-1

我使用spring 3.1制作了一个简单的spring mvc应用程序。我的目标是在我的项目中实现spring-security功能。安全部分工作正常,但我在获取用户在我的spring控制器类中输入的用户名时遇到问题(Java班级)。

我知道使用 jsp 很容易,我们曾经通过 request.getParameter("input component name") 来实现这一点,但由于它是春天,我没有使用这种语法在我的控制器中获取值,所以,我决定使用@RequestParam.我附上我的代码。我的jsp页面是login.jsp如下

    <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
      <html>
        <head>
            <title>Login Page</title>
         <style>
           .errorblock {
            color:red;
            background-color: #ffEEEE;
            border: 3px solid #ff0000;
            padding: 8px;
            margin: 16px;
             }
        </style>
       </head>

        <body onload='document.f.j_username.focus();'>
                 <h3>Login with Username and Password (Custom Page)</h3>

<c:if test="${not empty error}">
    <div class="errorblock">
        Your login attempt was not successful, try again.<br /> Caused by:
        ${sessionScope["SPRING_SECURITY_LAST_EXCEPTION"].message}
    </div>
</c:if>

<form name='f' action="<c:url value='j_spring_security_check'/>"
    method='POST'>

    <table>
        <tr>
            <td>User:</td>
            <td><input type='text' name='j_username'>
            </td>
        </tr>
        <tr>
            <td>Password:</td>
            <td><input type='password' name='j_password'/>
            </td>
        </tr>
        <tr>
            <td><input name="submit" type="submit"
                value="Submit" />
            </td>
            <td><input name="reset" type="reset" />
            </td>
        </tr>
    </table>
</form>
   </body>
  </html>

从“j_username”字段中,我们想要获取用户在控制器中输入的值。现在我正在附加名为ContactController.java的控制器类,如下所示

   package com.edifixio.controller;

   import java.util.Map;
   import javax.servlet.http.HttpServletRequest;
   import org.springframework.beans.factory.annotation.Autowired;
   import org.springframework.stereotype.Controller;
   import org.springframework.validation.BindingResult;
   import org.springframework.web.bind.annotation.ModelAttribute;
   import org.springframework.web.bind.annotation.RequestMapping;
   import org.springframework.web.bind.annotation.RequestMethod;
   import org.springframework.web.bind.annotation.RequestParam;
   import com.edifixio.model.Contact;
   import com.edifixio.service.InContactService;

   @Controller
   public class ContactController{

private InContactService inContactService;

public InContactService getInContactService() {
    return inContactService;
}

@Autowired
public void setInContactService(InContactService inContactService) {
    this.inContactService = inContactService;
}

@RequestMapping(value = "/index")
public String login() {
    return "login";
}

@RequestMapping(value = "/loginfailed", method = RequestMethod.GET)
public String loginError() {
    return "login";
}

@RequestMapping(value = "/logout")
public String logout() {
    return "login";
}

@RequestMapping(value = "/welcome", method = RequestMethod.GET)
public String listManagers(Map<String, Object> map,@RequestParam String j_username){
    System.out.println("User="+j_username);
    map.put("contact", new Contact());
    map.put("contactList", inContactService.showAllManager());
    return "allcontact";
}

@RequestMapping(value = "/add", method = RequestMethod.POST)
public String storeManager(@ModelAttribute("contact") Contact contact,
        BindingResult bindingResult) {
    inContactService.addContact(contact);
    return "redirect:/index";
   }
   }

现在我收到以下控制器代码的错误

   public String listManagers(Map<String, Object> map,@RequestParam String j_username){
    System.out.println("User="+j_username);
    map.put("contact", new Contact());
    map.put("contactList", inContactService.showAllManager());
    return "allcontact";
}

我收到错误

   HTTP Status 400 - 

   type Status report

   description: The request sent by the client was syntactically incorrect ().

我尝试使用以下代码来优化错误::

   @RequestMapping(value = "/welcome", method = RequestMethod.GET)
  public String listManagers(Map<String, Object>map,@RequestParam(required=false)   String j_username){
    System.out.println("User="+j_username);
    map.put("contact", new Contact());
    map.put("contactList", inContactService.showAllManager());
    return "allcontact";
}

使用它我能够绕过服务器错误 400,但无法在上述控制器中检索用户名

这是我的spring-security.xml文件

   <beans:beans xmlns="http://www.springframework.org/schema/security"
  xmlns:beans="http://www.springframework.org/schema/beans"    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://www.springframework.org/schema/beans
  http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
  http://www.springframework.org/schema/security
  http://www.springframework.org/schema/security/spring-security-3.1.xsd">

  <http auto-config="true">
    <intercept-url pattern="/login" access="ROLE_ADMIN" />
    <form-login login-page="/login" default-target-url="/welcome"
        authentication-failure-url="/loginfailed" />
    <logout logout-success-url="/logout" />
  </http>

  <authentication-manager>
    <authentication-provider>
        <jdbc-user-service data-source-ref="dataSource"
            users-by-username-query="SELECT user_name,user_password,account_status FROM systemuser WHERE user_name=?"
            authorities-by-username-query="SELECT user_name,authority FROM systemuser WHERE user_name=?"/>
    </authentication-provider>
</authentication-manager>
 </beans:beans>

任何人都可以对此有任何可行的解决方案?????????

4

1 回答 1

0

您不需要处理j_usernamej_password。提交表单时 spring_security 使用 authentication-manager 检查用户名和密码是否有效。如果数据有效,您将被重定向到 Welcome。否则登录失败。如果您在用户身份验证后需要控制器内部的用户名和密码,您可以使用Principal.

@RequestMapping(value = "/welcome", method = RequestMethod.GET)
public String listManagers(Map<String, Object> map, Principal principal){
    System.out.println("User="+principal.getName());
    map.put("contact", new Contact());
    map.put("contactList", inContactService.showAllManager());
    return "allcontact";
}
于 2013-11-11T11:20:32.997 回答