Spring Security 引用数据库管理用户权限-----login.jsp 提示"用户名或密码错误"
2016-03-19 15:58
946 查看
错误展示:
相关spring-security.xml 配置文件和spring-mybatis.xml 文件
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd"> <!-- <http security="none" pattern="/login.action" /> -->
<!-- auto-config = true 则使用from-login. 如果不使用该属性 则默认为http-basic(没有session). -->
<http auto-config="true">
<!--
login-page:默认指定的登录页面.
authentication-failure-url:出错后跳转页面.
default-target-url:成功登陆后跳转页面 默认登录保护url
login-processing-url:用户登入处理路径,默认:/j_spring_security_check
username-parameter:验证用户输入的用户名,默认:j_username
password-parameter:验证用户输入的密码 ,默认:J_password
-->
<form-login
login-page="/login.action"
default-target-url="/welcome.action"
authentication-failure-url="/login.action?error"
login-processing-url="/j_spring_security_check"
username-parameter="username"
password-parameter="password" />
<!-- logout-success-url:成功注销后跳转到的页面; -->
<!-- logout-url 用户注销处理路径,默认:/j_spring_security_logout -->
<!-- invalidate-session 是否注销当前会话 -->
<logout
logout-url="/j_spring_security_logout"
logout-success-url="/login.action"
invalidate-session="true" />
<intercept-url pattern="/login.action" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/**" access="ROLE_USER" />
</http>
<authentication-manager>
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="select d_username username,d_password password, d_enabled enabled from t_users where d_username=?"
authorities-by-username-query="select d_username username, d_role role from t_user_roles where d_username=? " />
</authentication-provider>
</authentication-manager>
</beans:beans>
spring-mybatis.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.1.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd ">
<mvc:default-servlet-handler/>
<!-- 引入配置文件 -->
<bean id="propertyConfigurer"
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="location" value="classpath:jdbc.properties" />
</bean>
<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource"
destroy-method="close">
<property name="driverClassName" value="${driver}" />
<property name="url" value="${url}" />
<property name="username" value="${username}" />
<property name="password" value="${password}" />
<!-- 初始化连接大小 -->
<property name="initialSize" value="${initialSize}"></property>
<!-- 连接池最大数量 -->
<property name="maxActive" value="${maxActive}"></property>
<!-- 连接池最大空闲 -->
<property name="maxIdle" value="${maxIdle}"></property>
<!-- 连接池最小空闲 -->
<property name="minIdle" value="${minIdle}"></property>
<!-- 获取连接最大等待时间 -->
<property name="maxWait" value="${maxWait}"></property>
</bean>
<!-- spring和MyBatis完美整合,不需要mybatis的配置映射文件 -->
<bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
<property name="dataSource" ref="dataSource" />
<!-- 自动扫描mapping.xml文件 -->
<property name="mapperLocations" value="classpath:com/**/mapper/*.xml"></property>
</bean>
<!-- DAO接口所在包名,Spring会自动查找其下的类 -->
<bean class="org.mybatis.spring.mapper.MapperScannerConfigurer">
<property name="basePackage" value="com.common.base.dao;com.common.common.dao;com.alarm.dao;com.buildingDevice.dao;com.smart.dao;com.village.dao;com.wlsqManage.dao" />
<property name="sqlSessionFactoryBeanName" value="sqlSessionFactory"></property>
</bean>
<!-- (事务管理)transaction manager, use JtaTransactionManager for global tx -->
<bean id="transactionManager"
class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
<property name="dataSource" ref="dataSource" />
</bean>
<!-- 通知 -->
<tx:advice id="tx"
transaction-manager="transactionManager">
<tx:attributes>
<tx:method name="delete*" propagation="REQUIRED" />
<tx:method name="insert*" propagation="REQUIRED" />
<tx:method name="update*" propagation="REQUIRED" />
<tx:method name="find*" read-only="true" />
<tx:method name="get*" read-only="true" />
<tx:method name="select*" read-only="true" />
</tx:attributes>
</tx:advice>
<aop:config>
<aop:pointcut id="pc" expression="execution(* *..service.*.*(..))" />
<!--把事务控制在Service层-->
<aop:advisor pointcut-ref="pc" advice-ref="tx" />
</aop:config>
</beans>
这个问题,才不多纠结了我一上午的时间,后面偶然参看了一下,其他的人的实现方法,发现在spring-security.xml 文件中少配置了一个jdbc 的标签控件,啊,真实太LOW了。
调整后的spring-security.xml配置文件
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd <span style="color:#ff0000;">http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd </span> http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<!-- <http security="none" pattern="/login.action" /> -->
<!-- auto-config = true 则使用from-login. 如果不使用该属性 则默认为http-basic(没有session). -->
<http auto-config="true">
<!--
login-page:默认指定的登录页面.
