-1
这是我的弹簧security.xml文件:春季安全说明“坏凭据”的错误,而不是重定向
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/courses*" access="hasRole('ROLE_USER')" />
<custom-filter before="FORM_LOGIN_FILTER" ref="MyAuthFilter" />
<form-login
login-page="/login"
default-target-url="/courses"
authentication-failure-url="/login?error"
username-parameter="loginField"
password-parameter="passwordField" />
<csrf disabled="true" />
</http>
<authentication-manager alias="authenticationManager">
<authentication-provider>
<user-service>
<user name="ars" password="1234" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
这里是MyAuthFilter:
@Component("MyAuthFilter")
public class MyAuthFilter extends UsernamePasswordAuthenticationFilter {
@Autowired
@Qualifier("authenticationManager")
@Override
public void setAuthenticationManager(AuthenticationManager authenticationManager) {
super.setAuthenticationManager(authenticationManager);
}
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
throws AuthenticationException {
System.out.println("running my own version of UsernmePasswordFilter ... ");
LoginForm loginForm = new LoginForm();
loginForm.setUsername(request.getParameter("login"));
loginForm.setPassword(request.getParameter("password"));
request.setAttribute("error", 3);
System.out.println("login : " + loginForm.getUsername());
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(loginForm.getUsername(), loginForm.getPassword());
setDetails(request, authRequest);
Authentication authResult = this.getAuthenticationManager().authenticate(authRequest);
return authResult;
}
}
当我输入错误的登录名或密码就说明“错误的凭据”错误,而不是重定向到登录页面。没有自定义过滤器,它工作正常。 我只想检查登录名\密码有什么问题,并设置“错误”可以修改,我用登录表单显示具体的错误,如“空通”等。
我需要做一个登录页面女巫显示混凝土错误,如“空传递\空登录\两个空\错误的登录或传递”。如果有人能够通过示例或指导进行验证,我将会非常高兴。
型AuthenticationSuccessHandler的没有合格的bean定义成功和失败处理机
。 – CortezDaCardinal
你需要像上面那样定义那些bean – kuhajeyan
我是这样做的,它显示错误 'org.springframework.beans.factory.NoSuchBeanDefinitionException:没有提供'org.springframework.security.web.authentication.AuthenticationSuccessHandler'类型的限定bean可用:预计至少有1个符合自动导向候选人的bean。依赖注释:{} – CortezDaCardinal