我使用基于 Liferay 的网站并尝试实现一个登录挂钩,以防止用户在某些条件下登录。我想让它尽可能简单,例如:
@Override
public void run(HttpServletRequest request, HttpServletResponse response) throws ActionException
{
if (condition)
{
//redirect to login page, send a message back but just don't let the user login
//but don't block or ban him either.
}
}
它必须看起来像一个错误的密码错误,但它必须在门户端,在用户甚至登录之前(因此 PreLoginAction 类)
编辑:好的,我使用注销和重定向方法返回登录页面。但我仍然想生成一条错误消息。我试过这样
@Override
public void run(HttpServletRequest request, HttpServletResponse response) throws ActionException
{
if (condition)
{
SessionErrors.add(request, "error");
response.sendRedirect("/c/portal/logout");
}
}
对于 login.jsp,我添加了第一行,但我猜它对于登录操作的工作方式不一样。没有错误信息显示
<liferay-ui:error key="error" message="this-account-has-been-locked" />
<liferay-ui:error exception="<%= AuthException.class %>" message="authentication-failed" />
<liferay-ui:error exception="<%= CompanyMaxUsersException.class %>" message="unable-to-login-because-the-maximum-number-of-users-has-been-reached" />
<liferay-ui:error exception="<%= CookieNotSupportedException.class %>" message="authentication-failed-please-enable-browser-cookies" />
<liferay-ui:error exception="<%= NoSuchUserException.class %>" message="authentication-failed" />
<liferay-ui:error exception="<%= PasswordExpiredException.class %>" message="your-password-has-expired" />
<liferay-ui:error exception="<%= UserEmailAddressException.class %>" message="authentication-failed" />
<liferay-ui:error exception="<%= UserLockoutException.class %>" message="this-account-has-been-locked" />
<liferay-ui:error exception="<%= UserPasswordException.class %>" message="authentication-failed" />
<liferay-ui:error exception="<%= UserScreenNameException.class %>" message="authentication-failed" />
还有其他方法吗?我也试过这条线
request.getSession().setAttribute("loginError", "failure message");
并试图${loginError}
在jsp中阅读,但它也不起作用。