如何使用 spring security 2.0 在我的 JSP 页面中显示错误消息
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/3843913/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to display error message in my JSP page using spring security 2.0
提问by David He
Hi I am now using spring security. It works fine. But if login failed, no error message display. I am wondering how can I display error message?
嗨,我现在正在使用 spring 安全性。它工作正常。但如果登录失败,则不会显示错误消息。我想知道如何显示错误消息?
I have configured the ResourceBundleMessageSource in my applicationContext.xml
我已经在 applicationContext.xml 中配置了 ResourceBundleMessageSource
<!-- Spring security error message config -->
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basenames">
<list>
<value>messages</value>
</list>
</property>
</bean>
And my security-config.xml
还有我的 security-config.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:David="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-2.0.xsd">
<David:http auto-config="true" access-denied-page="/accessDenied.html">
<!-- Don`t set any role restriction on login.jsp -->
<David:intercept-url pattern="/login.jsp"
access="IS_AUTHENTICATED_ANONYMOUSLY" />
<!-- Restrict access to All other pages -->
<David:intercept-url pattern="/admin.jsp"
access="ROLE_ADMIN" />
<!-- Set the login page and what to do if login fails -->
<David:form-login login-page="/login.jsp"
default-target-url="/"/>
<David:logout logout-success-url="/" />
</David:http>
<!-- Specify login examnination strategy -->
<David:authentication-provider>
<David:password-encoder hash="md5" />
<David:jdbc-user-service
data-source-ref="dataSource"
users-by-username-query="select username, password, status as enabled from user where username=?"
authorities-by-username-query="select u.username,r.name as authority
from user u
join user_role ur
on u.id=ur.user_id
join role r
on r.id=ur.role_id
where u.username=?" />
</David:authentication-provider>
</beans>
My jsp page:
我的jsp页面:
<%@ page contentType="text/html;charset=utf-8"%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ page
import="org.springframework.security.ui.AbstractProcessingFilter"%>
<%@ page
import="org.springframework.security.ui.webapp.AuthenticationProcessingFilter"%>
<%@ page import="org.springframework.security.AuthenticationException"%>
<form id="myform" class="cmxform" method="post"
action="${pageContext.request.contextPath}/j_spring_security_check">
<fieldset>
<legend>
Please input correct username and password to login
</legend>
<p>
<label for="user">
Username:
</label>
<input id="user" name="j_username" />
</p>
<p>
<label for="pass">
Password:
</label>
<input type="password" name="j_password" id="password" />
</p>
<p>
<input type="submit" class="submit" value="Login" />
</p>
</fieldset>
</form>
Any suggestions? Any help will be appreciated.
有什么建议?任何帮助将不胜感激。
采纳答案by Raghuram
回答by Keith
<c:if test="${not empty param.login_error}">
<div class="error">
Your login attempt was not successful, try again.<br />
Reason: #{sessionScope.SPRING_SECURITY_LAST_EXCEPTION.message}
</div>
</c:if>
回答by Bruno Lee
This works
这有效
<c:if test="${param.error != null}">
Error
</c:if>
回答by HSY
Maybe you can try this...put
也许你可以试试这个……放
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
for c tag on jsp page, and then put something like below for error msg display
为jsp页面上的c标签,然后将类似下面的内容用于错误信息显示
<c:when test="${param.error == 1}">
<h3 style="font-size:20; color:#FF1C19;">Wrong id or password!</h3>
</c:when>
"param.error == 1" can get return value from Spring Security(security-config.xml) like
"param.error == 1" 可以从 Spring Security(security-config.xml) 获取返回值,如
<beans:bean id="authenticationFailureHandler" class="org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler">
<beans:property name="exceptionMappings">
<beans:props>
<beans:prop key="org.springframework.security.core.userdetails.UsernameNotFoundException">/login.action?error=1</beans:prop>
</beans:props>
</beans:property>
</beans:bean>
回答by Mustapha Raji
This worked for me :
这对我有用:
<c:if test="${not empty sessionScope.SPRING_SECURITY_LAST_EXCEPTION}">
<div class="error">
Your login attempt was not successful, try again.<br />
Reason: ${sessionScope.SPRING_SECURITY_LAST_EXCEPTION.message}
</div>
</c:if>
回答by Jyothrilinga K
I am using spring-security v 4.0.3.RELEASE
我正在使用 spring-security v 4.0.3.RELEASE
Using the not emptydid not work for me. However checking for nullworked for me.
使用not empty对我不起作用。但是检查null对我有用。
<c:if test="${ param.error ne null}">
Display error message
</c:if>
