如图所示 Performing user authentication in Java EE / JSF using j_security_check 和 this blog post 我正在尝试使用程序化登录登录我的服务器,但我遇到了一些困难。 我首先使用标准FORM方法实现它,一切正常(因此服务器应该正确配置) 但是在用上面显示的方法实现它之后,我再也无法登录了。 我确信注册是正确的,因为我可以在数据库中看到正确的信息。
这是我的bean代码
@ManagedBean(name="logBean")
@ViewScoped
public class LogBean {
private String email;
private String password;
private String originalURL;
@EJB
private UserCredentialManager userMgr;
@PostConstruct
public void init() {
ExternalContext externalContext = FacesContext.getCurrentInstance()
.getExternalContext();
originalURL = (String) externalContext.getRequestMap().get(
RequestDispatcher.FORWARD_REQUEST_URI);
if (originalURL == null) {
originalURL = externalContext.getRequestContextPath()
+ "/home.xhtml";
} else {
String originalQuery = (String) externalContext.getRequestMap()
.get(RequestDispatcher.FORWARD_QUERY_STRING);
if (originalQuery != null) {
originalURL += "?" + originalQuery;
}
}
}
public String login() throws IOException {
FacesContext context = FacesContext.getCurrentInstance();
ExternalContext externalContext = context.getExternalContext();
HttpServletRequest request = (HttpServletRequest) externalContext.getRequest();
try {
request.login(email, password);
System.out.println("Login Succesfull: " + email);
if(originalURL == null) {
UserDTO userDTO = userMgr.getUserDTO();
if(userDTO.getIsClient()) {
return "/cliente/index.xhtml?faces-redirect=true";
} else {
return "/impiegato/index.xhtml?faces-redirect=true";
}
} else {
return originalURL + "?faces-redirect=true";
}
} catch (ServletException e) {
return "/loginError.xhtml?faces-redirect=true";
}
}
public String logout() throws IOException {
ExternalContext externalContext = FacesContext.getCurrentInstance().getExternalContext();
HttpServletRequest request = (HttpServletRequest) externalContext.getRequest();
try {
request.logout();
externalContext.invalidateSession();
} catch (ServletException e) {
// TODO gestisci il fallimento di logout.
// Probabilmente manda un messaggio.
System.out.println("Logout failed for " + request.getUserPrincipal().getName());
}
return "/home?faces-redirect=true";
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
这是login.xhtml
<h:head>
<title>Login</title>
</h:head>
<h:body>
<p:panel header="Login Form">
<h:panelGrid colums = "2" id = "login_grid">
<h:outputLabel for="email">Email:</h:outputLabel>
<p:inputText id="email" value="#{logBean.email}" />
<h:outputLabel for="password">Password:</h:outputLabel>
<p:password id="password" value="#{logBean.password}" label="Password"/>
</h:panelGrid>
<p:commandButton value="Log In" update="login_grid"
action="#{logBean.login()}" />
<h:form rendered="#{param['cliente']}">
<h:link value="Register" outcome="register" />
</h:form>
</p:panel>
</h:body>
</html>
这是web.xml
<login-config>
<auth-method>FORM</auth-method>
<realm-name>travelDreamRealm</realm-name>
<form-login-config>
<form-login-page>/login.xhtml</form-login-page>
<form-error-page>/loginError.xhtml</form-error-page>
</form-login-config>
</login-config>
每当我尝试访问受保护的页面时,我都被正确地重定向到登录页面,但不幸的是,登录永远不会成功。我究竟做错了什么?我怀疑web.xml有什么东西,但我没有找到一个单独的信息,我应该设置什么标签以及如何设置。
我总是得到WEB9102: Web Login Failed: com.sun.enterprise.security.auth.login.common.LoginException: Login failed: Security Exception
我正在使用glassfish 4.0,java ee 6
答案 0 :(得分:0)
您是否在调试中运行并检查了传递给 request.login()方法的电子邮件和密码的变量值? 我的项目中有完全相同的代码,它就像一个魅力。