求教:Spring security3.1自定义登陆验证器问题。 10
废话不多说,先贴上配置:<s:httpentry-point-ref="authenticationProcessingFilterEntryPoint"><s:form...
废话不多说,先贴上配置:
<s:http entry-point-ref="authenticationProcessingFilterEntryPoint">
<s:form-login />
<s:logout/>
<!-- 实现免登陆验证 -->
<s:remember-me/>
<!-- 会话管理 -->
<s:session-management invalid-session-url="/WEB-INF/common/timeout.jsp">
<!-- 防止重复登陆 -->
<s:concurrency-control max-sessions="1" error-if-maximum-exceeded="true"/>
</s:session-management>
<s:custom-filter ref="loginFilter" position="FORM_LOGIN_FILTER"/>
<s:custom-filter ref="myFilter" before="FILTER_SECURITY_INTERCEPTOR"/>
</s:http>
<!-- 登录验证器 -->
<bean id="loginFilter"
class="com.seaway.service.impl.security.LoginAuthenticationFilter">
<!-- 处理登录的action -->
<property name="filterProcessesUrl" value="/j_spring_security_check"/>
<!-- 验证成功后的处理-->
<property name="authenticationSuccessHandler" ref="loginLogAuthenticationSuccessHandler"/>
<!-- 验证失败后的处理-->
<property name="authenticationFailureHandler" ref="simpleUrlAuthenticationFailureHandler"/>
<property name="authenticationManager" ref="myAuthenticationManager"/>
</bean>
<bean id="loginLogAuthenticationSuccessHandler"
class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<property name="defaultTargetUrl" value="/main.jsp"/>
</bean>
<bean id="simpleUrlAuthenticationFailureHandler"
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<!-- 可以配置相应的跳转方式。属性forwardToDestination为true采用forward false为sendRedirect -->
<property name="defaultFailureUrl" value="/login.jsp"/>
</bean>
<!-- 未登录的切入点 -->
<bean id="authenticationProcessingFilterEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
<property name="loginFormUrl" value="/login.jsp"/>
</bean>
使用自定义登陆验证器时我已经在<s:http>中去掉了auto-config的默认配置 并且加入了登陆切入点设置,为啥还是报错?:
org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Filter beans '<loginFilter>' and '<org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#0>' have the same 'order' value. When using custom filters, please make sure the positions do not conflict with default filters. Alternatively you can disable the default filters by removing the corresponding child elements from <http> and avoiding the use of <http auto-config='true'>.
登陆验证LoginAuthenticationFilter 必须继承UsernamePasswordAuthenticationFilter。错误提示:have the same 'order' value 本来就应该一样的吧?
不得其解,求大侠解答。
你妹的,就是手贱多加了个<s:form-login />,去掉就好了。 展开
<s:http entry-point-ref="authenticationProcessingFilterEntryPoint">
<s:form-login />
<s:logout/>
<!-- 实现免登陆验证 -->
<s:remember-me/>
<!-- 会话管理 -->
<s:session-management invalid-session-url="/WEB-INF/common/timeout.jsp">
<!-- 防止重复登陆 -->
<s:concurrency-control max-sessions="1" error-if-maximum-exceeded="true"/>
</s:session-management>
<s:custom-filter ref="loginFilter" position="FORM_LOGIN_FILTER"/>
<s:custom-filter ref="myFilter" before="FILTER_SECURITY_INTERCEPTOR"/>
</s:http>
<!-- 登录验证器 -->
<bean id="loginFilter"
class="com.seaway.service.impl.security.LoginAuthenticationFilter">
<!-- 处理登录的action -->
<property name="filterProcessesUrl" value="/j_spring_security_check"/>
<!-- 验证成功后的处理-->
<property name="authenticationSuccessHandler" ref="loginLogAuthenticationSuccessHandler"/>
<!-- 验证失败后的处理-->
<property name="authenticationFailureHandler" ref="simpleUrlAuthenticationFailureHandler"/>
<property name="authenticationManager" ref="myAuthenticationManager"/>
</bean>
<bean id="loginLogAuthenticationSuccessHandler"
class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<property name="defaultTargetUrl" value="/main.jsp"/>
</bean>
<bean id="simpleUrlAuthenticationFailureHandler"
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<!-- 可以配置相应的跳转方式。属性forwardToDestination为true采用forward false为sendRedirect -->
<property name="defaultFailureUrl" value="/login.jsp"/>
</bean>
<!-- 未登录的切入点 -->
<bean id="authenticationProcessingFilterEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
<property name="loginFormUrl" value="/login.jsp"/>
</bean>
使用自定义登陆验证器时我已经在<s:http>中去掉了auto-config的默认配置 并且加入了登陆切入点设置,为啥还是报错?:
org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Filter beans '<loginFilter>' and '<org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#0>' have the same 'order' value. When using custom filters, please make sure the positions do not conflict with default filters. Alternatively you can disable the default filters by removing the corresponding child elements from <http> and avoiding the use of <http auto-config='true'>.
登陆验证LoginAuthenticationFilter 必须继承UsernamePasswordAuthenticationFilter。错误提示:have the same 'order' value 本来就应该一样的吧?
不得其解,求大侠解答。
你妹的,就是手贱多加了个<s:form-login />,去掉就好了。 展开
1个回答
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询
