2013-05-06 217 views
0

过去几天我已经能够进行身份验证,但最近必须重新安装我的程序后,我无法再进行身份验证。没有错误消息,hql查询显示在控制台中,页面重定向回登录页面。Spring安全认证不再起作用

安全XML

<http auto-config="true" use-expressions="true"> 

<intercept-url pattern="/**" requires-channel="https" /> 
<intercept-url pattern='/admin/admin/**' access="hasRole('ROLE_ADMIN')" /> 
<intercept-url pattern='/main/home/**' access="hasRole('ROLE_USER')" /> 
<intercept-url pattern='/main/user/setter/settingpage' 

access="hasRole('ROLE_USER')" /> 
<intercept-url pattern='/main/user/setter/addpage' access="hasRole('ROLE_USER')" /> 

<form-login login-page="/" default-target-url="/main/home" /> 
<logout logout-url="/logout" invalidate-session="true" logout-success-url="/" /> 

输出查询

Hibernate: select userentity0_.user_id as user1_2_, userentity0_.active as 

    active2_, userentity0_.checker_id as checker7_2_, userentity0_.email as email2_, 

    userentity0_.name as name2_, userentity0_.password as password2_, 

    userentity0_.username as username2_ from user userentity0_ where 

    userentity0_.username=? 

我希望知道,为什么我不能再登录。

+0

你看到下面的答案中加入这一行?它有帮助吗? – Michael 2013-05-17 06:52:14

回答

0

我可以看到2个问题,在您的配置:

1)你没有配置登录URL(它不能\

<form-login login-page="/login" default-target-url="/main/home" /> 

2)不要登录URL添加授权。在开始的时候(前pattern='/main/home/**'

<intercept-url pattern="/login*" access="permitAll" />