Boa tarde! Estou desenvolvendo uma tela de login usando o spring security mas o problema é que mesmo com o usuário e senha corretos não é possível autenticar. Diz que o usuário e senha estão incorretos. Desenvolvi a segurança me baseando em mais de um tutorial e deve ter alguma coisa errada em algum lugar que não estou conseguindo perceber. Se alguém puder dar uma olhada e ajudar, eu agradeço.
Minha Tela de login que se encontra dentro da pasta WebContent
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<ui:composition template="/WEB-INF/templates/template.xhtml"
xmlns="http://www.w3.org/1999/xhtml"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:p="http://primefaces.org/ui"
xmlns:c="http://java.sun.com/jsp/jstl/core">
<ui:define name="content">
<p:dialog header="Login" visible="true" closable="false" draggable="false" resizable="false" width="420">
<center>
<h:outputText value="Usuário ou senha incorretos!" rendered="#{param.erro}" style="color: darkred"/>
</center>
<form action="j_spring_security_check" method="post">
<h:panelGrid columns="2" cellpadding="5">
<h:outputLabel for="j_username" value="Usuario: *" />
<h:inputText id="j_username" required="true"/>
<h:outputLabel for="j_password" value="Senha: * " />
<h:inputSecret id="j_password" required="true"/>
<h:commandButton value="Login"/>
</h:panelGrid>
</form>
</p:dialog>
</ui:define>
</ui:composition>
Meu arquivo applicationContext que se encontra dentro de WebContent/WEB-INF
*Detalhe para esta query de consulta que me deixa intrigada, pois no tutorial que segui o usuário poderia ter mais que um perfil, mas eu quero fazer com um só. Adaptei a query e rodei no banco e está trazendo certinho, quando rodo no banco.
<?xml version="1.0" encoding="UTF-8"?>
<b:beans xmlns="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:b="http://www.springframework.org/schema/beans"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/login.xhtml" access="permitAll" />
<intercept-url pattern="/pages/**" access="hasRole('ROLE_ADMIN')" />
<form-login login-page="/login.xhtml"
authentication-failure-url="/login.xhtml?erro=true"
default-target-url="/pages/main.xhtml" />
<logout logout-success-url="/login.xhtml" />
</http>
<authentication-manager>
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="SELECT su.username as username, su.password as
password FROM usuario su WHERE su.username=?"
authorities-by-username-query="SELECT u.username as username, u.tipousuario
as authority FROM usuario u WHERE u.username=?" />
</authentication-provider>
</authentication-manager>
<b:bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<b:property name="url" value="jdbc:postgresql://localhost:5432/controle_didatico_bd" />
<b:property name="driverClassName" value="org.postgresql.Driver" />
<b:property name="username" value="postgres" />
<b:property name="password" value="admin" />
</b:bean>
</b:beans>
O meu arquivo web.xml que também está dentro de WebContent/WEB-INF
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<display-name>controleDidatico</display-name>
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Production</param-value>
</context-param>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>pages/main.xhtml</welcome-file>
</welcome-file-list>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/applicationContext.xml</param-value>
</context-param>
<listener>
<listener-class>
com.sun.faces.config.ConfigureListener
</listener-class>
</listener>
<!-- Início das configurações para o Spring Security 3 -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Fim das configuração para utilizar o Spring Security 3 -->
</web-app>
E por último minha classe UsuárioBean
package br.com.secretaria.controller;
import java.io.Serializable;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.SessionScoped;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import br.com.secretaria.model.Usuario;
@ManagedBean
@SessionScoped
public class UsuarioBean implements Serializable{
/**
*
*/
private static final long serialVersionUID = 1L;
private Usuario usuario;
public UsuarioBean() {
usuario = new Usuario();
SecurityContext context = SecurityContextHolder.getContext();
if (context instanceof SecurityContext){
Authentication authentication = context.getAuthentication();
if (authentication instanceof Authentication){
usuario.setUsername(((User)authentication.getPrincipal()).getUsername());
}
}
}
/**
* @return the usuario
*/
public Usuario getUsuario() {
return usuario;
}
/**
* @param usuario the usuario to set
*/
public void setUsuario(Usuario usuario) {
this.usuario = usuario;
}
}