可能会出现两个问题
1.login.jsp中form表单路径与spring-Security.xml中login-processing-url不一致
<form action="${pageContext.request.contextPath}/login.do" method="post">
<security:form-login
login-page="/login.jsp"
login-processing-url="/login"
default-target-url="/index.jsp"
authentication-failure-url="/failer.jsp"
/>
解决方法将login-processing-url改写为login-processing-url="/login.do"
2.数据库没有加密密码,却在配置文件中使用了org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder这个加密类,也会出现问题,请看代码
<!-- 切换成数据库中的用户名和密码 -->
<security:authentication-manager>
<security:authentication-provider user-service-ref="userService">
<!-- 配置加密的方式 -->
<security:password-encoder ref="passwordEncoder"/>
</security:authentication-provider>
</security:authentication-manager>
<!-- 配置加密类 -->
<bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
解决办法:删除或注释掉以及<security:password-encoder ref=“passwordEncoder”/>这两行代码,修改后的代码如下
<!-- 切换成数据库中的用户名和密码 -->
<security:authentication-manager>
<security:authentication-provider user-service-ref="userService">
<!-- 配置加密的方式 -->
<!-- <security:password-encoder ref="passwordEncoder"/>-->
</security:authentication-provider>
</security:authentication-manager>
<!-- 配置加密类 -->
<!-- <bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>-->