1
我有一個JSF項目,我試圖創建一個登錄頁面,我設法從數據庫獲取用戶名和密碼並驗證它們,我的項目有一個Java bean,託管bean和DAO類,當用戶成功登錄時,我想打印您好先生
< h:outputLabel value="#{mBLogin.user.firstName}" />您好先生正在打印,但名稱不是,雖然當測試我的DAO類時,我打印名稱到控制檯沒有任何問題!有人可以建議我做錯了什麼嗎?JSF EL表達式和Java bean
我的管理bean類:
@ManagedBean
@SessionScoped
public class MBLogin {
User user = new User();
LoginDAO loginDao = new LoginDAO();
public String validteStudent() {
boolean valid = loginDao.validateStudent(user.getUserId(), user.getPassword());
if (valid) {
user.getFirstName();
HttpSession session = SessionUtils.getSession();
session.setAttribute("username", user);
return "admin";
} else {
FacesContext.getCurrentInstance().addMessage(null, new FacesMessage(FacesMessage.SEVERITY_WARN,
"Incorrect Username and Passowrd", "Please enter correct username and Password"));
return "login";
}
}
public void setUser(User user) {
this.user = user;
}
public User getUser() {
return user;
}
}
我的Java Bean類:
@Table(name = "students_info")
public class User {
@Column(name = "std_record_id")
private int id;
@Column(name = "std_id")
private String userId;
@Column(name = "first_name")
private String firstName;
@Column(name = "last_name")
private String lastName;
@Column(name = "web_password")
private String password;
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getFirstName() {
return firstName;
}
public void setFirstName(String firstName) {
this.firstName = firstName;
}
public String getLastName() {
return lastName;
}
public void setLastName(String lastName) {
this.lastName = lastName;
}
public String getUserId() {
return userId;
}
public void setUserId(String userId) {
this.userId = userId;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
我的DAO類:登錄頁面後
public class LoginDAO {
static JKPlainDataAccess dataAccess = JKDataSourceFactory.getPlainDataAccess();
User user;
public boolean validateStudent(String userName, String password) {
user = dataAccess.executeQueryAsSingleObject(User.class, "id,userId,firstName,lastName,password",
"SELECT std_record_id, std_id, first_name, family_name, web_password From students_info WHERE std_id=? and web_password=?",
userName, password);
JK.print("getAllEmployeeRecords() : ", user);
if(user != null) {
System.out.println(user.getFirstName());
System.out.println(user.getLastName());
return true;
}
return false;
}
public static void main(String[] args) {
LoginDAO a = new LoginDAO();
a.validateStudent("200663042001", "1234");
}
}
我XHTML頁面:
<ui:composition template="/WEB-INF/layouts/default.xhtml">
<ui:define name="content">
WELCOME Mr. <h:outputLabel value="#{mBLogin.user.firstName}" />
AND <h:outputLabel value="#{mBLogin.user.lastName}" />
</ui:define>
</ui:composition>
Sidenode:不要將密碼存放在平原文本,你至少應該哈希它們。否則,數據庫泄漏將暴露每個用戶的密碼,這可能是他的「I-have-this-password-everywhere」密碼。 – dognose
@ dognose感謝您的建議,你可以建議一個很好的教程嗎? – Khaled
這是一個很好的:http://howtodoinjava.com/security/how-to-generate-secure-password-hash-md5-sha-pbkdf2-bcrypt-examples/ –