Error while logging in with Spring Security and JSF

Asked

Viewed 305 times

2

I am trying to implement a login with Spring Security 4.0.1.RELEASE and JSF 2.2, when trying to log in it always returns as invalid login.

login.xhtml

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"
  xmlns:ui="http://xmlns.jcp.org/jsf/facelets"
  xmlns:f="http://xmlns.jcp.org/jsf/core"
  xmlns:h="http://xmlns.jcp.org/jsf/html"> 

<h:head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>
    <ui:insert name="title">Login</ui:insert>
</title>
<h:outputScript library="jquery" name="jquery-2.1.3.min.js" />
<h:outputStylesheet library="bootstrap/css" name="bootstrap.min.css" />
<h:outputStylesheet library="bootstrap/css" name="bootstrap-theme.min.css" />
<h:outputScript library="bootstrap/js" name="bootstrap.min.js" />
<link rel="shortcut icon" type="image/x-icon" href="#{request.contextPath}/resources/img/favicon.ico"/>

</h:head>          

<h:body>
<br/><br/>
<div class="container">
    <div class="col-md-4 col-md-offset-4">
        <div class="panel panel-default">
            <div class="panel-heading" style="background-color: #EEEEEE;">
                <h3 class="panel-title">
                    <strong>Login </strong>
                </h3>
            </div>
            <div class="panel-body">
                <form role="form" action="#{request.contextPath}/j_spring_security_check" method="post">
                    <div class="form-group">
                        <label for="j_username">Usuário</label>
                        <input type="text" name="j_username" class="form-control"
                               id="j_username" placeholder="Digite seu usuário" />
                    </div>
                    <div class="form-group">
                        <label for="j_password">Senha </label> <a
                            style="padding-right: 3px;" href="#">(esqueci a senha)</a>
                            <input type="password" name="j_password" class="form-control"
                            id="j_password" placeholder="Digite sua senha" />
                    </div>                  
                    <div class="form-group">
                        <button type="submit" class="btn btn-default">Login</button>                          
                    </div>
                    <div class="form-group">
                        <h:panelGroup rendered="#{!empty param.login_error}">
                            <span style="color: red">usuário ou senha inválidos</span>
                            <br />
                            <br />
                        </h:panelGroup>
                    </div>
                </form>
            </div>
        </div>
    </div>
</div>
</h:body>
</html>

applicationContext-security.xml

<?xml version="1.0" encoding="UTF-8"?>
<b:beans xmlns="http://www.springframework.org/schema/security"
xmlns:b="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
                    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd">


<http>
<csrf disabled="true" />
    <intercept-url pattern="/admin/**" access="hasRole('ROLE_ADMIN')" />
    <intercept-url pattern="/restrito/**" access="hasRole('ROLE_USER,ROLE_ADMIN')" />
    <intercept-url pattern="/public/**" access="hasRole('ROLE_USER,ROLE_ADMIN')" />        

    <intercept-url pattern="/j_spring_security_check" access="IS_AUTHENTICATED_ANONYMOUSLY"/>        

    <form-login login-page="/login.xhtml" 
    default-target-url="/public/index.xhtml" 
    login-processing-url="/j_spring_security_check"
    authentication-failure-url="/login.xhtml?login_error=1" />
</http>

<authentication-manager>
    <authentication-provider>
        <user-service>
            <user name="admin" password="admin" authorities="ROLE_ADMIN" />
            <user name="usuario" password="usuario" authorities="ROLE_USER" />
        </user-service>
    </authentication-provider>
</authentication-manager>
</b:beans>

web xml.

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
<display-name>helloworld</display-name>
<servlet>
    <servlet-name>Faces Servlet</servlet-name>
    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>*.jsf</url-pattern>
</servlet-mapping>
<servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>*.faces</url-pattern>
</servlet-mapping>
<servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>*.xhtml</url-pattern>
</servlet-mapping>

<welcome-file-list>
    <welcome-file>login.xhtml</welcome-file>
</welcome-file-list>

<context-param>
    <param-name>javax.faces.PROJECT_STAGE</param-name>
    <param-value>Development</param-value>
</context-param>    

<session-config>
    <session-timeout>30</session-timeout>
</session-config>  

<context-param>
    <param-name>primefaces.skin</param-name>
    <param-value>none</param-value>
</context-param>

<context-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>/WEB-INF/spring/applicationContext-security.xml</param-value>
</context-param>

<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>   

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping> 
</web-app>

What could be wrong?

  • To make sure that the error is occurring add this code to the page: #{sessionScope['SPRING_SECURITY_LAST_EXCEPTION'].message}. Because the fault may not be related to invalid login.

  • Message appeared: Bad credentials

No answers

Browser other questions tagged

You are not signed in. Login or sign up in order to post.