1. java
  2. android
  3. c#
  4. .net
  5. javascript
  6. php
  7. jquery
  8. html
  9. sql

Erro ao logar com Spring Security e JSF

Estou tentando implementar um login com Spring Security 4.0.1.RELEASE e JSF 2.2, ao tentar logar ele sempre retorna como login inválido.

login.xhtml

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"
      xmlns:ui="http://xmlns.jcp.org/jsf/facelets"
      xmlns:f="http://xmlns.jcp.org/jsf/core"
      xmlns:h="http://xmlns.jcp.org/jsf/html"> 

<h:head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>
        <ui:insert name="title">Login</ui:insert>
    </title>
    <h:outputScript library="jquery" name="jquery-2.1.3.min.js" />
    <h:outputStylesheet library="bootstrap/css" name="bootstrap.min.css" />
    <h:outputStylesheet library="bootstrap/css" name="bootstrap-theme.min.css" />
    <h:outputScript library="bootstrap/js" name="bootstrap.min.js" />
    <link rel="shortcut icon" type="image/x-icon" href="#{request.contextPath}/resources/img/favicon.ico"/>

</h:head>          

<h:body>
<br/><br/>
    <div class="container">
        <div class="col-md-4 col-md-offset-4">
            <div class="panel panel-default">
                <div class="panel-heading" style="background-color: #EEEEEE;">
                    <h3 class="panel-title">
                        <strong>Login </strong>
                    </h3>
                </div>
                <div class="panel-body">
                    <form role="form" action="#{request.contextPath}/j_spring_security_check" method="post">
                        <div class="form-group">
                            <label for="j_username">Usuário</label>
                            <input type="text" name="j_username" class="form-control"
                                   id="j_username" placeholder="Digite seu usuário" />
                        </div>
                        <div class="form-group">
                            <label for="j_password">Senha </label> <a
                                style="padding-right: 3px;" href="#">(esqueci a senha)</a>
                                <input type="password" name="j_password" class="form-control"
                                id="j_password" placeholder="Digite sua senha" />
                        </div>                  
                        <div class="form-group">
                            <button type="submit" class="btn btn-default">Login</button>                          
                        </div>
                        <div class="form-group">
                            <h:panelGroup rendered="#{!empty param.login_error}">
                                <span style="color: red">usuário ou senha inválidos</span>
                                <br />
                                <br />
                            </h:panelGroup>
                        </div>
                    </form>
                </div>
            </div>
        </div>
    </div>
</h:body>
</html>

applicationContext-security.xml

<?xml version="1.0" encoding="UTF-8"?>
<b:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:b="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd">


    <http>
    <csrf disabled="true" />
        <intercept-url pattern="/admin/**" access="hasRole('ROLE_ADMIN')" />
        <intercept-url pattern="/restrito/**" access="hasRole('ROLE_USER,ROLE_ADMIN')" />
        <intercept-url pattern="/public/**" access="hasRole('ROLE_USER,ROLE_ADMIN')" />        

        <intercept-url pattern="/j_spring_security_check" access="IS_AUTHENTICATED_ANONYMOUSLY"/>        

        <form-login login-page="/login.xhtml" 
        default-target-url="/public/index.xhtml" 
        login-processing-url="/j_spring_security_check"
        authentication-failure-url="/login.xhtml?login_error=1" />
    </http>

    <authentication-manager>
        <authentication-provider>
            <user-service>
                <user name="admin" password="admin" authorities="ROLE_ADMIN" />
                <user name="usuario" password="usuario" authorities="ROLE_USER" />
            </user-service>
        </authentication-provider>
    </authentication-manager>
</b:beans>

web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
    <display-name>helloworld</display-name>
    <servlet>
        <servlet-name>Faces Servlet</servlet-name>
        <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>

    <servlet-mapping>
        <servlet-name>Faces Servlet</servlet-name>
        <url-pattern>/faces/*</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
        <servlet-name>Faces Servlet</servlet-name>
        <url-pattern>*.jsf</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
        <servlet-name>Faces Servlet</servlet-name>
        <url-pattern>*.faces</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
        <servlet-name>Faces Servlet</servlet-name>
        <url-pattern>*.xhtml</url-pattern>
    </servlet-mapping>

    <welcome-file-list>
        <welcome-file>login.xhtml</welcome-file>
    </welcome-file-list>

    <context-param>
        <param-name>javax.faces.PROJECT_STAGE</param-name>
        <param-value>Development</param-value>
    </context-param>    

    <session-config>
        <session-timeout>30</session-timeout>
    </session-config>  

    <context-param>
        <param-name>primefaces.skin</param-name>
        <param-value>none</param-value>
    </context-param>

    <context-param>
                <param-name>contextConfigLocation</param-name>
                <param-value>/WEB-INF/spring/applicationContext-security.xml</param-value>
    </context-param>

    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>   

    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping> 
</web-app>

O que pode estar errado?

  1. Você vai ver essas setas em qualquer página de pergunta. Com elas, você pode dizer se uma pergunta ou uma resposta foram relevantes ou não.
  2. Edite sua pergunta ou resposta caso queira alterar ou adicionar detalhes.
  3. Caso haja alguma dúvida sobre a pergunta, adicione um comentário. O espaço de respostas deve ser utilizado apenas para responder a pergunta.
  4. Se o autor da pergunta marcar uma resposta como solucionada, esta marca aparecerá.
  5. Clique aqui para mais detalhes sobre o funcionamento do GUJ!

0 resposta

Não é a resposta que estava procurando? Procure outras perguntas com as tags jsf spring-security tomcat java-ee ou faça a sua própria pergunta.