Announcement Announcement Module
No announcement yet.
Spring Security Login not authenticating with database details Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring Security Login not authenticating with database details

    I have an application that I'm trying to configure so that a user can log in with a username and password from the database. The problem is everytime I try to login with a username/password it returns the login failed page.

    In the output console is also this and no error message in the stack trace.

    loadUserByUsername  :  ed23
    This is my implementation in the security xml:

    	 <global-method-security pre-post-annotations="enabled" />
    <http auto-config="true" use-expressions="true" access-denied-page="/denied">
        	<intercept-url pattern='/home.jsp' access="hasRole('ROLE_USER')" /> 
        	<intercept-url pattern='/admin.jsp' access="hasRole('ROLE_ADMIN')" />
            <form-login login-page='/login.jsp' always-use-default-target="true" default-target-url="/main/home" authentication-failure-url="/login_error.jsp?error=true"/>   
        	<logout invalidate-session="true" logout-success-url='/login.jsp' /> 
        <!-- authentication manager and password hashing -->
    		<authentication-manager alias="authenticationManager">
        		<authentication-provider ref="daoAuthenticationProvider"/>
    <beans:bean id="daoAuthenticationProvider" class="">
        <beans:property name="userDetailsService" ref="userDetailsService"/>
        <beans:property name="saltSource">
            <beans:bean class="">
                <beans:property name="userPropertyToUse" value="username"/>
        <beans:property name="passwordEncoder" ref="passwordEncoder"/>
    <beans:bean id="userDetailsService"  class="com.project.professional.service.StaffServiceImpl">
    <beans:bean id="passwordEncoder" class="">
        <beans:constructor-arg index="0" value="256"/>
    My login form:

    <form action="${loginUrl}" method="post" name="loginForm">
    		<label for="j_username">Username</label>
    		<input id="j_username" name="j_username" type="text" />
    		<label for="j_password">Password</label>
    		<input id="j_password" name="j_password" type="password" />
    		<input  type="submit" value="Login"/>								

    The controller for this:

    	@RequestMapping(value = "/main/home", method = RequestMethod.GET)
    	public String getHomePage(Locale locale, Model model) {"Welcome home! The client locale is {}.", locale);
    		Date date = new Date();
    		DateFormat dateFormat = DateFormat.getDateTimeInstance(DateFormat.LONG, DateFormat.LONG, locale);
    		String formattedDate = dateFormat.format(date);
    		model.addAttribute("serverTime", formattedDate );
    		return "/main/home";
    	@RequestMapping(value="/", method = RequestMethod.GET)
    	public String getLoginPage(ModelMap model) {"This is the login page {}.");
    		return "login";
    My Implementation of the userdetails interface

    public UserDetails loadUserByUsername(String username)
    				throws UsernameNotFoundException {
    			System.out.println("loadUserByUsername  :  " + username);
    			//DAO<Staff> sessionFactory = null;
    			Session session = sessionFactory.getCurrentSession();
    			username = (username == null) ? "" : username;
    			Query query = session
    					.createQuery("from Staff where username=:username");
    			query.setParameter("username", username);
    			if (query.list().isEmpty()) {
    				return null;
    			return (UserDetails) query.list().get(0);
    along with this:

    public Staff getStaffDetails(String username) {
    Session session = sessionFactory.getCurrentSession();
    		Query query = session.createQuery("from Staff where username=:username");
    		query.setParameter("username", username);
    		if (query.list().isEmpty()) {
    			return null;
    		return (Staff) query.list().get(0);
    I'm not sure where the error is. Also when I try to use an in memory username/password, that works but not when I then try to get the username/password from the database. I would appreciate any help as I have been struggling with this for days now.
    Last edited by Sannei; Apr 30th, 2013, 05:03 AM.

  • #2
    I think in your implementation of UserDetails , it not getting the object in return,
    so please try to return User object like below

    return new User(username,password,isEnabled,isAccountNonExpir ed,isCredentialsNonExpired,isAccountNonLocked,gran tedAuthorities(employee.getRoles()));