spring security

很想吐槽的一个东西

尝试了spring的authentication,使用org.acegisecurity.userdetails.jdbc.JdbcDaoImpl的authenticationDao

代码如下:

 1 package org.hawklithm.acegi;
 2 
 3 import org.acegisecurity.Authentication;
 4 import org.acegisecurity.providers.ProviderManager;
 5 import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
 6 import org.springframework.context.support.ClassPathXmlApplicationContext;
 7 
 8 public class AuthenticateMain {
 9     public void go() {
10         UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken("hawky", "root");
11         ClassPathXmlApplicationContext context=new ClassPathXmlApplicationContext("spring-acegi.xml");
12         ProviderManager manager=(ProviderManager) context.getBean("authenticationManager");
13         Authentication auth=manager.authenticate(authRequest);
14         System.out.println("name: "+auth.getName());
15         System.out.println("String: "+auth.toString());
16         System.out.println("authenticated: "+auth.isAuthenticated());
17     }
18 
19     public static void main(String args[]) {
20         AuthenticateMain auth = new AuthenticateMain();
21         auth.go();
22     }
23 }

配置文件:

    <bean id="authenticationDao" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
        <property name="dataSource" ref="dataSource" />
        <property name="usersByUsernameQuery">
            <value>
                select username,password from user where username= ?
            </value>
        </property>
        <property name="authoritiesByUsernameQuery">
            <value>
                select username,authority from user_privileges where username= ?
            </value>
        </property>
    </bean>

    <bean id="daoAuthenticationProvider"
        class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
        <property name="userDetailsService" ref="authenticationDao" />
    </bean>
    <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
        <property name="providers">
            <list>
                <ref bean="daoAuthenticationProvider" />
            </list>
        </property>
    </bean>

刚开始一直报错:

Exception in thread "main" org.acegisecurity.AuthenticationServiceException: PreparedStatementCallback; uncategorized SQLException for SQL [
                select username,password from user where username= ?
            ]; SQL state [S1009]; error code [0]; Column Index out of range, 3 > 2. ; nested exception is java.sql.SQLException: Column Index out of range, 3 > 2. ; nested exception is org.springframework.jdbc.UncategorizedSQLException: PreparedStatementCallback; uncategorized SQLException for SQL [
                select username,password from user where username= ?
            ]; SQL state [S1009]; error code [0]; Column Index out of range, 3 > 2. ; nested exception is java.sql.SQLException: Column Index out of range, 3 > 2. 
    at org.acegisecurity.providers.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:102)
    at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:122)
    at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:200)
    at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:47)
    at org.hawklithm.acegi.AuthenticateMain.go(AuthenticateMain.java:13)
    at org.hawklithm.acegi.AuthenticateMain.main(AuthenticateMain.java:21)

为什么呢?为什么会越界呢?

疑惑了很久,网上各种解答,但是各种尝试无果

后来想起书上的例子里面是查询username,password和enable,然后添加上了enable,结果就搞定了,太坑了,居然必须加入enable参数

 

即,将sql语句select username,password from user where username= ?改为select username,password,enable from user where username= ?

 

posted @ 2013-12-09 16:55  瀑布飞鹰  阅读(1011)  评论(0编辑  收藏  举报