Question

这是我的错误处理程序控制器。当链接/网址不存在时，它会转到404页面。我也使用弹簧安全。基本上，当用户登录时，将显示用户的用户名。但是，如果用户输入错误或键入错误的URL /链接，则会显示404错误页面，但不会显示用户名。

package com.syntacks.controller;

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
public class HTTPErrorHandlers{

    String path = "/user";

    @RequestMapping(value="/400")
    public String error400(){
        return path+"/404";
    }

     @RequestMapping(value="/404")
     public String error404(){
         return path+"/404";
     }

     @RequestMapping(value="/500")
     public String error500(){
         return path+"/404";
     }


}

我已在此处添加了sec-authorize，用于确定用户是否已登录。这放在我的每一页上。

    <sec:authorize ifAnyGranted="ROLE_USER,ROLE_ADMIN">
    <a class="active" href="/Project/profile?user=${pageContext.request.userPrincipal.name}">${pageContext.request.userPrincipal.name}</a>
                                        <ul class="dropdown">
                                        <li><a href="/Project/<c:url value='logout'/>">Logout</a></li>
                                        </ul>
</sec:authorize>

web.xml上的

我添加了错误代码

<error-page>
        <error-code>400</error-code>
        <location>/400</location>
    </error-page>
    <error-page>
        <error-code>123</error-code>
        <location>/123</location>
    </error-page>
    <error-page>
        <error-code>404</error-code>
        <location>/404</location>
    </error-page>
        <error-page>
        <error-code>405</error-code>
        <location>/405</location>
    </error-page>
    <error-page>
        <error-code>500</error-code>
        <location>/500.jsp</location>
    </error-page>

因此，如果用户键入404或我指定的映射的任何值，则返回用户名，但如果未指定值或链接，则只显示404页面，其中找不到错误页面未显示用户名的文本。非常感谢您的帮助：）

弹簧security.xml文件

<beans:beans xmlns:security="http://www.springframework.org/schema/security"
      xmlns:beans="http://www.springframework.org/schema/beans" 
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:schemaLocation="http://www.springframework.org/schema/beans
              http://www.springframework.org/schema/beans/spring-beans.xsd
              http://www.springframework.org/schema/security
              http://www.springframework.org/schema/security/spring-security.xsd">



     <security:http auto-config='true'>
            <security:access-denied-handler error-page="/403" />

            <security:intercept-url pattern="/questions/ask" access="ROLE_USER,ROLE_ADMIN" />
            <security:intercept-url pattern="/profile" access="ROLE_USER" />    
            <security:intercept-url pattern="/view-tags" access="ROLE_ADMIN" />
            <security:intercept-url pattern="view-questions" access="ROLE_ADMIN" />
            <security:intercept-url pattern="/view-users" access="ROLE_ADMIN" />                            
            <security:form-login login-page="/login" default-target-url="/" authentication-failure-url="/login?error"/>
            <security:logout logout-success-url="/login?logout" logout-url="/logout" 
            invalidate-session="false"/>
        </security:http>


     <security:authentication-manager>
            <security:authentication-provider>
                <security:jdbc-user-service data-source-ref="dataSource"  
                    users-by-username-query="select username,password, enabled from users where username=?"  
                    authorities-by-username-query="select username, role from users where username =?  " />
            </security:authentication-provider>
          </security:authentication-manager>
    </beans:beans>

Answer 1

使用以下代码行获取当前登录的用户：

<security:authorize access="isAuthenticated()">
    authenticated as <security:authentication property="principal.username" /> 
</security:authorize>

错误页面上未显示Spring安全性用户名，未指定值

1 个答案: