jsfbean方法不使用Spring Security 和jsf自定义登录调用

x8diyxa7  于 2021-09-29  发布在  Java
关注(0)|答案(0)|浏览(201)

我知道我所问的是一个被广泛讨论的主题,但我仍然停留在一个点上,无法找出哪里出了问题。
在将jsf与Spring Security 结合使用时,自定义登录表单不会调用MyBean方法。
这是我的securityconfig类-

@Configuration
    @EnableWebSecurity
    public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
    // require all requests to be authenticated except for the resources
    http.authorizeRequests().antMatchers("/javax.faces.resource/**")
        .permitAll().anyRequest().authenticated();
   // login
   http.formLogin().loginPage("/login.xhtml").permitAll()
       .failureUrl("/login.xhtml?error=true");
   // logout
   http.logout().logoutSuccessUrl("/login.xhtml");
   // not needed as JSF 2.2 is implicitly protected against CSRF
   http.csrf().disable();
   }

   @Autowired
   public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
   auth
        .inMemoryAuthentication()
        .withUser("pratik123").password("{noop}pratik123").roles("USER");
   }

自定义登录页面-login.xhtml

<div class="col-sm height-100" style="background-color: #fff;">

    <div class="card margin-top-bottom-20">
                <div class="card-header">
                    <h3>Sign In</h3>
                </div>
                <div class="card-body">
                    <h:form prependId="false">

                        <p:messages id="messages" showDetail="false" closable="true">
                            <p:autoUpdate />
                        </p:messages>                           

                        <div class="input-group form-group">
                            <div class="input-group-prepend">
                                <span class="input-group-text"><!-- <i class="fas fa-key"></i> --></span>
                            </div>
                            <p:inputText id="username" required="true" placeholder="User Name" 
                                    label="User name" class="form-control" value="#{loginBeanNew.userName}"
                                    requiredMessage="Username may not be empty.">
                            </p:inputText>

                        </div>
                        <div class="input-group form-group">
                            <div class="input-group-prepend">
                                <span class="input-group-text"><i class="fas fa-key"></i></span>
                            </div>
                            <p:password id="password" required="true" placeholder="Password" 
                                    label="Password" class="form-control"  value="#{loginBeanNew.userPassword}"
                                    requiredMessage="Password may not be empty.">
                            </p:password>
                        </div>

                        <div class="form-group">
                            <h:commandButton id="login" value="Login" update="messages" class="btn float-left login_btn mt-3" 
                                            action="#{loginBeanNew.login}" ajax="false" />                              
                        </div>
                    </h:form>
                </div>
                <div class="card-footer">
                    <div class="d-flex justify-content-center links">
                        Don't have an account?
                        <p:commandLink styleClass="link_blue font-size-16 ml-2" action="#{registrationBean.registerNewUser}" immediate="true">
                            <h:outputText value=" Sign Up"/>
                        </p:commandLink>
                    </div>
                    <div class="d-flex justify-content-center links">
                        OR Sign In as Guest User
                        <p:commandLink styleClass="link_blue font-size-16 ml-2" action="#{guestUserBean.redirectToGuestUserPage}" immediate="true">
                            <h:outputText value=" Guest User Login"/>
                        </p:commandLink>
                    </div>
                </div>
            </div>

</div>

bean-loginbeanew

@Log4j2
@SessionScoped
@Component(value = "loginBeanNew")
@ManagedBean
@Named
@Getter
@Setter
@Join(path = "/login", to = "/login.xhtml")
public class LoginBeanNew implements Serializable { 

public String login() {

    System.out.println("login method called.");
    System.out.println(this.getUserName());
    System.out.println(this.getUserPassword());

    ... Some more code 

}

}

和web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
version="3.1">
<welcome-file-list>
    <welcome-file>home.html</welcome-file>
    <welcome-file>default.html</welcome-file>
</welcome-file-list>

<context-param>
    <param-name>primefaces.PRIVATE_CAPTCHA_KEY</param-name>
    <param-value>YOUR_PRIVATE_KEY</param-value>
</context-param>
<context-param>
    <param-name>primefaces.PUBLIC_CAPTCHA_KEY</param-name>
    <param-value>YOUR_PUBLIC_KEY</param-value>
</context-param>

<context-param>
    <param-name>javax.faces.PROJECT_STAGE</param-name>
    <param-value>Development</param-value>
</context-param>

<!-- Comment removed -->
<servlet>
    <servlet-name>Faces Servlet</servlet-name>
    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>*.jsf</url-pattern>
</servlet-mapping>
<!-- <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> 
    </listener> -->
<listener>
    <listener-class>org.springframework.web.context.request.RequestContextListener
    </listener-class>
</listener>
<!-- Comment removed -->

<servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>*.xhtml</url-pattern>
</servlet-mapping>

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>
        org.springframework.web.filter.DelegatingFilterProxy
    </filter-class>
</filter>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>REQUEST</dispatcher>
</filter-mapping>

</web-app>

而且,我没有从日志中找到太多,为什么不调用bean方法。
--一些变化--
在对安全配置进行一些更改时,我设法调用了bean方法,但默认情况下是登录页面身份验证。
securityconfig更改-

@Configuration
    @EnableWebSecurity
    public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
protected void configure(HttpSecurity http) throws Exception {

    http
    .cors()
    .and()
    .csrf().disable()
    .authorizeRequests()
        .antMatchers("/css/**", "/js/**", "/images/**", "/javax.faces.resource/**", "/login.xhtml").permitAll()
    .anyRequest().authenticated().and().httpBasic();

}

    @Bean
public CorsConfigurationSource corsConfigurationSource() {
    CorsConfiguration configuration = new CorsConfiguration();
    configuration.setAllowedOrigins(Arrays.asList("*"));
    configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"));
    configuration.setAllowedHeaders(Arrays.asList("authorization", "content-type", "x-auth-token"));
    configuration.setExposedHeaders(Arrays.asList("x-auth-token"));
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", configuration);
    return source;
}

    @Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
    auth
            .inMemoryAuthentication()
            .withUser("pratik123").password("{noop}pratik123").roles("USER");
}

}

使用bean方法调用的configure方法中的上述代码,我希望使用自定义登录,而不是手动为默认登录提供凭据。有人知道怎么做吗??或者我的第一个方法是正确的,我的第一个securityconfig类。如果是这样的话,那么如何使用自定义登录调用我的登录bean方法呢。提前谢谢。

spring-securityjsf

暂无答案!

目前还没有任何答案,快来回答吧!

我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com