虽然感觉饶了很大弯.应该有更容易的办法,但是自我处理成功后还是很高兴的,特此记录一下;
由于测试提的一个bug是登陆时候密码错误需要弹出一个错误信息,出现错误的弹框提示;
现在的usernamefilter的处理是:
成功->重定向到登陆成功首页;失败->重定向到登陆页面;
最初的想法是重定向到登陆页面的时候携带参数;但是后来突然的就想进行ajax提交.通过ajax返回的参数来进行重新的页面跳转;
参考上一篇文章,处理了request域中的json数据;现在主要处理的是成功/失败的handler处理;
下面是代码:
1.js:
var base_url = '${base_url}';
$("#form-btn").click(function(){
var username = $("#userName").val();
var password = $("#password").val();
var company = $("#company").val();
var data = {
userName : username,
password : password,
company : company
}
$.ajax({
type:"post",
dataType: 'json',
url: base_url + "/login",
data: JSON.stringify(data),
success:function(res){
if(res.resultCode == 500){
layer.msg(res.msg);
}else{
location.href = base_url;
}
},
error : function(XMLHttpRequest, textStatus, errorThrown) {
if(XMLHttpRequest.readyState == 0) {
//here request not initialization, do nothing
} else if(XMLHttpRequest.readyState == 4 && XMLHttpRequest.status == 0){
layer.msg("服务器忙,请重试!");
} else {
layer.msg("系统异常,请联系系统管理员!");
}
}
})
})
2.初始化usernamepasswordfilter时初始化成功和失败的handler:
public KylinUserNamePasswordFilter() {
super(new AntPathRequestMatcher("/login", "POST"));
KylinAuthenticationFailureHandler failureHadler = new KylinAuthenticationFailureHandler("/views/loginPage.jsp");
failureHadler.setDefaultFailureUrl("/views/loginPage.jsp");
this.setAuthenticationFailureHandler(failureHadler);
this.setAuthenticationSuccessHandler(new SecurityLoginSuccessHandler());
}
3.失败的处理
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
AuthenticationException exception) throws IOException, ServletException {
saveException(request, exception);
logger.debug("Redirecting to " + KylindefaultFailureUrl);
execute(request, response, exception);
// new DefaultRedirectStrategy().sendRedirect(request, response, KylindefaultFailureUrl);
}
public void execute(HttpServletRequest request, HttpServletResponse response,
AuthenticationException exception) throws IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json");
response.getWriter().println("{\"resultCode\":500,\"msg\":\"账号或密码错误\"}");
}
4.成功的处理
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
// if (RequestUitl.isAjax(request)) {
// response.sendRedirect(request.getContextPath() + getDefaultTargetUrl());
execute(request, response);
// }else{
// super.handle(request, response, authentication);
// }
}
public void execute(HttpServletRequest request, HttpServletResponse response) throws IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json");
response.getWriter().println("{\"resultCode\":200,\"msg\":\"登陆成功\"}");
}
尽管还有不少bug,但成功解决了问题.还对security的了解多了一些.美滋滋