使用Facebook,JavaEE,j_security_check登录
嗨! 我正在尝试使用我的应用程序中的Facebook登录,但存在一些问题... 通常我使用j_security_check,它可以完美地工作。我有3个参与者:员工,管理员,用户,其形式保存在受保护的目录中:员工,管理员,用户。我还有一个目录来保留用户注销时使用的某些表格。 登录名,密码等。我当然保存在数据库中。 https://i.snag.gy/ZM8Gek.jpg
后端-> JavaEE
前端-> JSF
所以...问题是,如何强制我的j_security_check更改j_username,j_password进行更正并将会话状态更改为“已登录”? 通常,所有内容都保留在我的glassfish配置中,我不知道如何在托管bean中手动更改字段“ j_username / j_password” ...
顺便说一句,这可能不是解决此问题的坏方法?如果有人有任何建议...请帮助我:<我的截止日期即将来临...
我的xhtml和j_security_check
<h:inputText id="j_username" size="20" styleClass="input" p:placeholder="login" required="true"/>
<h:inputSecret id="j_password" size="20" styleClass="input" p:placeholder="password" required="true"/>
<input type="submit" value="login" />
web.xml
<login-config>
<auth-method>FORM</auth-method>
<realm-name>jdbc-realm</realm-name>
<form-login-config>
<form-login-page>/faces/login_register/Login.xhtml</form-login-page>
<form-error-page>/faces/error/LoginErrors.xhtml</form-error-page>
</form-login-config>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Restricted Access User</web-resource-name>
<url-pattern>/_User/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>USER</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Restricted Access Admin</web-resource-name>
<url-pattern>/_Admin/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>ADMIN</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Restricted Access Employee</web-resource-name>
<url-pattern>/_Employee/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>EMPLOYEE</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-role>
<description/>
<role-name>USER</role-name>
</security-role>
<security-role>
<description/>
<role-name>ADMIN</role-name>
</security-role>
<security-role>
<description/>
<role-name>EMPLOYEE</role-name>
</security-role>
我的jsp文件带有一些Javacript,可以使用fb登录
<!DOCTYPE html>
<head>
<meta charset="UTF-8">
</head>
<body>
<script async defer src="https://connect.facebook.net/en_US/sdk.js"></script>
<script>
// This is called with the results from from FB.getLoginStatus().
function statusChangeCallback(response) {
console.log('statusChangeCallback');
console.log(response);
// The response object is returned with a status field that lets the
// app know the current login status of the person.
// Full docs on the response object can be found in the documentation
// for FB.getLoginStatus().
if (response.status === 'connected') {
// Logged into your app and Facebook.
testAPI();
} else if (response.status === 'not_authorized') {
// The person is logged into Facebook, but not your app.
document.getElementById('status').innerHTML = 'Login with Facebook ';
} else {
// The person is not logged into Facebook, so we're not sure if
// they are logged into this app or not.
document.getElementById('status').innerHTML = 'Login with Facebook ';
}
}
// This function is called when someone finishes with the Login
// Button. See the onlogin handler attached to it in the sample
// code below.
function checkLoginState() {
FB.getLoginStatus(function(response) {
statusChangeCallback(response);
});
}
function facebookLogout()
{
FB.logout(function(response) {
statusChangeCallback(response);
});
}
window.fbAsyncInit = function() {
FB.init({
appId : '2106519296320040',
cookie : true, // enable cookies to allow the server to access
// the session
xfbml : true, // parse social plugins on this page
version : 'v2.2' // use version 2.2
});
// Now that we've initialized the JavaScript SDK, we call
// FB.getLoginStatus(). This function gets the state of the
// person visiting this page and can return one of three states to
// the callback you provide. They can be:
//
// 1. Logged into your app ('connected')
// 2. Logged into Facebook, but not your app ('not_authorized')
// 3. Not logged into Facebook and can't tell if they are logged into
// your app or not.
//
// These three cases are handled in the callback function.
FB.getLoginStatus(function(response) {
statusChangeCallback(response);
});
};
// Load the SDK asynchronously
(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/en_US/sdk.js";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));
// Here we run a very simple test of the Graph API after login is
// successful. See statusChangeCallback() for when this call is made.
function testAPI() {
console.log('Welcome! Fetching your information.... ');
FB.api('/me?fields=name,email', function(response) {
console.log('Successful login for: ' + response.name);
document.getElementById("status").innerHTML = '<p>Welcome '+response.name+'! <a href=fblogincontroller.jsp?user_name='+ response.name.replace(" ", "_") +'&user_email='+ response.email +'>Continue with facebook login</a></p>'
});
}
function fbLogout() {
FB.logout(function (response) {
//Do what ever you want here when logged out like reloading the page
window.location.reload();
});
}
</script>
<!--
Below we include the Login Button social plugin. This button uses
the JavaScript SDK to present a graphical Login button that triggers
the FB.login() function when clicked.
-->
<br><br>
<fb:login-button scope="public_profile,email" onlogin="checkLoginState();">
</fb:login-button>
<div id="status">
</div>
<script type="text/javascript">
</script>
</body>
</html>