I'm trying to do a basic spring security D/B authentication program.I tried this by two ways i.e.
Method 1 : Using custom tables for Spring Security authentication.
Method 2 : Using Spring security specific database tables for user authentication and authorization.
File Locations:
1. index.jsp -> webapp/index.jsp
2. welcome.jsp -> webapp/pages/welcome.jsp
3. login.jsp -> webapp/pages/login.jsp
For method 1,Spring security was not intercepting request and i didn't see errors in console.Instead of intercepting the request i was directly taken to welcome.jsp.
P.S - Since i was not trying authorization, i didn't use 'authorities-by-username-query' attribute below in security context xml. I'm not sure if its mandatory to create a table for authorization as well.
Below is my security-context.xml:
web.xml
BaseController
login.jsp
index.jsp
How can i debug this kind of scenarios effectively if errors are not shown in console. I've already SL4J logging enabled through
maven.
For method 2, i created spring specific database tables in the name of “USERS” and “AUTHORITIES” after following
linklink. Here SQL query is not used in xml as shown below.
Every thing remains same except for security-context.xml.
when i tried the above way, even though i enter correct user name & password, i was getting 'bad credentials' message [But yes, in this case spring security is intercepting the request]. I'm using Oracle database.
Please guide me where i'm going wrong in both the cases. Advance thanks.