0

想要使用 Spring Security 使用电子邮件或手机号码登录。

这是我的代码:--

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">

    <http pattern="/admin" security="none" /> 

    <http auto-config="true" use-expressions="true">

        <intercept-url pattern="/admin*" access="hasRole('SYS_ADMIN')" />
        <intercept-url pattern="/cab-stop-admin*" access="hasAnyRole('SYS_ADMIN','CABSTOP_ADMIN')" />
        <intercept-url pattern="/driver*" access="hasAnyRole('DRIVER','SYS_ADMIN','CABSTOP_ADMIN')" />
        <intercept-url pattern="/customer*" access="hasAnyRole('CUSTOMER','SYS_ADMIN','CABSTOP_ADMIN')" />

        <form-login login-page="/login" default-target-url="/role-check"
            authentication-failure-url="/login?error=true" />
            <remember-me key="_spring_security_remember_me" data-source-ref="fmsDataSource" authentication-success-handler-ref="loginSuccessHandler"/>
        <logout logout-success-url="/" />
        <access-denied-handler error-page="/login"/>
         </http> 
         <beans:bean id="loginSuccessHandler" class="com.cabfms.authentication.LoginSuccessHandler"></beans:bean>
         <authentication-manager> 
        <authentication-provider> 
         <!-- <password-encoder hash="md5"  />  -->
        <jdbc-user-service data-source-ref="fmsDataSource"  
        users-by-username-query="select Email,Password, 'true' as enabled from login_details where Is_Blocked = 'N' and Deleted='N' and Email=?"
        authorities-by-username-query="select u.Email, ur.Role_Name from login_details u, role_master ur where u.Role_Master_Id = ur.Role_Master_Id and u.Email =?" />
    </authentication-provider>
    </authentication-manager>
</beans:beans>

在这段代码中,我有一个类似的查询

select Email,Password, 'true' as enabled from login_details where Is_Blocked = 'N' and Deleted='N' and Email=?

我只匹配电子邮件,但我也想匹配手机号码。** 表示我想匹配电子邮件或手机号码(任何一个),因为我从 JSP(电子邮件或手机)传递了任何一个

所以请提出你的答案

提前致谢

4

1 回答 1

2

您的 JSP 看起来如何?您是否有一个带有j_username或正在使用电子邮件和移动设备的两个单独字段的表单?

如果您同时通过两者,则必须实现自己的身份验证管理器。声明时 Spring Security 使用的具体用户详细信息服务jdbc-user-service>JdbcDaoImplwhich implements UserDetailsService。该接口有一个loadUserByUsername(String)显然只接受用户名的方法。

如果您想允许您的用户在一个名为的文本输入中输入电子邮件或移动设备,如果j_username的查询是

... where Is_Blocked = 'N' and Deleted='N' and (Email=? or Mobile=?)
于 2012-12-17T12:37:49.703 回答