Efetuar Login com SpringSecurity + JSF2 + PrimeFaces

1 de março de 2013 6 respostas

Guguuu 1 de março de 2013

Coloquei o SpringSecurity pra fucionar, tento acessar uma pagina e ele me direciona para a pagina de login. Até ae OK, quando eu tento efetuar o login ele nao faz nada, nao trava, nao da erro, nao avança, nao volta. kkkkkkkk queria saber como ele direcionar para a pagina de logado…

estrutura das pastas

webcontent
-jsp
–login.xhtml
–sucesso.xhtml
–erro.xhtml
–privado
—principal.xhtml

<?xml version="1.0" encoding="UTF-8"?>
<b:beans xmlns="http://www.springframework.org/schema/security"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:b="http://www.springframework.org/schema/beans"
	xsi:schemaLocation="http://www.springframework.org/schema/beans
	http://www.springframework.org/schema/beans/spring-beans.xsd
	http://www.springframework.org/schema/security
    http://www.springframework.org/schema/security/spring-security-3.0.xsd">
	<http auto-config="true" >
		<!-- Don't set any role restrictions on login.jsp -->
		<intercept-url pattern="/jsp/login.xhtml" access="IS_AUTHENTICATED_ANONYMOUSLY"  />
		<!-- Restrict access to ALL other pages -->
		<intercept-url pattern="/jsp/privado/*.xhtml" access="ROLE_USER"  />
		<!-- Set the login page and what to do if login fails -->
		<form-login login-page="/jsp/login.xhtml" 
			authentication-failure-url="/jsp/login.xhtml?login_error=1"  default-target-url="/jsp/sucesso.xhtml"
			login-processing-url="/j_spring_security_check"
			/>
	</http>
	<authentication-manager>
		<authentication-provider>
			<jdbc-user-service data-source-ref="dataSource"
				users-by-username-query="SELECT login as username, senha as password, 'true' as enable FROM usuario WHERE login = ?"
				authorities-by-username-query="SELECT u.login as username, n.nome as authority FROM usuario u, usuarionivel n WHERE  u.nivel_id = n.id AND u.login = ?" />
		</authentication-provider>
	</authentication-manager>
	<b:bean id="dataSource"	class="org.springframework.jdbc.datasource.DriverManagerDataSource">
		<b:property name="url"
			value="jdbc:mysql://localhost:3306/decom" />
		<b:property name="driverClassName" value="com.mysql.jdbc.Driver" />
		<b:property name="username" value="rootx" />
		<b:property name="password" value="root" />
	</b:bean>
</b:beans>

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
	xmlns:h="http://java.sun.com/jsf/html"
	xmlns:f="http://java.sun.com/jsf/core"
	xmlns:p="http://primefaces.org/ui"
	xmlns:ui="http://java.sun.com/jsf/facelets">
<h:head>
</h:head>
<h:body style="font-family: sans-serif; font-size: 11px; ">

	<center>
		<p:dialog widgetVar="login" width="230" height="160" dynamic="true"
			resizable="false" style="margin: 0;" header="DECOM - SISViagem"
			visible="true" showEffect="fade" maximizable="false" closable="false"
			id="dialogLogin">

			<br />
			<br />
			<form action="j_spring_security_check" method="post">
				<h:panelGrid columns="2">
					<h:outputText value="Login:"></h:outputText>
					<p:inputText id="j_username"></p:inputText>
					<h:outputText value="Senha:"></h:outputText>
					<p:password id="j_password"></p:password>
					<h:column></h:column>
					<p:commandButton value="Entrar" action="#{usuarioController.login}"></p:commandButton>

				</h:panelGrid>
			</form>
		</p:dialog>
	</center>

</h:body>
</html>

usuarioController

package br.com.Decom.ManergerBeam;

import java.io.Serializable;

import javax.faces.bean.ManagedBean;
import javax.faces.bean.SessionScoped;

import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;

import br.com.Decom.Model.Usuario;

@SessionScoped
@ManagedBean
public class UsuarioController  implements Serializable  {

	private static final long serialVersionUID = 1L;
	private Usuario usuario = new Usuario();

	//DAO<Usuario> daoUsDao = new DAO<Usuario>(Usuario.class);
	//private String login;

	//private String senha;

	public UsuarioController() {
		System.out.println("teset");
		    usuario = new Usuario();
	        SecurityContext context = SecurityContextHolder.getContext();
	        if (context instanceof SecurityContext){
	            Authentication authentication = context.getAuthentication();
	            if (authentication instanceof Authentication){
	                usuario.setNome(((User)authentication.getPrincipal()).getUsername());
	                System.out.println("Nome: " + usuario.getNome());
	            }
	        } 
	}
	public void login(){
		System.out.println("teste");
	}
}

