I've created simple web app with registration&login based on sessions in Spring MVC 3, which fully worked when I was using JSTL to display values. Then, I've added Freemarker and something gone wrong. There's new UserSession object created for every request, so I can't store information.
Some code:
dispatcher-servlet.xml:
<context:component-scan base-package="com.revicostudio.web" />
<mvc:annotation-driven />
<bean id="freemarkerConfig" class="org.springframework.web.servlet.view.freemarker.FreeMarkerConfigurer">
<property name="templateLoaderPath" value="/WEB-INF/ftl/"/>
<property name="freemarkerVariables">
<map>
<entry key="xml_escape" value-ref="fmXmlEscape"/>
</map>
</property>
</bean>
<bean id="viewResolver" class="org.springframework.web.servlet.view.freemarker.FreeMarkerViewResolver">
<property name="cache" value="true"/>
<property name="prefix" value=""/>
<property name="suffix" value=".jsp"/>
<property name="exposeSpringMacroHelpers" value="true"/>
<property name="exposeRequestAttributes" value="true"/>
<property name="exposeSessionAttributes" value="true"/>
<property name="exposePathVariables" value="true"/>
</bean>
<bean id="fmXmlEscape" class="freemarker.template.utility.XmlEscape"/>
IndexController:
@Controller
@RequestMapping("/index")
public class IndexController {
@RequestMapping(method=RequestMethod.GET)
public String getIndex(Model model, UserSession userSession) {
model.addAttribute("userSession", userSession);
return "index";
}
@ModelAttribute("userRegisterCredentials")
public UserRegisterCredentials getUserRegisterCredentials() {
return new UserRegisterCredentials();
}
@ModelAttribute("userLoginCredentials")
public UserLoginCredentials getUserLoginCredentials() {
return new UserLoginCredentials();
}
}
LoginController:
@Controller
@RequestMapping("/login")
public class LoginController {
@Autowired
private UsersDatabaseService usersDatabaseService;
@RequestMapping(method = RequestMethod.POST)
public String login(
@ModelAttribute UserLoginCredentials userLoginCredentials,
UserSession userSession,
final RedirectAttributes redirectAttributes)
{
int failedLoginAttempts = userSession.getFailedLoginAttempts();
if (failedLoginAttempts < LoginConfig.maxLoginTries ||
System.currentTimeMillis()-userSession.getFailedLoginsWaitTimeStart() > LoginConfig.failedLoginsWaitMinutes*60*1000) {
if (usersDatabaseService.isValidPassword(userLoginCredentials.getUsername(), userLoginCredentials.getPassword())) {
userSession.setUser(usersDatabaseService.getUser(userLoginCredentials.getUsername()));
userSession.setFailedLoginsWaitTimeStart(System.currentTimeMillis());
}
else {
failedLoginAttempts++;
if (failedLoginAttempts == LoginConfig.maxLoginTries) {
redirectAttributes.addFlashAttribute("error",
"You've entered invalid username or password more than "
+ LoginConfig.maxLoginTries + " times. Try again in "
+ LoginConfig.failedLoginsWaitMinutes +" minutes.");
}
else {
redirectAttributes.addFlashAttribute("error", "Invalid username or password");
userSession.setFailedLoginAttempts(failedLoginAttempts);
System.out.println(failedLoginAttempts);
}
}
}
else {
redirectAttributes.addFlashAttribute("error",
"You've entered invalid username or password more than "
+ LoginConfig.maxLoginTries + " times. Try again in "
+ LoginConfig.failedLoginsWaitMinutes +" minutes.");
}
return "redirect:/";
}
}
UserSession.java:
@Scope("session")
@Data
@AllArgsConstructor
@NoArgsConstructor
public class UserSession {
private User user;
private int failedLoginAttempts;
private long failedLoginsWaitTimeStart;
private long created = System.currentTimeMillis();
}
The problem was fixed by removing "UserSession userSession" parameter from getIndex() method. Dunno why it caused the problem..
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.