解决SpringSide 3.2.2用户注册后自动登录问题

首先，客户端登录时密码在客户端通过MD5加密，在CustomAuthenticationProcessingFilter中验证时不需要加密。

用户登录页面：

<script src="${ctx}/js/jquery.js" type="text/javascript"></script>
<script src="${ctx}/js/jquery.sha1.js" type="text/javascript"></script>
<script src="${ctx}/js/validate/jquery.validate.js" type="text/javascript"></script>
<script src="${ctx}/js/validate/messages_cn.js" type="text/javascript"></script>
<script>
 function reloadCaptcha() {
  $("#captcha").attr("src", "${ctx}/servlet/captchaServlet?r=" + Math.random());
 }
 function encode() {
  $('#j_password').val($.sha1($('#j_password').val()));
  return true;
 }
 $(document).ready(function() {
  $("#j_username").focus();
 });
</script>

<div><label>密码：</label><input type='password' id='j_password' name='j_password' class="required" /></div>

用户注册页面，当用户注册结束后，我们使用一个跳转把用户名、密码和验证码等都自动提交，从而实现用户自动登录。

<script src="${ctx}/js/jquery.js" type="text/javascript"></script>
 <script src="${ctx}/js/jquery.form.js" type="text/javascript"></script>
 <script src="${ctx}/js/jquery.sha1.js" type="text/javascript"></script>
 <script src="${ctx}/js/validate/jquery.validate.js" type="text/javascript"></script>
 <script src="${ctx}/js/validate/messages_cn.js" type="text/javascript"></script>
 <script>
  function reloadCaptcha() {
   $("#captcha").attr("src", "${ctx}/servlet/captchaServlet?r=" + Math.random());
  }
  $(document).ready(function() {
   $("#loginName").focus();
   $("#registerForm").validate({
    rules: {
     loginName: {
      required: true,
      remote: "account!checkLoginName.action?oldLoginName=" + encodeURIComponent('${loginName}')
     },
     name: "required",
     password: {
      required: true,
      minlength: 6
     },
     passwordConfirm: {
      equalTo:"#password"
     },
     email: "email",
     j_captcha: {
      required: true,
      remote: "account!checkCaptcha.action"
     },
     agreed: "required"
    },
    messages: {
     loginName: {
      remote: "用户登录名已存在"
     },
     name: '姓名不能为空',
     email: '邮箱格式错误',
     passwordConfirm: {
      equalTo: "输入与上面相同的密码"
     },
     j_captcha: '验证码错误'
    },
    submitHandler: function(form) {
     $('#password').val($.sha1($('#password').val()));
     $(form).ajaxSubmit({
      success: function(msg) {
       alert("用户注册成功！");
       window.location = "${ctx}/j_spring_security_check?j_username=" + $('#loginName').val() + "&j_password=" + $('#password').val() + "&j_captcha=" + $('#j_captcha').val();
      },
      error: function(msg) {
       alert("用户注册失败！");
      }
     });
     return false;
    }
   });
  });
 </script>

其次，在application-Context.xml中，密码采用明文方式，即在springsecurity过滤时不需要再次加密密码

<s:authentication-provider user-service-ref="userDetailsService">

                   <s:password-encoder hash="plaintext" />

                   <!-- <s:password-encoder hash="sha" base64="false"/> -->

         </s:authentication-provider>