春季MVC應用程序與Hibernate。在一個login.jsp頁面春季+冬眠輸入數據庫驗證
@Service
public class UserServiceImpl implements UserService {
@Autowired
UserDao userDao;
@Autowired
private SessionFactory sessionFactory;
@Override
public boolean save(User user) {
return userDao.save(user);
}
@Override
public void update(User user) {
userDao.update(user);
// return this.userDao.update(user);
}
@Override
@Transactional
public User findById(int id) {
return this.userDao.findById(id);
}
@Override
@Transactional
public List<User> listPersons() {
return this.userDao.listPersons();
}
@Override
@Transactional
public User deleteUser(int id) {
return userDao.deleteUser(id);
}
public boolean validateUser(int id) {
List<User> list= (List<User>) findById(id);
return false;
}
public User validateUser(User user) {
Session session = this.sessionFactory.getCurrentSession();
String query = "select u.name, u.password from User as u where u.name='"+ user.getName() + "' and u.password='"
+ user.getPassword() + "'";
session.createQuery(query);
ResultSet rs = (ResultSet) session.createQuery (query);
try {
if (rs.next()){
return user;
} else
return user;
} catch (SQLException e) {
e.printStackTrace();
}
return user;
}
}
My UserServiceImpl class has a method to validate the user input[ password and userID];
用戶登錄填寫此表格:
<body>
Welcome back!
<br> Only Registered user can log in...
<br>
<br>
<form:form action="admin" modelAttribute="user" method="POST">
<table border="1">
<tr>
<td><form:label path="userId">Your Id:- </form:label></td>
<td><form:input path="userId" /></td>
</tr>
<tr>
<td><form:label path="password">Password:- </form:label></td>
<td><form:input path="password" /></td>
</tr>
<tr>
<td><form:label path="role">Select Log in role as a:- </form:label></td>
<td><form:select path="role">
<form:option value="NONE" lable="---SELECT---">Please Select</form:option>
<form:options items="${roles}" />
</form:select></td>
<td><input type="submit" value="Login" /></td>
</tr>
</table>
</form:form>
</body>
的形式去contrroller:
@RequestMapping(value = "/admin", method = RequestMethod.POST)
public String LoggedUser(@ModelAttribute("user") User user, BindingResult result, Model model) {
// get the role, id and pw value from jsp
String role = user.getRole();
String loadedPW = user.getPassword();
String loadedUId = user.getUserId();
// want to check password and userId here again Db
//loadedPW.
//directing to admin page and gen page
if (role.equalsIgnoreCase("Admin") || role.equalsIgnoreCase("Principal")) {
return "adminPage";
} else
return "genPage";
}
我的用戶對象是
@Entity
@Table(name = "USER")
public class User implements Serializable {
private static final long serialVersionUID = 1L;
@Id
@Column(name = "ID")
@GeneratedValue(strategy = GenerationType.AUTO)
private int id;
@Column(name = "NAME")
private String name;
@Column(name = "USER_ID")
private String userId;
@Column(name = "PASSWORD")/*
@NotNull(message="Please select a password")
@Length(min=5, max=10, message="Password should be between 5 - 10 charactes")*/
private String password;
@Column(name = "EMAIL")
private String email;
@Column(name = "ROLE")
private String role;
@Column(name = "DEPARTMENT")
private String department;
@Column(name = "RID")
private int rid;
public int getRid() {
return rid;
}
public void setRid(int rid) {
this.rid = rid;
}
@ManyToOne
@JoinTable(name = "user_roles", joinColumns = {
@JoinColumn(name = "user_id", referencedColumnName = "id") }, inverseJoinColumns = {
@JoinColumn(name = "roles_id", referencedColumnName = "id") })
/*@ManyToOne(cascade=CascadeType.ALL)*/
public Roles roles;
public Roles getRoles() {
return roles;
}
public void setRoles(Roles roles) {
this.roles = roles;
}
// no arg constructor
public User() {
//getters and setters ........
}
如何驗證密碼和用戶名輸入login.jsp對我的用戶表? 我必須使用JDBC結果集還是有其他更好的方法來驗證用戶輸入?我在Spring MVC 4.x中使用了Hibernate 4.3x。
Spring Security不會去遠程數據庫進行密碼驗證,而是在配置文件本身中存儲用戶名/密碼組合。但是我希望它像更多的實時應用程序一樣,其中一些用戶服務從遠程數據庫中獲取數據。 – javaz
不,您需要將遠程數據庫主機名,端口,dbname,userid,pwd配置爲數據源屬性的一部分,就是這樣 – developer