JavaEE - 声明性安全 - 表单登录系统
[英]JavaEE - Declarative Security - Form Login System
问题描述
When I specify a security login system via FORM within web.xml (Tomcat), is there a way to capture an Error or Exception through the informed form-error-page jsp using EL if the authentication isn't succeed? 
当我在web.xml(Tomcat)中通过FORM指定安全登录系统时,如果身份验证不成功,有没有办法通过使用EL的通知form-error-page jsp捕获错误或异常?
I'm asking this because I'm wondering to use the same JSP form specified within form-login-page to serve as the form-error-page jsp, thus the JSTL Core c:if would be useful to capture an eventual Exception through ${not empty pageContext.exception}. 我问这个是因为我想知道使用form-login-page中指定的相同JSP表单作为form-error-page jsp,因此JSTL Core c:如果通过以下方式捕获最终的Exception会很有用$ {not empty pageContext.exception}。
Thanks. 谢谢。
1 个解决方案
解决方案1
5 已采纳 2013-01-04 19:26:21
Just check if it's forwarding to itself (which thus implies that there's an error) on postback. 只需检查它是否在回发时转发给自己(这意味着存在错误)。 You can check that by checking if the javax.servlet.forward.request_uri request attribute (which indicates the request URI as the enduser sees in browser's address bar) doesn't end with /j_security_check while HttpServletRequest#getMethod() equals to POST . 您可以通过检查javax.servlet.forward.request_uri请求属性(指示最终用户在浏览器的地址栏中看到的请求URI)是否以/j_security_check结束而HttpServletRequest#getMethod()等于POST 。
<c:if test="${pageContext.request.method == 'POST' && fn:endsWith(requestScope['javax.servlet.forward.request_uri'], '/j_security_check')}">
<span class="error">Unknown login, please try again.</span>
</c:if>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.