6 Respostas

Quindin 1 de mar. de 2013

Você pode add na a propriedade authentication-success-handler-ref=“algumaCoisa”
onde ela aponta pra um component do spirng. Ficando ± assim:

<form-login login-page="/login" authentication-failure-url="/login" authentication-success-handler-ref="algumaCoisa" default-target-url="/" always-use-default-target="false" />

crie uma classe qualquer anote-a como @Component(“algumaCoisa”) e extenda: SavedRequestAwareAuthenticationSuccessHandler e implemente: Filter, LogoutSuccessHandle

@Component("algumaCoisa")
public class AlgumaCoisa extends SavedRequestAwareAuthenticationSuccessHandler implements Filter, LogoutSuccessHandler {

@Override
	public void onAuthenticationSuccess(HttpServletRequest request,
			HttpServletResponse response, Authentication authentication)
			throws ServletException, IOException {
		HttpServletResponse resp = addCookies(request, response,authentication);
		
		Usuario usuario = (Usuario) authentication.getPrincipal();
		request.getSession().setAttribute("usuario", usuario);
		request.getSession().setAttribute("permissoes", usuario.getAuthorities());
		
		super.onAuthenticationSuccess(request, resp, authentication);
	}
}

quando o usuário fizer a autenticação vai ser chamado o method onAuthenticationSuccess.
Nele vc pode add cookies… pegar as perms do usuário e fazer responses. Podendo redireciona-lo para uma página, por exemplo.

denis_gariglio 2 de mar. de 2013

Fala pessoal, blz?
Invadindo aqui o post =)
eu estou batendo cabeça com isso e não faço mais a minima ideia do que fazer.
Não sei se o q fiz esta correto, mas qdo clico em login simplesmente nao acontece nada.
meu spring-security.xml

<?xml version="1.0" encoding="UTF-8"?>
<b:beans xmlns="http://www.springframework.org/schema/security"  
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:b="http://www.springframework.org/schema/beans"  
    xsi:schemaLocation="http://www.springframework.org/schema/beans  
    http://www.springframework.org/schema/beans/spring-beans.xsd  
    http://www.springframework.org/schema/security  
    http://www.springframework.org/schema/security/spring-security-3.0.xsd">  
    <http auto-config="true" >  
        <!-- Don't set any role restrictions on login.jsp -->  
        <intercept-url pattern="/login.xhtml" access="IS_AUTHENTICATED_ANONYMOUSLY"  />  
        <!-- Restrict access to ALL other pages -->  
        <intercept-url pattern="/paginas/privado/*.xhtml" access="ROLE_USER"  />  
        <!-- Set the login page and what to do if login fails -->  
        <form-login login-page="/login.xhtml"   
            authentication-failure-url="/login.xhtml?login_error=1"  default-target-url="/paginas/inicio.xhtml"  
            login-processing-url="/j_spring_security_check"  authentication-success-handler-ref="algumaCoisa"
            />  
    </http>  
    <authentication-manager>  
        <authentication-provider>  
            <jdbc-user-service data-source-ref="dataSource"  
                users-by-username-query="SELECT login_usuario, login_senha FROM login limit 1"  
                authorities-by-username-query="SELECT login_usuario, login_senha FROM login limit 1" />  
        </authentication-provider>  
    </authentication-manager>  
    <b:bean id="dataSource"  class="org.springframework.jdbc.datasource.DriverManagerDataSource">  
        <b:property name="url"  
            value="jdbc:mysql://localhost:3306/formafit" />  
        <b:property name="driverClassName" value="com.mysql.jdbc.Driver" />  
        <b:property name="username" value="root" />  
        <b:property name="password" value="erz84b626" />  
    </b:bean>  
</b:beans>

Nesse caso coloquei um limit só p trazer algo no resultado.

