我通过login.jsp 登录,结果没有登录成功,但是我找不到原因。以下是拦截信息“-----”是我做的标记求大虾们指教。。--------------------FilterInvocation: URL: /index.jsp
-----needRole:ROLE_ADMIN
----userRole:ROLE_ANONYMOUS
no right...
Hibernate:
select
admin0_.id as id0_,
admin0_.createDate as createDate0_,
admin0_.modifyDate as modifyDate0_,
admin0_.department as department0_,
admin0_.email as email0_,
admin0_.isAccountEnabled as isAccoun6_0_,
admin0_.isAccountLocked as isAccoun7_0_,
admin0_.isCredentialsExpired as isCreden8_0_,
admin0_.lockedDate as lockedDate0_,
admin0_.loginDate as loginDate0_,
admin0_.loginFailureCount as loginFa11_0_,
admin0_.loginIp as loginIp0_,
admin0_.mobile as mobile0_,
admin0_.password as password0_,
admin0_.username as username0_
from
Admin admin0_
where
admin0_.username=?
Hibernate:
select
roleset0_.adminSet_id as adminSet1_1_,
roleset0_.roleSet_id as roleSet2_1_,
role1_.id as id2_0_,
role1_.createDate as createDate2_0_,
role1_.modifyDate as modifyDate2_0_,
role1_.description as descript4_2_0_,
role1_.isSystem as isSystem2_0_,
role1_.name as name2_0_,
role1_.value as value2_0_
from
Admin_Role roleset0_
left outer join
Role role1_
on roleset0_.roleSet_id=role1_.id
where
roleset0_.adminSet_id=?
-------setROLE_USER
-------setROLE_ADMIN
application-security.xml<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-2.5.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-2.5.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<http access-denied-page="/404.jsp" auto-config="true">
<form-login always-use-default-target="true"
default-target-url="/welcome.jsp" login-page="/login.jsp"
authentication-failure-url="/error.jsp" />
<intercept-url pattern="/login.jsp" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/error.jsp" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<http-basic/>
<custom-filter before="FILTER_SECURITY_INTERCEPTOR"
ref="myFilter" />
</http>
<beans:bean id="myFilter" class="com.wangy.security.MyFilterSecurityInterceptor">
<beans:property name="authenticationManager"
ref="authenticationManager" />
<beans:property name="accessDecisionManager"
ref="accessDecisionManager" />
<beans:property name="securityMetadataSource"
ref="securityMetadataSource" />
</beans:bean>
<authentication-manager alias="authenticationManager">
<authentication-provider
user-service-ref="adminDetailsServiceImpl">
<!-- 如果用户的密码采用加密的话,可以加点“盐”
<password-encoder hash="md5" />
-->
</authentication-provider>
</authentication-manager>
<!-- 访问决策器,决定某个用户具有的角色,是否有足够的权限去访问某个资源 -->
<beans:bean id="accessDecisionManager"
class="com.wangy.security.MyAccessDecisionManager">
</beans:bean>
<!-- 资源源数据定义,即定义某一资源可以被哪些角色访问 -->
<beans:bean id="securityMetadataSource"
class="com.wangy.security.MyInvocationSecurityMetadataSource" />
</beans:beans>
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货