我想知道如何在 Spring Security 处理登录表单之前对其进行额外的验证。我正在考虑一些 LoginController、LoginForm bean,但我不知道如何将它们组合在一起,如何配置它来工作。下面是我的“愿景”。我搜索了一些如何在 Spring Security 中执行此操作的示例,但找不到。有人帮忙吗?
登录表单 bean:
public class LoginForm {
private String j_username;
private String j_password;
@NotEmpty
private Boolean acceptTerms;
public String getJ_password() {
return j_password;
}
public String getJ_username() {
return j_username;
}
public void setJ_password(String j_password) {
this.j_password = j_password;
}
public void setJ_username(String j_username) {
this.j_username = j_username;
}
public Boolean getAcceptTerms() {
return acceptTerms;
}
public void setAcceptTerms(Boolean accept) {
this.acceptTerms = acceptTerms;
}
}
Form:
<c:url value="/login" var="secureUrl"/>
<form:form id="jf" commandName="loginForm" action="${secureUrl}" method="post">
<form:input path="j_username"/>
<form:input path="j_password"/>
<form:checkbox path="acceptTerms"/>
</form>
登录控制器:
@Controller
class LoginController {
@RequestMapping(value = "/login", method = RequestMethod.POST)
public String logging(@ModelAttribute @Valid LoginForm loginForm) {
...
}
}
@RequestMapping(value = "/login", method = RequestMethod.GET)
public ModelAndView signInPage(
@RequestParam(value = "error", required = false) String error,
@RequestParam(value = "logout", required = false) String logout)
{
ModelAndView mav = new ModelAndView();
//Initially when you hit on login url then error and logout both null
if (error != null) {
mav.addObject("error", "Invalid username and password!");
}
if (logout != null) {
mav.addObject("msg", "You've been logged out successfully.");
}
mav.setViewName("login/login.jsp");
}
现在,如果登录不成功,那么它将再次点击此 URL,并在其 URL 中附加错误,就像在 spring 安全文件中设置失败 URL 一样。弹簧安全文件:
<security:form-login
authentication-failure-url="/login?error=1"
/>
那么你的网址就变成了url/login?error=1
。然后自动signInPage
方法将调用并带有一些错误值。现在错误不为空,您可以设置与 url 对应的任何字符串,我们可以使用以下标签在 jsp 上显示:
<c:if test="${not empty error}">
<div class="error">${error}</div>
</c:if>
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)