我创建了一个用户登录界面,用户可以使用spring security
进行身份验证。
我制作了AuthenticationSuccessHandler
,将用户重定向到新页面。
我还希望实现loginController
以获取用户登录的名称以及显示错误凭据的错误消息。这是我的Handler
代码:
public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
protected final Log logger = LogFactory.getLog(this.getClass());
private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
protected MySimpleUrlAuthenticationSuccessHandler() {
super();
}
@Override
public void onAuthenticationSuccess(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws IOException {
handle(request, response, authentication);
clearAuthenticationAttributes(request);
}
protected void handle(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws IOException {
final String targetUrl = determineTargetUrl(authentication);
if (response.isCommitted()) {
logger.debug("Response has already been committed. Unable to redirect to " + targetUrl);
return;
}
redirectStrategy.sendRedirect(request, response, targetUrl);
}
protected String determineTargetUrl(final Authentication authentication) {
boolean isUser = false;
boolean isAdmin = false;
final Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
for (final GrantedAuthority grantedAuthority : authorities) {
if (grantedAuthority.getAuthority().equals("ROLE_USER")) {
isUser = true;
break;
} else if (grantedAuthority.getAuthority().equals("ROLE_ADMIN")) {
isAdmin = true;
break;
}
}
if (isUser) {
return "/static_htm.html";
} else if (isAdmin) {
return "/console.html";
} else {
throw new IllegalStateException();
}
}
我的controller
代码:
@Controller
public class HelloController {
@RequestMapping(value="/login", method = RequestMethod.GET)
public String printWelcome(ModelMap model, Principal principal ) {
String name = principal.getName();
model.addAttribute("username", name);
model.addAttribute("message", "Spring Security Hello World");
return "static_htm"; //page after successful login
}
@RequestMapping(value="/login", method = RequestMethod.GET)
public String login(ModelMap model) {
return "login"; //login page
}
@RequestMapping(value="/loginfailed", method = RequestMethod.GET)
public String loginerror(ModelMap model) {
//String errormessage = resources.getMessage("login.error", null, null);
model.addAttribute("error", "true");
return "login"; //login page
}
}
处理程序工作正常,但我无法获取用户名和错误消息。我应该怎样做才能使handler
和controller
一起工作?
非常感谢任何建议。
答案 0 :(得分:0)
根据您的问题,我认为您希望在登录控制器中获取用户名。
如果不是这样,请随意忽略我的回答。
你可能实际上已经落后了。
成功处理程序有点像“default-target-url”的自定义实现。
所以它实际上是在登录控制器后执行的......
当登录成功,并且没有先前请求的路径(这由SavedRequestAwareAuthenticationSuccessHandler实现)时,请求将被发送到“default-target-url”。
或者当有自定义成功处理程序时,成功处理程序将确定它前往的路径。