我正在尝试使用Apache Shiro框架1.2.4来满足我们的Spring MVC Web应用程序的安全需求。 我在应用程序上下文中包含了configuration细节,下面是pom.xml和web.xml。 当用户点击login屏幕上的提交button时,Shiro不authentication用户。 你可以让我知道任何解决scheme来解决这个问题?
applicationContext.xml中
<bean id="dbdataSource" class="org.springframework.jndi.JndiObjectFactoryBean"> <property name="jndiName" value="jdbc/Appweb" /> </bean> <bean id="jpaVendorAdapter" class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter"> <property name="showSql" value="true" /> <property name="generateDdl" value="true" /> <property name="database" value="POSTGRESQL" /> </bean> <bean id="entityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean"> <property name="dataSource" ref="dbdataSource" /> <property name="jpaVendorAdapter" ref="jpaVendorAdapter" /> <!-- spring based scanning for entity classes --> <property name="packagesToScan" value="com.tracktrace.dao.jpa" /> </bean> <bean id="jpaRealm" class="com.appweb.security.JpaShiroRealm"></bean> <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager" depends-on="jpaRealm"> <property name="realm" ref="jpaRealm" /> <property name="sessionMode" value="native"/> </bean> <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" /> <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <property name="securityManager" ref="securityManager" /> <property name="loginUrl" value="/login"/> <property name="successUrl" value="/"/> <property name="unauthorizedUrl" value="/login"/> <property name="filterChainDefinitions"> <value> /login = authc /login.jsp = authc /** = authc </value> </property> </bean> Web.xml Appweb应用程序
<listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> <listener> <listener-class>com.tracktrace.controller.common.SessionListener</listener-class> </listener> <listener> <listener-class>com.tracktrace.controller.common.ApplicationListener</listener-class> </listener> <listener> <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class> </listener> <context-param> <param-name>contextConfigLocation</param-name> <param-value>/WEB-INF/appContext.xml</param-value> </context-param> <context-param> <param-name>shiroEnvironmentClass</param-name> <param-value>org.apache.shiro.web.env.DefaultWebEnvironment</param-value> </context-param> <servlet> <servlet-name>Appweb</servlet-name> <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>Appweb</servlet-name> <!-- <url-pattern>*.htm</url-pattern> --> <url-pattern>/</url-pattern> </servlet-mapping> <filter> <filter-name>shiroFilter</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> <init-param> <param-name>targetFilterLifecycle</param-name> <param-value>true</param-value> </init-param> </filter> <filter-mapping> <filter-name>shiroFilter</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> <dispatcher>INCLUDE</dispatcher> <dispatcher>ERROR</dispatcher> </filter-mapping>
pom.xml中的依赖关系
<dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-core</artifactId> <version>${shiro.version}</version> </dependency> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-web</artifactId> <version>${shiro.version}</version> </dependency> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-aspectj</artifactId> <version>${shiro.version}</version> </dependency> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring</artifactId> <version>${shiro.version}</version> </dependency>
Login.jsp页面
<form action=""> user name:<input type="text" name="username" id="username"/><br/> password: <input type="password" name="password" id="password"/><br/>
记住我:
先谢谢你。