UserDaoImpl.loadUserByUsername(UserDaoImpl.java:59) 
    at com.clb.genomic.lyon.bo.UserBoImpl.loadUserByUsername(UserBoImpl.java:68) 
    at com.clb.genomic.lyon.bo.UserBoImpl$$FastClassByCGLIB$$9ea98abf.invoke(<generated>) 
    at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)..... 
+0

'intercept-url'應該包含'pattern =/Admin/**'來匹配子資源。 –

回答

0

異常堆棧跟蹤顯示你得到ArrayIndexOutOfBoundsException,似乎你從空數組讀取?你能分享UserDaoImpl嗎? 你還檢查了什麼值被傳遞給loadUserByUsername()方法,並試圖存在這個用戶

+0

是的,這就是你說的...在loadUserByUsername中傳遞的值不好...非常感謝,你幫助解決我的錯誤。:) – ZheFrench

相關問題