0
Spring SecurityでAngular.jsのアプリケーションを開発しています。私はユーザー名とパスワードをUIから春のセキュリティに送ることができません。 NULLポインタ例外を取得しています。デバッグ後に、usernameがnullであることがわかりました。 Googleで多くの検索をしましたが、修正できませんでした。ログインボタンをクリックすると、デバッガはuserdetailserviceimpl.javaクラスに移動し、usernameがnullであることがわかります。通常の場合、私は春のセキュリティのログインフォームを使用している場合、私は間違った資格情報のユーザー名でフォームを提出する場合は、nullから来ているが、UIからのajax呼び出しではnullになる。anglejsからspring securityへのユーザ名とパスワードを取得できません。
SecurityConfig.java
@Autowired
public void configAuthBuilder(AuthenticationManagerBuilder builder) throws Exception {
builder.userDetailsService(userDetailServiceImpl);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/app/**").permitAll()
.antMatchers("/login.html").permitAll()
.anyRequest().authenticated()
.and()
.exceptionHandling()
.authenticationEntryPoint(unauthorisedHandler)
.accessDeniedHandler(accessDenied)
.and()
.formLogin()
.loginProcessingUrl("/authenticate")
.successHandler(authSuccess)
.usernameParameter("username")
.passwordParameter("password")
.permitAll()
.and()
.logout().logoutSuccessHandler(logoutSuccess).permitAll()
.and()
.csrf().disable();
}
UserDetailServiceImpl.java
@Service
public class UserDetailServiceImpl implements UserDetailsService {
@Autowired
private LoginDao loginDao;
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException {
UserInfo userInfo = loginDao.loadUserByUsername(username);
System.out.println(userInfo.getUserName() + "" + userInfo.getRole());
GrantedAuthority authority = new SimpleGrantedAuthority(userInfo.getRole());
UserDetails userDetails = (UserDetails)new User(userInfo.getUserName(), userInfo.getPassword(), Arrays.asList(authority));
return userDetails;
}
}
login.controller.js
var vm = this;
vm.credentials = {};
vm.login = function(){
var config = {
params: {
username: vm.credentials.username,
password: vm.credentials.password,
}
};
loginService.login(config);
};
login.service.js
this.login = function(config){
return ajaxService.login("../authenticate",config);
};
共通AJAXサービス
this.login = function (url, dataObj) {
var res = $http({
url: url,
method: 'POST',
data: dataObj,
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'X-Requested-With': 'XMLHttpRequest'
}
});
res.success(function(data, status, headers, config) {
});
res.error(function(data, status, headers, config) {
});
return res;
};
login.htmlと
<div ng-controller='LoginController as lc'>
<form>
<div class="form-group"
ng-class="{'has-error is-focused' : authenticationError}">
<input id="login" ng-model="lc.credentials.username" type="text" class="form-control"
required="required" placeholder="login"/>
<span ng-show="authenticationError" class="help-block">
Please check your credentials and try again.
</span>
</div>
<div class="form-group">
<input id="password" ng-model="lc.credentials.password" type="password" class="form-control"
required="required" placeholder="password"/>
</div>
<input type="checkbox" ng-model="rememberMe"/><span> Remember me</span>
<button ng-click="lc.login()" >Login</button>
</form>
</div>
更新
Nov 22, 2016 12:47:16 AM org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter doFilter
SEVERE: An internal error occurred while trying to authenticate the user.
org.springframework.security.authentication.InternalAuthenticationServiceException
at org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:110)
at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:132)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:177)
at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:94)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:211)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:57)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:958)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:452)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1087)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.NullPointerException
at com.er4u.core.login.service.impl.UserDetailServiceImpl.loadUserByUsername(UserDetailServiceImpl.java:30)
at org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:102)
... 37 more
@ Mr.7設定のユーザー名とパスワード資格情報モデルのhtmlページ –
これは、リクエストで送信されたdataObjの余分なキーが原因であると思います。あなたは 'params:'をリクエストオブジェクトから削除し、オブジェクトに 'username'と' password'を直接追加できますか? –
@ハリージョイ - 提案してくれてありがとうが、私はすでにこれを適用していて動作していません。 –