[英]Spring security custom error messages not showing
I was using a tutorial on this link:我在这个链接上使用了一个教程:
http://www.mkyong.com/spring-security/display-custom-error-message-in-spring-security/
http://www.mkyong.com/spring-security/display-custom-error-message-in-spring-security/
To show a custom error message on login form and I got it at the beginning.在登录表单上显示自定义错误消息,我在开始时得到了它。 But after declaring a authentication-failure-handler-ref="myAuthErrorHandler" for a custom failure authenticator handler I can't see it the custom message on the login form:
但是在为自定义失败身份验证器处理程序声明了authentication-failure-handler-ref="myAuthErrorHandler" 之后,我在登录表单上看不到自定义消息:
What I am doing wrong?我做错了什么? Can anybody explain me what happen and why the ' Invalid username or password ' doesn't show?
任何人都可以向我解释发生了什么以及为什么不显示“无效的用户名或密码”?
Here's the code:这是代码:
AuthentificationListener认证监听器
public class AuthentificationListener implements AuthenticationFailureHandler {
@Override
public void onAuthenticationFailure(HttpServletRequest request,
HttpServletResponse response, AuthenticationException ae)
throws IOException, ServletException {
UsernamePasswordAuthenticationToken user = (UsernamePasswordAuthenticationToken) ae
.getAuthentication();
/* User */
response.sendRedirect(request.getContextPath()
+ "/abc/main/loginfailed");
}
} }
applicationContext.xml:应用上下文.xml:
<bean id="myAuthErrorHandler" class="org.abc.handler.AuthentificationListener"/>
Spring Security:春季安全:
<http auto-config="true">
<intercept-url pattern="/abc/main/welcome*" access="ROLE_USER" />
<intercept-url pattern="/abc/main/record/**" access="ROLE_USER" />
<form-login
login-page="/abc/main/login"
authentication-failure-handler-ref="myAuthErrorHandler"
default-target-url="/abc/main/welcome"
/>
<logout logout-success-url="/abc/main/logout" />
</http>
login.jsp:登录.jsp:
<c:if test="${not empty error}">
<div class="errorblock">
Your login attempt was not successful, try again.<br /> Caused :
${sessionScope["SPRING_SECURITY_LAST_EXCEPTION"].message}
</div>
</c:if>
LoginController.java:登录控制器.java:
@RequestMapping(value="/loginfailed", method = RequestMethod.GET)
public String loginerror(ModelMap model) {
model.addAttribute("error", "true");
return "login";
}
Update: To answer on Mani answer, I'm using a LoginController , which redirects loginfailed requests to login.jsp and is sending an ' error ' attribute with the ' true ' value.更新:为了回答 Mani 的答案,我使用了LoginController ,它将loginfailed请求重定向到login.jsp并发送一个带有 ' true ' 值的 ' error ' 属性。 The problem is I can't see the message on the login.jsp using this expression:
问题是我无法使用以下表达式在login.jsp上看到消息:
${sessionScope["SPRING_SECURITY_LAST_EXCEPTION"].message}
Any Idea?任何的想法? Thank You very much!
非常感谢!
On Failure of Authendication, you have asked to redirect to different Page.在身份验证失败时,您已要求重定向到不同的页面。
response.sendRedirect(request.getContextPath()
+ "/abc/main/loginfailed");
your loginfailed jsp not displayed ?您的 loginfailed jsp 未显示? it doesn't has div like errorblock in login page ?
它在登录页面中没有类似 errorblock 的 div 吗? are you seeing different error in loginfailed.jsp ?
您是否在 loginfailed.jsp 中看到不同的错误?
EDIT:编辑:
Ok I got it .好,我知道了 。 Before
authentication-failure-handler-ref="myAuthErrorHandler"
Spring Handles the failure case and placed message in Session with the key SPRING_SECURITY_LAST_EXCEPTION
.在
authentication-failure-handler-ref="myAuthErrorHandler"
Spring 之前处理失败的情况,并在 Session 中放置了带有密钥SPRING_SECURITY_LAST_EXCEPTION
消息。
After adding the failure handler ie添加失败处理程序后,即
authentication-failure-handler-ref="myAuthErrorHandler"
You have to handle the error.你必须处理错误。 You can set the message in session.
您可以在会话中设置消息。 or simply call the
super.onAuthenticationFailure
.或者简单地调用
super.onAuthenticationFailure
。 Your handler is not doing anything !!!你的处理程序没有做任何事情!!!
<div style="color: red">
Your login attempt was not successful, try again.<br /> Caused :
${sessionScope["SPRING_SECURITY_LAST_EXCEPTION"].message}
</div>
use this, remove form login.jsp使用这个,删除表单 login.jsp
create a properties file name as创建一个属性文件名作为
and save it and place into your project classpath并将其保存并放入您的项目类路径中
and add the the bean in your spring-contex.xml并在 spring-contex.xml 中添加 bean
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basenames">
<list>
<value>mymessages</value>
</list>
</property>
</bean>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.