很想吐槽的一个东西
尝试了spring的authentication,使用org.acegisecurity.userdetails.jdbc.JdbcDaoImpl的authenticationDao
代码如下:
1 package org.hawklithm.acegi; 2 3 import org.acegisecurity.Authentication; 4 import org.acegisecurity.providers.ProviderManager; 5 import org.acegisecurity.providers.UsernamePasswordAuthenticationToken; 6 import org.springframework.context.support.ClassPathXmlApplicationContext; 7 8 public class AuthenticateMain { 9 public void go() { 10 UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken("hawky", "root"); 11 ClassPathXmlApplicationContext context=new ClassPathXmlApplicationContext("spring-acegi.xml"); 12 ProviderManager manager=(ProviderManager) context.getBean("authenticationManager"); 13 Authentication auth=manager.authenticate(authRequest); 14 System.out.println("name: "+auth.getName()); 15 System.out.println("String: "+auth.toString()); 16 System.out.println("authenticated: "+auth.isAuthenticated()); 17 } 18 19 public static void main(String args[]) { 20 AuthenticateMain auth = new AuthenticateMain(); 21 auth.go(); 22 } 23 }
配置文件:
<bean id="authenticationDao" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl"> <property name="dataSource" ref="dataSource" /> <property name="usersByUsernameQuery"> <value> select username,password from user where username= ? </value> </property> <property name="authoritiesByUsernameQuery"> <value> select username,authority from user_privileges where username= ? </value> </property> </bean> <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="authenticationDao" /> </bean> <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> <property name="providers"> <list> <ref bean="daoAuthenticationProvider" /> </list> </property> </bean>
刚开始一直报错:
Exception in thread "main" org.acegisecurity.AuthenticationServiceException: PreparedStatementCallback; uncategorized SQLException for SQL [
select username,password from user where username= ?
]; SQL state [S1009]; error code [0]; Column Index out of range, 3 > 2. ; nested exception is java.sql.SQLException: Column Index out of range, 3 > 2. ; nested exception is org.springframework.jdbc.UncategorizedSQLException: PreparedStatementCallback; uncategorized SQLException for SQL [
select username,password from user where username= ?
]; SQL state [S1009]; error code [0]; Column Index out of range, 3 > 2. ; nested exception is java.sql.SQLException: Column Index out of range, 3 > 2.
at org.acegisecurity.providers.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:102)
at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:122)
at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:200)
at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:47)
at org.hawklithm.acegi.AuthenticateMain.go(AuthenticateMain.java:13)
at org.hawklithm.acegi.AuthenticateMain.main(AuthenticateMain.java:21)
为什么呢?为什么会越界呢?
疑惑了很久,网上各种解答,但是各种尝试无果
后来想起书上的例子里面是查询username,password和enable,然后添加上了enable,结果就搞定了,太坑了,居然必须加入enable参数
即,将sql语句select username,password from user where username= ?改为select username,password,enable from user where username= ?