1. 首頁
  2. 問答
  3. HttpServletRequest#login()在Java中不工作

HttpServletRequest#login()在Java中不工作

2010-03-20 24 views
1

j_security_check對我來說,執行登錄過程似乎不夠。所以,我沒有提交表單到j_security_check,而是創建了自己的servlet,並且以編程方式嘗試登錄。這工作,但我不能重定向到我的受限資源。有誰可以告訴我可能是什麼問題?這是我的servlet的processRequest方法: -HttpServletRequest#login()在Java中不工作

protected void processRequest(HttpServletRequest request, HttpServletResponse response) 
    throws ServletException, IOException { 
     response.setContentType("text/html;charset=UTF-8"); 
     PrintWriter out = response.getWriter(); 
     try { 
      String strUsername = request.getParameter("txtusername"); 
      String strPassword = request.getParameter("txtpassword"); 
      if(strUsername == null || strPassword == null || strUsername.equals("") || strPassword.equals("")) 
       throw new Exception("Username and/or password missing."); 
      request.login(strUsername, strPassword); 
      System.out.println("Login succeeded!!"); 

      if(request.isUserInRole(ROLES.ADMIN.getValue())){//enum 
       System.out.println("Found in Admin Role"); 
       response.sendRedirect("/app/Admin/home.jsf"); 

      } 
      else if (request.isUserInRole(ROLES.GENERAL.getValue())) 
       response.sendRedirect("/app/Common/index.jsf"); 
      else //guard 
       throw new Exception("No role for user " + request.getRemoteUser()); 


     }catch(Exception ex){ 
      //patch work why there needs to be blogger here? 
      System.out.println("Invalid username and/or password!!"); 
      response.sendRedirect("/app/Common/index.jsf"); 
     }finally { 
      out.close(); 
     } 
    }

一切正常,我甚至可以看到消息「發現在管理員角色」,但即使驗證我不能夠重定向我的請求,其他頁面後問題。

來源

2010-03-20 TCM

回答

1

我不知道,但我認爲這個問題是

https://glassfish.dev.java.net/issues/show_bug.cgi?id=11340

來源

2010-03-23 05:20:00

+0

如果您使用glassfish,您可以嘗試使用com.sun.appserv.security.ProgrammaticLogin來執行登錄過程 (可在/modules目錄下的security.jar中找到) – 2010-03-23 09:13:54

0

刪除那些行,他們不屬於那裏:

response.setContentType("text/html;charset=UTF-8"); 
    PrintWriter out = response.getWriter(); 


 out.close();

如果關閉OutputStream,重定向不能發生。您實際上應該在服務器日誌中看到一個IllegalStateException: Response already committed

來源

2010-03-20 12:37:52 BalusC

+0

嗨BalusC, 的刪除這些三線並不能幫助仍然是主題。它仍然不會重定向我。以下是我在Glassfish管理控制檯中獲得的內容: - FINE:[Web-Security]檢查與主管的Web權限:nitesh,Admin FINE:[Web-Security] Web Permission =(javax.security.jacc.WebRoleRefPermission AuthenticationCheck Admin ) FINE:[網絡安全] hasRoleRef燙髮:(javax.security.jacc.WebRoleRefPermission AuthenticationCheck管理員) FINE:[網絡安全] hasRoleRef isGranted:真 信息:在管理角色找到 – TCM 2010-03-20 14:07:16

+0

FINE:SecurityContext的:所謂setCurrentSecurityContext方法 FINE:[Web-Security]策略上下文ID是:Blogger/Blogger FINE:[Web-Security] hasUserDataPermission perm:(javax.security.jacc.WebUserDataPermission /Admin/home.xhtml GET) FINE:[Web-Security ]擁有用戶taPermission isGranted:true FINE:[Web-Security]策略上下文ID爲:Blogger/Blogger FINE:[Web-Security]爲權限檢查生成保護域。 FINE:[Web-Security] Codesource with Web URL:file:/ Blogger/Blogger FINE:[Web-Security]檢查與主體的Web權限:null – TCM 2010-03-20 14:07:53

+0

FINE:[Web-Security] Web Permission =(javax.security。 jacc.WebResourcePermission /Admin/home.xhtml GET) FINE:[網絡安全] hasResource isGranted:假 FINE:[網絡安全] hasResource燙髮:(javax.security.jacc.WebResourcePermission /Admin/home.xhtml GET) FINE:[Web-Security]策略上下文ID是:Blogger/Blogger FINE:[Web-Security] hasUserDataPermission perm:(javax.security.jacc.WebUserDataPermission /Common/index.jsf GET) FINE:[Web-Security ] hasUserDataPermission isGranted:true 請幫我BalusC! – TCM 2010-03-20 14:08:29

相關問題

 相關問題