[英]GWT - login form - browser always asks to remember password event if user/password is incorrect
I have a simple GWT login form and a java servlet used for a simple user login. 我有一个简单的GWT登录表单和一个用于简单用户登录的java servlet。 I am using form submit completion event to handle the response, without redirecting to the action target URL, and I want to handle the answer (password incorrect or all OK or any other custom behavior) on the client side and then take appropriate action. 我正在使用表单提交完成事件来处理响应,而没有重定向到操作目标URL,并且我想在客户端处理答案(密码错误或所有OK或任何其他自定义行为),然后采取适当的措施。 If login is OK, then the browser should ask to remember username and password. 如果登录正常,则浏览器应要求记住用户名和密码。
The issue is that for every response, regardless if the username + password combination is correct, the browser always asks to remember them. 问题在于,对于每个响应,无论用户名和密码组合是否正确,浏览器都会始终要求记住它们。 Any advice? 有什么建议吗? I don't want to load another page because I want to keep the same GWT state. 我不想加载其他页面,因为我想保持相同的GWT状态。 I also tried sending response codes 400 or 401 but it doesn't work (tested in Chrome). 我也尝试发送响应代码400或401,但是它不起作用(在Chrome中测试)。
See code below: 参见下面的代码:
GWT onModuleLoad(): GWT onModuleLoad():
final FormPanel formPanel = new FormPanel();
formPanel.setEncoding(FormPanel.ENCODING_URLENCODED);
formPanel.setMethod(FormPanel.METHOD_POST);
VerticalPanel verticalPanel = new VerticalPanel();
verticalPanel.add(new Label("Username"));
TextBox userid = new TextBox();
userid.setName("username");
verticalPanel.add(userid);
verticalPanel.add(new Label("Password"));
PasswordTextBox passwd = new PasswordTextBox();
passwd.setName("password");
verticalPanel.add(passwd);
verticalPanel.add(new Button("Submit", new ClickHandler() {
@Override
public void onClick(ClickEvent event) {
formPanel.submit();
}
}));
formPanel.add(verticalPanel);
formPanel.setAction("/login");
formPanel.addSubmitHandler(new FormPanel.SubmitHandler() {
public void onSubmit(SubmitEvent event) {
}
});
formPanel.addSubmitCompleteHandler(new FormPanel.SubmitCompleteHandler() {
public void onSubmitComplete(SubmitCompleteEvent event) {
GWT.log(event.getResults());
}
});
RootPanel.get().add(formPanel);
Java Servlet test: Java Servlet测试:
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String username = req.getParameter("username");
String password = req.getParameter("password");
resp.setContentType("text/plain");
System.out.println("Login request for " + username + " / " + password);
if (username.equals("test1234")) {
// send test response to output
printMessageToOutputStream(resp, "OK", true, true);
}
else {
resp.setStatus(HttpServletResponse.SC_FORBIDDEN); // not working for 400,401,403
printMessageToOutputStream(resp, "NOK", false , true);
}
}
EDIT: I tried also status 403 (Forbidden) and it is not working (I updated the code snippet) 编辑:我也尝试了状态403(禁止),它不起作用(我更新了代码段)
Seems like you always return a 200 http code, causing the browser to think that everything is OK even when the password is wrong. 好像您总是返回200 http代码,导致浏览器认为即使密码错误,一切都还可以。
I fixed your snippet: 我修复了您的代码段:
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String username = req.getParameter("username");
String password = req.getParameter("password");
resp.setContentType("text/plain");
System.out.println("Login request for " + username + " / " + password);
if (username.equals("test1234")) {
// send test response to output
printMessageToOutputStream(resp, "OK", true, true);
}
else {
// Hey browser, authentication failed
resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
printMessageToOutputStream(resp, "NOK", false , true);
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.