Bonjour,
j'essaye de m'authentifier avec Spring security
Voici mon fichier de configuration xml
Voici ma login page
Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71 <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context" xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:security="http://www.springframework.org/schema/security" xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.1.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.1.xsd"> <security:http auto-config="true"> <security:intercept-url pattern="/login.jsp" access="isAnonymous()" /> <security:intercept-url pattern="/" access="isAnonymous()" /> <security:logout logout-success-url="/login?logout" /> <!-- enable csrf protection --> <security:csrf /> <security:custom-filter after="FORM_LOGIN_FILTER" ref="authenticationFilter" /> <security:anonymous enabled="true" /> </security:http> <security:authentication-manager alias="authenticationManager"> <security:authentication-provider ref="authenticationProvider" /> </security:authentication-manager> <bean id="authenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="userDetailsService" /> <property name="passwordEncoder" ref="encoder" /> </bean> <bean id="encoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"> <constructor-arg name="strength" value="11" /> </bean> <bean id="userDetailsService" class="spring.security.UserDetailsServiceImpl" /> <bean id="passwordChecker" class="spring.security.impl.PasswordCheckerImpl" /> <bean id="authenticationFilter" class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter" > <property name="authenticationManager" ref="authenticationManager" /> <property name="filterProcessesUrl" value="/login" /> <property name="authenticationSuccessHandler" ref="authenticationSuccessHandler" /> <property name="authenticationFailureHandler" ref="authenticationFailureHandler" /> <property name="usernameParameter" value="username" /> <property name="passwordParameter" value="password" /> </bean> <bean id="authenticationSuccessHandler" class="spring.security.AuthenticationSuccessHandlerImpl"> <property name="defaultTargetUrl" value="/WEB-INF/pages/index.jsp" /> <property name="userManagementService" ref="userManagementService" /> </bean> <bean id="authenticationFailureHandler" class="spring.security.AuthenticationFailureHandlerImpl"> <property name="defaultFailureUrl" value="/login.jsp" /> <property name="userManagementService" ref="userManagementService" /> </bean> <bean id="userManagementService" class="spring.security.UserDetailsServiceImpl"> </bean> </beans>
et quand j'essaye de m'authentifier, une requete POST avec url=/login est faite qui recoit en réponse du serveur un message "302 déplacé temporairement". Le browser renvoie une seconde requête avec url=/login?error avec le même message retourné. Je pense que mon mot de passe est bon (je l'ai généré moi même). Je peux voir dans les logs que les requetes hibernate sont faites pour recupérer mon User. Je ne vois pas comment débuguer plus profondément. Merci d'avance pour vos suggestions.
Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95 <!DOCTYPE html> <%@ include file="/WEB-INF/pages/includes/taglibs.jsp"%> <html class="loginHtml"> <head> <link type="text/css" rel="stylesheet" href="<c:url value ='/resources/css/common.css'/>" /> <link type="text/css" rel="stylesheet" href="<c:url value ='/resources/css/login.css'/>" /> <script src="http://code.jquery.com/jquery-1.11.3.min.js"></script> <script src="http://code.jquery.com/ui/1.11.3/jquery-ui.min.js"></script> <link rel="stylesheet" href="https://code.jquery.com/ui/1.11.3/themes/smoothness/jquery-ui.css" /> <script type="text/javascript" src="<c:url value='/resources/js/login.js'/>"></script> </head> <body id="loginBody" onload=''> <form name='loginForm' action="<c:url value="/login"/>" method='POST'> <fieldset id="fieldsetLoginId" style="width: 495px;"> <legend> <spring:message code="application.login" /> : </legend> <table id="loginTable2"> <tr> <td valign="top" style="width: 100px" align="left"> <label for="username"> <spring:message code="application.login" /> </label> </td> <td valign="top" style="width: 150px" align="left"> <input class="input_form" width="150" type="text" id="username" name="username" /> </td> </tr> <tr> <td valign="top" style="width: 100px" align="left"> <label for="password"> <spring:message code="login.password" /> </label> </td> <td valign="top" style="width: 150px" align="left"> <input class="input_form" width="150" type="password" id="password" name="password" /> </td> </tr> <tr> <td class="loginContainer"> <div>This is a long line of text designed not to wrap when the container becomes too small.</div> </td> </tr> <tr> <td style="width: 100px" /> <td valign="top" align="center"> <input class="input_submit" type="submit" value="<spring:message code="login.connect"/>" /> </td> </tr> <tr> <table id="loginTable3"> <tr> <td valign="top" align="center" class="btn_link"> <!-- onclick="changePassword();" --> <a id="changePasswordId" href="#"> <spring:message code="login.changePassword" /> </a> </td> <td valign="top" align="center" class="btn_link"> <a id="resetPasswordId" href="#"> <spring:message code="login.forgotPassword" /> </a> </td> <td valign="top" align="center" class="btn_link"> <a onclick="userHelp();" href="#"> <spring:message code="login.help" /> </a> </td> </tr> </table> </tr> </table> </fieldset> <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" /> </form> </body> </html>
Partager