Meu login.xhtml

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml"
	  xmlns:p="http://primefaces.prime.com.tr/ui"
	  xmlns:h="http://java.sun.com/jsf/html"
	  xmlns:f="http://java.sun.com/jsf/core"
	  xmlns:ui="http://java.sun.com/jsf/facelets">
	
   <h:head>
    
       <title>
       		Spring + Security + Hibernate
       </title>
       
       <link type="text/css" rel="stylesheet" href="#{facesContext.externalContext.requestContextPath}/css/redmond/skin.css" />
        
   </h:head> 
   
   <h:body>  

	   <h:form prependId="false">
	   
	   		<p:dialog header="Area restrita"
	   				  modal="true"
	   				  closable="false"
	   				  position="center"
	   				  widgetVar="modalLogin"
	   				  minWidth="300"
	   				  width="300"
	   				  showEffect="slide" 
	   		    	  draggable="false"
	   		    	  resizable="false"
	   		    	  visible="true">		 
	   				 
	   			<center>	 
	   				 
				   	<p:messages id="mensagens" showDetail="true" showSummary="false" />    				 
		   				 
		   			<h:panelGrid columns="2">   		
		     	
				      	<h:outputLabel value="Login" />
		     			<h:inputText value="#{loginBean.login}" size="15" />
		
				 		<h:outputLabel value="Senha" />
						<h:inputSecret value="#{loginBean.senha}" size="15" />
										
					</h:panelGrid>
					
					<br />	
		
					<h:commandButton value="Entrar" action="#{loginBean.logar}" />		
					
				</center>
					
			</p:dialog>
				
	 	</h:form>
 	
 	</h:body>
 
</html>

classe login

package br.com.exemploseguranca.web.controle;

import javax.faces.bean.ManagedBean;
import javax.faces.bean.SessionScoped;
import javax.faces.context.FacesContext;
import javax.servlet.RequestDispatcher;

import br.com.exemploseguranca.web.util.FacesUtil;

@ManagedBean(name = "loginBean")
@SessionScoped
public class LoginMB {
		
	private String login;
	
	private String senha;
			
	public String getLogin() {
		return login;
	}

	public void setLogin(String login) {
		this.login = login;
	}

	public String getSenha() {
		return senha;
	}

	public void setSenha(String senha) {
		this.senha = senha;
	}

	public LoginMB() {	
	}
	
	public String logar() {
		try {
			System.out.println("Passou aqui");
		    RequestDispatcher dispatcher = FacesUtil.getServletRequest().getRequestDispatcher("/j_spring_security_check");
		    dispatcher.forward(FacesUtil.getServletRequest(), FacesUtil.getServletResponse());
		    FacesContext.getCurrentInstance().responseComplete();
		} catch (Exception ex) {
			FacesUtil.exibirMensagemErro(ex.getMessage());
			return null;
		}
	    return null;
	}
	
	public String logout() {
		FacesUtil.exibirMensagemAlerta("Sess?o finalizada com sucesso");
		try {
			RequestDispatcher dispatcher = FacesUtil.getServletRequest().getRequestDispatcher("/j_spring_security_logout");
			dispatcher.forward(FacesUtil.getServletRequest(), FacesUtil.getServletResponse());
			FacesContext.getCurrentInstance().responseComplete();
		} catch (Exception ex) {
			FacesUtil.exibirMensagemErro("Erro ao sair do sistema");
			return null;
		}
		return null;
	}

}

Ele não da erro e nenhum retorno.
Alguem tem alguma ideia de onde errei?

Vlwwww

[]s

Guguuu 4 de mar. de 2013

Quindin:

<form-login login-page="/login" authentication-failure-url="/login" authentication-success-handler-ref="algumaCoisa" default-target-url="/" always-use-default-target="false" />

crie uma classe qualquer anote-a como @Component(“algumaCoisa”) e extenda: SavedRequestAwareAuthenticationSuccessHandler e implemente: Filter, LogoutSuccessHandle

@Component("algumaCoisa")
public class AlgumaCoisa extends SavedRequestAwareAuthenticationSuccessHandler implements Filter, LogoutSuccessHandler {

@Override
	public void onAuthenticationSuccess(HttpServletRequest request,
			HttpServletResponse response, Authentication authentication)
			throws ServletException, IOException {
		HttpServletResponse resp = addCookies(request, response,authentication);
		
		Usuario usuario = (Usuario) authentication.getPrincipal();
		request.getSession().setAttribute("usuario", usuario);
		request.getSession().setAttribute("permissoes", usuario.getAuthorities());
		
		super.onAuthenticationSuccess(request, resp, authentication);
	}
}

A variável addCookies como vc crio ela?

Guguuu 4 de mar. de 2013

alguém?

Guguuu 4 de mar. de 2013

analisando o debug do firefox e do chrome, ele ta direcionando para “http://localhost:8080/Projeto/jsp/j_spring_security_check” como nao existe essa pagina ele da not found, ae ele nao mostra. alguem pode ajudar…

Guguuu 6 de mar. de 2013

Ninguem?

Criado 1 de março de 2013

Ultima resposta 6 de mar. de 2013

Respostas 6

Participantes 3

6 Respostas

Topicos relacionados