1. 首頁
  2. 問答
  3. 春季安全帳戶鎖定

春季安全帳戶鎖定

2010-01-26 76 views
2

您好我有一個使用Spring Webflow和Spring Security的j2ee應用程序。我想執行一個帳戶鎖定,以便在三次密碼失敗後,帳戶將被鎖定。我如何實現這一點。春季安全帳戶鎖定

來源

2010-01-26 cedric

回答

4

你能用AuthenticationFailureHandler嗎?這種方法在Acegi FAQ中提出(見常見問題#3)。

來源

2010-01-26 07:07:02 John

+0

我註冊了一個bean的實現應用程序的處理,並檢查AuthenticationFailureHandler實例 – cedric 2010-01-27 06:10:15

0

您可以使用AuthenticationFailureHandler

public class MySimpleAuthenticationFailureHandler implements 
AuthenticationFailureHandler { 

private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); 

public MySimpleAuthenticationFailureHandler() { 
     super(); 
    } 
public void onAuthenticationFailure(HttpServletRequest request, 
     HttpServletResponse response, AuthenticationException exception) 
       throws IOException, ServletException { 

    String message = ""; 

    if(exception instanceof UsernameNotFoundException) { 
     message = "UsernameNotFoundException"; 
    } else if(exception instanceof AuthenticationCredentialsNotFoundException) { 
     message = "AuthenticationCredentialsNotFoundException"; 
    }else if(exception instanceof InsufficientAuthenticationException) { 
     message = "InsufficientAuthenticationException"; 
    }else if(exception instanceof AccountExpiredException) { 
     message = "AccountExpiredException"; 
    }else if(exception instanceof CredentialsExpiredException) { 
     message = "CredentialsExpiredException"; 
    }else if(exception instanceof DisabledException) { 
     message = "DisabledException"; 
    }else if(exception instanceof LockedException) { 
     message = "LockedException"; 
    }else if(exception instanceof BadCredentialsException) { 
     message = "BadCredentialsException"; 
    }else{ 
     message = exception.getMessage(); 
    } 
    final HttpSession session = request.getSession(); 
    session.setAttribute("errorMessage", message); 
    redirectStrategy.sendRedirect(request, response, "/login?error="+message); 
} 

}

來源

2017-02-26 18:42:52 Ashutosh

相關問題

 相關問題