j_security_check
對我來說,執行登錄過程似乎不夠。所以,我沒有提交表單到j_security_check,而是創建了自己的servlet,並且以編程方式嘗試登錄。這工作,但我不能重定向到我的受限資源。有誰可以告訴我可能是什麼問題?這是我的servlet的processRequest
方法: -HttpServletRequest#login()在Java中不工作
protected void processRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
try {
String strUsername = request.getParameter("txtusername");
String strPassword = request.getParameter("txtpassword");
if(strUsername == null || strPassword == null || strUsername.equals("") || strPassword.equals(""))
throw new Exception("Username and/or password missing.");
request.login(strUsername, strPassword);
System.out.println("Login succeeded!!");
if(request.isUserInRole(ROLES.ADMIN.getValue())){//enum
System.out.println("Found in Admin Role");
response.sendRedirect("/app/Admin/home.jsf");
}
else if (request.isUserInRole(ROLES.GENERAL.getValue()))
response.sendRedirect("/app/Common/index.jsf");
else //guard
throw new Exception("No role for user " + request.getRemoteUser());
}catch(Exception ex){
//patch work why there needs to be blogger here?
System.out.println("Invalid username and/or password!!");
response.sendRedirect("/app/Common/index.jsf");
}finally {
out.close();
}
}
一切正常,我甚至可以看到消息「發現在管理員角色」,但即使驗證我不能夠重定向我的請求,其他頁面後問題。
如果您使用glassfish,您可以嘗試使用com.sun.appserv.security.ProgrammaticLogin來執行登錄過程 (可在/modules目錄下的security.jar中找到) –
2010-03-23 09:13:54