authentication-failure-url:出错后跳转页面.
default-target-url:成功登陆后跳转页面 默认登录保护url
login-processing-url:用户登入处理路径,默认:/j_spring_security_check
username-parameter:验证用户输入的用户名,默认:j_username
password-parameter:验证用户输入的密码 ,默认:J_password
-->
<form-login
login-page="/login.action"
default-target-url="/welcome.action"
authentication-failure-url="/login.action?error"
login-processing-url="/j_spring_security_check"
username-parameter="username"
password-parameter="password" />
<!-- logout-success-url:成功注销后跳转到的页面; -->
<!-- logout-url 用户注销处理路径,默认:/j_spring_security_logout -->
<!-- invalidate-session 是否注销当前会话 -->
<logout
logout-url="/j_spring_security_logout"
logout-success-url="/login.action"
invalidate-session="true" />
<intercept-url pattern="/login.action" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/**" access="ROLE_USER" />
</http>
<authentication-manager>
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="select d_username username,d_password password, d_enabled enabled from t_users where d_username=?"
authorities-by-username-query="select d_username username, d_role role from t_user_roles where d_username=? " />
</authentication-provider>
</authentication-manager>
</beans:beans>
相关spring-security.xml 配置文件和spring-mybatis.xml 文件
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd"> <!-- <http security="none" pattern="/login.action" /> -->
<!-- auto-config = true 则使用from-login. 如果不使用该属性 则默认为http-basic(没有session). -->
<http auto-config="true">
<!--
login-page:默认指定的登录页面.
authentication-failure-url:出错后跳转页面.
default-target-url:成功登陆后跳转页面 默认登录保护url
login-processing-url:用户登入处理路径,默认:/j_spring_security_check
username-parameter:验证用户输入的用户名,默认:j_username
password-parameter:验证用户输入的密码 ,默认:J_password
-->
<form-login
login-page="/login.action"
default-target-url="/welcome.action"
authentication-failure-url="/login.action?error"
login-processing-url="/j_spring_security_check"
username-parameter="username"
password-parameter="password" />
<!-- logout-success-url:成功注销后跳转到的页面; -->
<!-- logout-url 用户注销处理路径,默认:/j_spring_security_logout -->
<!-- invalidate-session 是否注销当前会话 -->
<logout
logout-url="/j_spring_security_logout"
logout-success-url="/login.action"
invalidate-session="true" />
<intercept-url pattern="/login.action" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/**" access="ROLE_USER" />
</http>
<authentication-manager>
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="select d_username username,d_password password, d_enabled enabled from t_users where d_username=?"
