我的Spring MVC应用程序中有以下文件: login.jsp , HomeController.java 和 DatabaseService.java 。当有人点击 login.jsp 中的登录按钮时,它会将数据(用户名和密码)传输到 HomeController.java ,然后 HomeController.java 调用 DatabaseService.java ,带有一些条件并从中获取响应,最后将响应返回到 login.jsp 。到目前为止,无效的用户名和密码字段都可以。当 login.jsp 中的用户名和密码与存储的用户名和密码匹配时,会出现问题。 问题是,没有数据存储到会话变量/对象中。我尝试了几种方法:
public String dblogin(String username, String password) throws SQLException {
String response = "";
Connection conn = null;
Statement stmt = null;
ResultSet rs;
String pass = "", fname = "", lname = "";
int userid = 0;
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/bloodspring", "root", "");
stmt = conn.createStatement();
try {
String query = "SELECT user_id, user_fname, user_lname, pword FROM bld_user WHERE uname='"+ username +"'";
rs = stmt.executeQuery(query);
int res = 0;
while( rs.next() ) {
res++;
pass = rs.getString("pword");
fname = rs.getString("user_fname");
lname = rs.getString("user_lname");
userid = rs.getInt("user_id");
}
if( res == 0 ) {
response = "Invalid Username";
} else {
//String new_pass = crypt.encryption(password);
if( crypt.encryption(password).compareTo(pass) != 0 ) {
response = "Invalid username and/or password";
//response = "Original :" + pass + " :::: new : " + crypt.encryption(password);
} else {
HttpServletRequest request;
HttpSession session = request.getSession();
session.setAttribute("fname", fname);
session.setAttribute("lname", lname);
session.setAttribute("username", username);
session.setAttribute("userid", userid);
response = "Login Successful";
}
}
} catch( SQLException Ex) {
Ex.printStackTrace();
response = "Sorry something goes wrong with your MySQL query or server";
}
} catch( ClassNotFoundException E) {
E.printStackTrace();
response = "Sorry no MySQL class found";
}
return response;
}
但它显示了一些空指针异常相关错误。显示我更改代码如下:
public String dblogin(String username, String password) throws SQLException {
String response = "";
Connection conn = null;
Statement stmt = null;
ResultSet rs;
String pass = "", fname = "", lname = "";
int userid = 0;
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/bloodspring", "root", "");
stmt = conn.createStatement();
try {
String query = "SELECT user_id, user_fname, user_lname, pword FROM bld_user WHERE uname='"+ username +"'";
rs = stmt.executeQuery(query);
int res = 0;
while( rs.next() ) {
res++;
pass = rs.getString("pword");
fname = rs.getString("user_fname");
lname = rs.getString("user_lname");
userid = rs.getInt("user_id");
}
if( res == 0 ) {
response = "Invalid Username";
} else {
//String new_pass = crypt.encryption(password);
if( crypt.encryption(password).compareTo(pass) != 0 ) {
response = "Invalid username and/or password";
//response = "Original :" + pass + " :::: new : " + crypt.encryption(password);
} else {
HttpServletRequest request = null;
try {
HttpSession session = request.getSession();
session.setAttribute("fname", fname);
session.setAttribute("lname", lname);
session.setAttribute("username", username);
session.setAttribute("userid", userid);
response = "Login Successful";
//response = fname + " " + lname;
} catch( java.lang.NullPointerException lex ) {
lex.printStackTrace();
response = "Something Wrong";
}
}
}
} catch( SQLException Ex) {
Ex.printStackTrace();
response = "Sorry something goes wrong with your MySQL query or server";
}
} catch( ClassNotFoundException E) {
E.printStackTrace();
response = "Sorry no MySQL class found";
}
return response;
}
但它返回响应为“Something Wrong”[抓住java.lang.NullPointerException的块]。如果我按如下方式更改代码:
public String dblogin(String username, String password) throws SQLException {
String response = "";
Connection conn = null;
Statement stmt = null;
ResultSet rs;
String pass = "", fname = "", lname = "";
int userid = 0;
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/bloodspring", "root", "");
stmt = conn.createStatement();
try {
String query = "SELECT user_id, user_fname, user_lname, pword FROM bld_user WHERE uname='"+ username +"'";
rs = stmt.executeQuery(query);
int res = 0;
while( rs.next() ) {
res++;
pass = rs.getString("pword");
fname = rs.getString("user_fname");
lname = rs.getString("user_lname");
userid = rs.getInt("user_id");
}
if( res == 0 ) {
response = "Invalid Username";
} else {
//String new_pass = crypt.encryption(password);
if( crypt.encryption(password).compareTo(pass) != 0 ) {
response = "Invalid username and/or password";
//response = "Original :" + pass + " :::: new : " + crypt.encryption(password);
} else {
HttpServletRequest request = null;
try {
response = fname + " " + lname;
} catch( java.lang.NullPointerException lex ) {
lex.printStackTrace();
response = "Something Wrong";
}
}
}
} catch( SQLException Ex) {
Ex.printStackTrace();
response = "Sorry something goes wrong with your MySQL query or server";
}
} catch( ClassNotFoundException E) {
E.printStackTrace();
response = "Sorry no MySQL class found";
}
return response;
}
比它正常工作并从数据库返回名字,姓氏。所以我认为我的代码不适合会话 谁能告诉我如何将数据库中的数据存储到会话中。
答案 0 :(得分:1)
您可以使用spring-security进行身份验证。除此之外,您可以按照以下代码段进行操作。请注意,您并不需要在会话中单独存储所有字段。您只需将用户对象存储到会话中即可。
@RequestMapping(value = "login.html", method = RequestMethod.POST)
public ModelAndView post(@ModelAttribute("login") LoginEntity login, HttpServletRequest req) {
/* CHECK IN DATABASE if the user name and password matches or not */
UserObject userObject=dblogin(login.userName,login.password);
if(userObject!=null){
HttpSession session = req.getSession(true);
session.setAttribute("user",userObject);
}
else
return new ModelAndView("login");
}