我正在使用jsecurity检查登录,我想保存登录用户以及他们何时登录。
如何从j_security_check获取这些内容?
我的网页xml:
<login-config>
<auth-method>FORM</auth-method>
<realm-name>user-realm</realm-name>
<form-login-config>
<form-login-page>/Pages/Login.xhtml</form-login-page>
<form-error-page>/Pages/LoginError.xhtml</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description/>
<role-name>admin</role-name>
</security-role>
<security-role>
<description/>
<role-name>users</role-name>
</security-role>
我的login.xhtml页面:
<form role="form" action="j_security_check" method="POST">
<h2>Please sign in</h2>
<input name="j_username" type="text" placeholder="Username" required="true"> </input>
<input name="j_password" type="password" placeholder="Password" required="true"> </input>
<button type="submit" value="Login">Sign in</button>
</form>
只是想知道我是否可以抓住登录我的jsf应用程序的用户并保存该用户以及他们登录数据库的时间
答案 0 :(得分:0)
在此博客上找到答案:http://jugojava.blogspot.com/2011/07/jsf-form-authentication-on-servlet-3.html
将j_security_check登录页面替换为带有支持bean的登录页面
Login.xhtml:
<h:form>
<h:panelGrid columns="2">
<h:outputLabel for="username" value="Username:" />
<h:inputText id="username" value="#{authBean.username}" />
<h:outputLabel for="password" value="Password:" />
<h:inputSecret id="password" value="#{authBean.password}" />
<h:commandButton id="loginButton" value="Login" action="#{authBean.login()}" />
</h:panelGrid>
</h:form>
和我的支持bean:
private String username;
private String password;
public String login(){
FacesContext context = FacesContext.getCurrentInstance();
HttpServletRequest request = (HttpServletRequest) context
.getExternalContext().getRequest();
try {
request.login(username, password);
} catch (ServletException e) {
context.addMessage(null, new FacesMessage(FacesMessage.SEVERITY_WARN, "Login failed!", null));
return "login";
}
//database action to be done here
Principal principal = request.getUserPrincipal();
if(request.isUserInRole("admin")) {
return "/Pages/AdminLanding.xhtml";
} else {
return "/Pages/UserLanding.xhtml";
}
} //getter and setter for username and password