Mam problem ze SpringSecurity. To mój kontroler:
@Secured({ "user", "administrator" })
@RequestMapping("/profile")
public String profile(HttpServletRequest request) {
return "profile";
}
Kiedy użyłam:
CREATE TABLE USER_TYPE
(
ID SMALLINT NOT NULL AUTO_INCREMENT PRIMARY KEY,
NAME VARCHAR(255) NOT NULL
);
CREATE TABLE USER
(
ID BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY,
EMAIL VARCHAR(255) NOT NULL,
LOGIN VARCHAR(255) NOT NULL,
PASSWORD VARCHAR(255) NOT NULL,
USER_TYPE_ID SMALLINT NOT NULL DEFAULT 2
);
ALTER TABLE USER
ADD CONSTRAINT USER_ID_USER_TYPE
foreign key(USER_TYPE_ID) REFERENCES USER_TYPE(ID) ON DELETE CASCADE;
INSERT INTO USER_TYPE VALUES(1, 'administrator');
INSERT INTO USER_TYPE VALUES(2, 'user');
Naprawdę nie wiem co robię źle. Proszę pomóżcie mi! Może to przez moją stronę do logowania? Kawałek kodu mojego kontrolera do logowania:
@RequestMapping("/postLogin")
public String postLogin(HttpServletRequest request, @ModelAttribute("userDto") @Valid UserDTO userDto,
BindingResult result) throws Exception {
HttpSession session = request.getSession();
UserEntity user = dao.findByLoginAndPassword(userDto.getLogin(), SHA1Encoder.getEncodeWord(userDto.getPassword()));
session.setAttribute("User", user);
return "redirect:/home";
}
@RequestMapping("/")
public String welcome(Model model, HttpServletRequest request) {
UserDTO user = new UserDTO();
model.addAttribute("userDto", user);
return "index";
}
Mój kawałek strony index.jsp:
<form:form action="/Webapp/postLogin" method="POST"
modelAttribute="userDto">
<form:input type="text" path="login" value="" placeholder="Login" /> |
<form:input type="password" path="password" value="" placeholder="Password" /> |
<input type="submit" value="Log in" name="submit" /> |
</form:form>
Mój kawałek security-context.xml:</p> <http auto-config="true" use-expressions="true"> <form-login login-page="/" default-target-url="/home" authentication-failure-url="/?error=1" username-parameter="login" password-parameter="password" /> <logout logout-success-url="/signUp" /> <csrf /> </http>
Sformatowany topic na stackoverflow: http://stackoverflow.com/questions/37334908/jdbc-user-service-not-working-properly