authorities-by-username-query="select d_username username, d_role role from t_user_roles where d_username=? " />
</authentication-provider>
</authentication-manager>
</beans:beans>
spring-mybatis.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.1.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd ">
<mvc:default-servlet-handler/>
<!-- 引入配置文件 -->
<bean id="propertyConfigurer"
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="location" value="classpath:jdbc.properties" />
</bean>
<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource"
destroy-method="close">
<property name="driverClassName" value="${driver}" />
<property name="url" value="${url}" />
<property name="username" value="${username}" />
<property name="password" value="${password}" />
<!-- 初始化连接大小 -->
<property name="initialSize" value="${initialSize}"></property>
<!-- 连接池最大数量 -->
<property name="maxActive" value="${maxActive}"></property>
<!-- 连接池最大空闲 -->
<property name="maxIdle" value="${maxIdle}"></property>
<!-- 连接池最小空闲 -->
<property name="minIdle" value="${minIdle}"></property>
<!-- 获取连接最大等待时间 -->
<property name="maxWait" value="${maxWait}"></property>
</bean>
<!-- spring和MyBatis完美整合,不需要mybatis的配置映射文件 -->
<bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
<property name="dataSource" ref="dataSource" />
<!-- 自动扫描mapping.xml文件 -->
<property name="mapperLocations" value="classpath:com/**/mapper/*.xml"></property>
</bean>
<!-- DAO接口所在包名,Spring会自动查找其下的类 -->
<bean class="org.mybatis.spring.mapper.MapperScannerConfigurer">
<property name="basePackage" value="com.common.base.dao;com.common.common.dao;com.alarm.dao;com.buildingDevice.dao;com.smart.dao;com.village.dao;com.wlsqManage.dao" />
<property name="sqlSessionFactoryBeanName" value="sqlSessionFactory"></property>
</bean>
<!-- (事务管理)transaction manager, use JtaTransactionManager for global tx -->
<bean id="transactionManager"
class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
<property name="dataSource" ref="dataSource" />
</bean>
<!-- 通知 -->
<tx:advice id="tx"
transaction-manager="transactionManager">
<tx:attributes>
<tx:method name="delete*" propagation="REQUIRED" />
<tx:method name="insert*" propagation="REQUIRED" />
<tx:method name="update*" propagation="REQUIRED" />
<tx:method name="find*" read-only="true" />
<tx:method name="get*" read-only="true" />
<tx:method name="select*" read-only="true" />
</tx:attributes>
</tx:advice>
<aop:config>
<aop:pointcut id="pc" expression="execution(* *..service.*.*(..))" />
<!--把事务控制在Service层-->
<aop:advisor pointcut-ref="pc" advice-ref="tx" />
</aop:config>
</beans>
这个问题,才不多纠结了我一上午的时间,后面偶然参看了一下,其他的人的实现方法,发现在spring-security.xml 文件中少配置了一个jdbc 的标签控件,啊,真实太LOW了。
调整后的spring-security.xml配置文件
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd <span style="color:#ff0000;">http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd </span> http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<!-- <http security="none" pattern="/login.action" /> -->
<!-- auto-config = true 则使用from-login. 如果不使用该属性 则默认为http-basic(没有session). -->
<http auto-config="true">
<!--
login-page:默认指定的登录页面.
authentication-failure-url:出错后跳转页面.
default-target-url:成功登陆后跳转页面 默认登录保护url
login-processing-url:用户登入处理路径,默认:/j_spring_security_check
username-parameter:验证用户输入的用户名,默认:j_username
password-parameter:验证用户输入的密码 ,默认:J_password
-->
<form-login
login-page="/login.action"
default-target-url="/welcome.action"
authentication-failure-url="/login.action?error"
login-processing-url="/j_spring_security_check"
username-parameter="username"
password-parameter="password" />
<!-- logout-success-url:成功注销后跳转到的页面; -->
<!-- logout-url 用户注销处理路径,默认:/j_spring_security_logout -->
<!-- invalidate-session 是否注销当前会话 -->
<logout
logout-url="/j_spring_security_logout"
logout-success-url="/login.action"
invalidate-session="true" />
<intercept-url pattern="/login.action" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern="/**" access="ROLE_USER" />
</http>
<authentication-manager>
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="select d_username username,d_password password, d_enabled enabled from t_users where d_username=?"
authorities-by-username-query="select d_username username, d_role role from t_user_roles where d_username=? " />
</authentication-provider>
</authentication-manager>
</beans:beans>
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 跟我学Spring3(8.2):对ORM的支持之集成Hibernate3
- Java线程池的测试和分析
- Eclipse加入PHP插件并支持PHP自动提示
- [MAVEN]一、maven入门之软件的下载及配置到Eclipse中
- Eclipse真机测试注意事项
- spring入门(12)-spring与hibernate整合完成增删改查的操作(继承HibernateDaoSupport调用hibernateTemplate类)
- spring入门(11)-spring与hibernate整合完成增删改查的操作(封装HibernateTemplate模版类对象)
- java中编码
- Java基础2
- java类加载资源的问题
- Java中获取键盘事件
- Spring ResourceLoader.getResource() & getResources()的理解
- java中静态代码块的用法 static用法详解
- 在Eclipse中设置文件的默认打开方式
- java 内存机制
- java异常
- Java通过JDBC访问数据库(两种方式)
- 用JAVA代码实现验证邮箱地址是否符合
- Java Timer&TimerTask源码分析
- JavaSrcipt学习日记(一) 基础篇