我正在我的应用程序中实现身份验证功能。当凭据无效时,我想在同一个登录页面上移动,但填充了 j_username 文本字段。但我认为没有办法做到这一点。
我的登录.jsp:
<html>
<head> <!-- connecting javascripts and styles --> </head>
<body>
<c:set var="base" value="/myProject" />
<form:form commandName="loginUser" method="POST" action="${base}/j_spring_security_check">
<h3 align="center"><spring:message code="login.header" /></h3>
<table>
<tr>
<td align="right"><spring:message code="login.label.login" /></td>
<td><input type="text" name="j_username" /></td>
<td><div id="j_username" class="errors"><span id="j_username_stub"/><form:errors path="login" /></div></td>
</tr>
<tr>
<td align="right"><spring:message code="login.label.password" /></td>
<td><input type="password" name="j_password" /></td>
<td><div id="j_password" class="errors"><span id="j_password_stub"/></div></td>
</tr>
<tr>
<td align="right"><spring:message code="login.label.rememberme" /></td>
<td><input type="checkbox" name="_spring_security_remember_me" /></td>
</tr>
<tr>
<td align="right"><input type="submit" value="<spring:message code="login.button.login" />" /></td>
</tr>
</table>
</form:form>
</html>
我的spring-security.xml:
<security:http pattern="/static/**" security="none" />
<security:http use-expressions="true" authentication-manager-ref="authenticationManager">
<security:http-basic />
<security:intercept-url pattern="/jsp/login*" access="permitAll" />
<security:intercept-url pattern="/jsp/admin/**" access="isAuthenticated()" />
<security:form-login
login-page="/"
default-target-url="/jsp/admin/admin.jsp"
authentication-failure-url="/loginFailed"/>
<security:logout logout-url="/logout" invalidate-session="true" delete-cookies="true" logout-success-url="/" />
<security:anonymous username="guest" granted-authority="ROLE_ANONYMOUS"/>
<security:remember-me key="sparkBitAuthToken" token-validity-seconds="864000" />
</security:http>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider user-service-ref="userDetailsService">
<security:password-encoder ref="encoder"/>
</security:authentication-provider>
</security:authentication-manager>
<bean id="encoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/> <!-- bCrypt encoder -->
<bean id="userDetailsService" class="com.myproject.web.authentication.SparkBitUserDetailsService" />
我的登录控制器:
@Controller
@RequestMapping("/")
public class LoginController {
@RequestMapping
public String getLoginPage() {
return "login";
}
@RequestMapping(value= "/loginFailed")
public String getLoginPageOnError(Model model, @ModelAttribute("loginUser") LoginUserBean entity, BindingResult result, HttpServletRequest request) {
result.rejectValue("login", "error.login.credentials", "Invalid credentials ...");
return "login";
}
}
在我的控制器中,我没有填写表格的数据
此外,在不加载 JavaScript 的情况下,我在无效凭据页面刷新时陷入困境。有什么问题?
谢谢指教