I'm new to Spring and I'm trying to create a simple login form. When I try authentication.getName() it returns an empty string.
Actually I've tried to use this method but it returned "Query returned no results for user ''" and "User '' not found".
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource)
.usersByUsernameQuery("select email, encrypted_password"
+ " from customers where email=?")
.authoritiesByUsernameQuery("select email, role "
+ "from customers where email=?")
.passwordEncoder(new BCryptPasswordEncoder());
}
AuthProviderImpl
@Autowired
private CustomerRepository customerRepository;
private BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String email = authentication.getName(); //return empty string
Customer customer = customerRepository.findByEmail(email);
if (customer == null) {
throw new UsernameNotFoundException("User not found");
}
String password = authentication.getCredentials().toString();
if(!encoder.matches(password, customer.getPassword())){
throw new BadCredentialsException("Invalid password.");
}
List<GrantedAuthority> authorities = new ArrayList<>();
authorities.add(new SimpleGrantedAuthority(customer.getRole().toString()));
return new UsernamePasswordAuthenticationToken(customer, null, authorities);
}
@Override
public boolean supports(Class<?> aClass) {
return aClass.equals(UsernamePasswordAuthenticationToken.class);
}
Sign_in.ftl
<#include "../main-template.ftl"/>
<#macro content>
<#include "../header.ftl"/>
<h1>Sign In</h1>
<#if error??>
<p class="help-block">Invalid email or password!</p>
</#if>
<form name="loginForm" action="/j_spring_security_check" method="post">
<table>
<tr>
<td><label path="j_username">Email</label></td>
<td><input path="j_username" type="email"/></td>
</tr>
<tr>
<td><label path="j_password">Password</label></td>
<td><input path="j_password" type="password"/></td>
</tr>
</table>
<input type="submit">
</form>
</#macro>
<@main title=""/>
Security configuration
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.authorizeRequests()
.antMatchers("/sign_up", "/sign_in").permitAll()
.antMatchers("/admin/**").access("hasRole('ADMIN')")
.and()
.formLogin()
.loginPage("/sign_in")
.loginProcessingUrl("/j_spring_security_check")
.usernameParameter("j_username")
.passwordParameter("j_password")
.failureUrl("/sign_in?error")
.defaultSuccessUrl("/")
.and()
.logout()
.permitAll()
.logoutUrl("/logout")
.logoutSuccessUrl("/sign_in?logout")
.invalidateHttpSession(true);
}
@Override
protected void configure(AuthenticationManagerBuilder auth) {
auth.authenticationProvider(authProvider);
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
AuthenticationController
@RequestMapping(value = "/sign_in")
public String getSignIn(@RequestParam(value = "error", required = false) String error, Model model){
if (error != null)
model.addAttribute("error", error);
return "/customer/sign_in";
}
In form instead of "path", "name" should be used