Spring Security - 无效的列索引异常[重复]
Posted
技术标签:
【中文标题】Spring Security - 无效的列索引异常[重复]【英文标题】:Spring Security - Invalid column index exception [duplicate] 【发布时间】:2018-03-31 18:54:29 【问题描述】:我想使用spring security。但是我得到了SQLException。我仍然没有找到任何解决方案。
我的表结构:
APP_USER (ID_APP_USER,NAME,PASSWORD)
APP_ROLE (ID_ROLE,NAME)
APP_USER_ROLE (ID_USER_ROLE ,ID_USER,ID_ROLE)
我的 Spring 配置文件:
<!-- enable use-expressions -->
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/admin**" access="hasRole('ROLE_ADMIN')" />
<!-- access denied page -->
<access-denied-handler error-page="/403" />
<form-login
login-page="/login"
default-target-url="/index"
authentication-failure-url="/login?error"
username-parameter="username"
password-parameter="password" />
<logout logout-success-url="/login?logout" />
<!-- enable csrf protection -->
<csrf/>
</http>
<!-- Select users and user_roles from database -->
<authentication-manager>
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query=
"select name as username,password from app_user where name=?"
authorities-by-username-query=
"SELECT app_user.name as username, app_role.name as role
FROM app_user
INNER JOIN app_user_role ON app_user.id_app_user = app_user_role.id_user
INNER JOIN app_role ON app_user_role.id_role = app_role.id_role
WHERE app_user.name = ? " />
</authentication-provider>
</authentication-manager>
我收到以下错误:
20:36:55.281 [http-nio-8089-exec-10] DEBUG o.s.j.s.SQLErrorCodeSQLExceptionTranslator - 翻译 SQL 状态为“99999”的 SQLException,错误代码为“17003”,消息 [无效的列索引]; SQL 是 [select name as username,password from app_user where name=?] 任务 [PreparedStatementCallback] 20:36:55.282 [http-nio-8089-exec-10] 调试 o.s.s.w.a.UsernamePasswordAuthenticationFilter - 身份验证请求失败:org.springframework.security.authentication.AuthenticationServiceException:PreparedStatementCallback; SQL [select name as username,password from app_user where name=?] 的无效 ResultSet 访问;嵌套异常是 java.sql.SQLException: Invalid column index 20:36:55.282 [http-nio-8089-exec-10] 调试 o.s.s.w.a.UsernamePasswordAuthenticationFilter - 更新 SecurityContextHolder 以包含空身份验证 20:36:55.282 [http-nio-8089-exec-10] 调试 o.s.s.w.a.UsernamePasswordAuthenticationFilter - 委托给身份验证失败处理程序 org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@2f483b1e 20:36:55.282 [http-nio-8089-exec-10] 调试 o.s.s.w.a.SimpleUrlAuthenticationFailureHandler - 重定向到 /login?error 20:36:55.282 [http-nio-8089-exec-10] 调试 o.s.s.web.DefaultRedirectStrategy - 重定向到 '/FNDWEB/login?error'
怎么了?请帮助我:/提前致谢。
【问题讨论】:
【参考方案1】:终于找到了解决办法。我们需要在查询中添加“,1 as enabled”。
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query=
"select name as username,password,1 as enabled from app_user where name=?"
authorities-by-username-query=
"SELECT app_user.name as username, app_role.name as role
FROM app_user
INNER JOIN app_user_role ON app_user.id_app_user = app_user_role.id_user
INNER JOIN app_role ON app_user_role.id_role = app_role.id_role
WHERE app_user.name = ? " />
</authentication-provider>
【讨论】:
以上是关于Spring Security - 无效的列索引异常[重复]的主要内容,如果未能解决你的问题,请参考以下文章
Spring Security @PreAuthorize 拦截无效
spring security reactive - 如何调试“无效凭据”错误?
Spring-Security OAuth WebMVC 无效的 CORS 请求
Spring Security Oauth2:无效的重定向 url