VIKEnut'

Es

РусскийDeutschPortuguês

Tema oscuro

Escribir

Tema oscuro

Es

РусскийDeutschPortuguês
javaspring-securityspring-mvcspringlogin

Spring-Security: el nombre de usuario se envía vacío para iniciar sesión después de la actualización a Spring-Security 4.1

Estoy trabajando en una aplicación basada en Spring-MVC en la que estamos utilizando Spring-Security para iniciar sesión, autorización. Antes usábamos la versión 3.2.5 y la actualización era 4.1.1. Sin embargo, después de actualizar, el mecanismo de inicio de sesión se rompe ya que el nombre de usuario enviado es nulo. No se que va mal. Se agradece cualquier ayuda.

securityApplicationContext.xml:

<security:http pattern="/resources/**" security="none"/>

    <security:http create-session="ifRequired" use-expressions="true" auto-config="false" disable-url-rewriting="true">
        <security:form-login login-page="/login" login-processing-url="/j_spring_security_check" default-target-url="/dashboard" always-use-default-target="false" authentication-failure-url="/denied" />
        <!--<security:remember-me key="_spring_security_remember_me" user-service-ref="userDetailsService" token-validity-seconds="1209600" data-source-ref="dataSource"/>-->
        <security:logout delete-cookies="JSESSIONID" invalidate-session="true" logout-url="/j_spring_security_logout"/>
<!--     <security:intercept-url pattern="/**" requires-channel="https"/> -->
        <security:intercept-url pattern="/j_spring_security_check" access="permitAll" />
        <security:port-mappings>
        <security:port-mapping http="8080" https="8443"/>
    </security:port-mappings>
    <security:logout logout-url="/logout" logout-success-url="/" success-handler-ref="myLogoutHandler"/>

     <security:session-management session-fixation-protection="migrateSession">
         <security:concurrency-control session-registry-ref="sessionRegistry" max-sessions="5" expired-url="/login"/>
     </security:session-management>
    <security:csrf disabled="true"/>
    </security:http>
 <security:authentication-manager alias="authenticationManager">
        <security:authentication-provider user-service-ref="LoginServiceImpl">
           <security:password-encoder  ref="encoder"/>
        </security:authentication-provider>
    </security:authentication-manager>

    <beans:bean id="encoder"
                class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder">
        <beans:constructor-arg name="strength" value="11" />
    </beans:bean>

    <beans:bean id="daoAuthenticationProvider"
                class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
                <beans:property name="userDetailsService" ref="LoginServiceImpl"/>
               <beans:property name="passwordEncoder" ref="encoder"/>
    </beans:bean>

web.xml:

<context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/spring/root-context.xml,/WEB-INF/spring/appServlet/security-applicationContext.xml</param-value>
    </context-param>

    <session-config>
        <session-timeout>2440</session-timeout>
    </session-config>
    <listener>
        <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
    </listener>
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>
 <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
        <async-supported>true</async-supported>
        <init-param>
            <param-name>contextAttribute</param-name>
            <param-value>org.springframework.web.context.WebApplicationContext.ROOT</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

Registro de depuración :

DEBUG: org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/resources/**'
DEBUG: org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
DEBUG: org.springframework.security.web.context.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
DEBUG: org.springframework.security.web.context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@56af71ce. A new one will be created.
DEBUG: org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 2 of 12 in additional filter chain; firing Filter: 'ConcurrentSessionFilter'
DEBUG: org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 3 of 12 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
DEBUG: org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 4 of 12 in additional filter chain; firing Filter: 'HeaderWriterFilter'
DEBUG: org.springframework.security.web.header.writers.HstsHeaderWriter - Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@2a868e9a
DEBUG: org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 5 of 12 in additional filter chain; firing Filter: 'LogoutFilter'
DEBUG: org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/j_spring_security_logout'
DEBUG: org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 6 of 12 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
DEBUG: org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/j_spring_security_check'
DEBUG: org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Request is to process authentication
DEBUG: org.springframework.security.authentication.ProviderManager - Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider
Username is 
DEBUG: org.springframework.security.authentication.dao.DaoAuthenticationProvider - User '' not found
DEBUG: org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Bad credentials
DEBUG: org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Updated SecurityContextHolder to contain null Authentication
DEBUG: org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Delegating to authentication failure handler org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@75d32cb4
DEBUG: org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler - Redirecting to /denied
DEBUG: org.springframework.security.web.DefaultRedirectStrategy - Redirecting to '/denied'

Código de inicio de sesión:

<div class="col-xs-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-4 col-lg-offset-4">
    <div class="container-fluid white-div">
        <div class="col-xs-12 col-md-12">
            <h2><spring:message code="login.title"/></h2>
            <form id="login-form" class="login-page" action="<c:url value='/j_spring_security_check'/>" method="POST">
                <div class="form-group">
                    <label><spring:message code="login.label.email"/> <span id="eMailError" class="red-font"></span></label>
                    <input type="email" name="j_username" id="j_username" value="" class="form-control input" placeholder="<spring:message code="common.input.email.placeholder"/>">
                </div>
                <div class="form-group">
                    <label><spring:message code="login.label.password"/> <span id="passwordError" class="red-font"></span></label>
                    <input type="password" name="j_password" id="j_password"  class="form-control input"  placeholder="<spring:message code="login.password.placeholder"/>">
                </div>
                <div class="checkbox">
                    <a href="#" class="forgotpassword pull-right" data-toggle="modal" data-target="#passwordForgotModal"><spring:message code="login.forgotpassword"/></a>
                </div>
                <br>
                <div class="form-group">
                    <button class="btn btn-primary btn-lg pull-right"><spring:message code="login.submit"/></button>
                </div>
                <div class="form-group">
                    <span><spring:message code="login.registration.text"/> <a href="/registration" class="forgotpassword"><spring:message code="login.registration.link"/></a></span>
                </div>
            </form>
        </div>
    </div>

Se agradece cualquier ayuda. Muchas gracias.

Respuestas a la pregunta(2)

Su respuesta a la pregunta

Preguntas populares

0 la respuesta

Eclipse 3.7 no puede resolver los tipos en el editor de C ++

0 la respuesta

Número de parámetro no válido de la DOP: parámetros en los comentarios

0 la respuesta

Obtenga resultados que caigan dentro de los radios de los marcadores de la base de datos

0 la respuesta

manejar el evento de clic fuera del botón

0 la respuesta

Reescritura de URL en MVC3