Spring MVC身份验证成功处理程序和控制器

Question

我已经创建了一个用户登录界面，用户使用spring security进行身份验证。

我制作了一个AuthenticationSuccessHandler，它将用户重定向到一个新页面。

我也想实现loginController以获取登录用户的名称以及显示错误消息的错误凭据。这里是我的Handler代码：

public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSuccessHandler { 
protected final Log logger = LogFactory.getLog(this.getClass()); 

private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); 

protected MySimpleUrlAuthenticationSuccessHandler() { 
    super(); 
} 

@Override 
public void onAuthenticationSuccess(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws IOException { 
    handle(request, response, authentication); 
    clearAuthenticationAttributes(request); 
} 

protected void handle(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws IOException { 
    final String targetUrl = determineTargetUrl(authentication); 

    if (response.isCommitted()) { 
     logger.debug("Response has already been committed. Unable to redirect to " + targetUrl); 
     return; 
    } 

    redirectStrategy.sendRedirect(request, response, targetUrl); 
} 

protected String determineTargetUrl(final Authentication authentication) { 
    boolean isUser = false; 
    boolean isAdmin = false; 
    final Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities(); 
    for (final GrantedAuthority grantedAuthority : authorities) { 
     if (grantedAuthority.getAuthority().equals("ROLE_USER")) { 
      isUser = true; 
      break; 
     } else if (grantedAuthority.getAuthority().equals("ROLE_ADMIN")) { 
      isAdmin = true; 
      break; 
     } 
    } 

    if (isUser) { 
     return "/static_htm.html"; 
    } else if (isAdmin) { 
     return "/console.html"; 
    } else { 
     throw new IllegalStateException(); 
    } 
} 

而且我controller代码：

@Controller 
public class HelloController { 

@RequestMapping(value="/login", method = RequestMethod.GET) 
public String printWelcome(ModelMap model, Principal principal) { 

    String name = principal.getName(); 
    model.addAttribute("username", name); 
    model.addAttribute("message", "Spring Security Hello World"); 
    return "static_htm";     //page after successful login 

} 

@RequestMapping(value="/login", method = RequestMethod.GET) 
public String login(ModelMap model) { 

    return "login";      //login page 

} 

@RequestMapping(value="/loginfailed", method = RequestMethod.GET) 
public String loginerror(ModelMap model) { 

    //String errormessage = resources.getMessage("login.error", null, null); 
    model.addAttribute("error", "true"); 
    return "login";      //login page 

} 

} 

处理程序工作正常，但我没能获得用户名以及错误消息。我该怎么做才能使handler和controller一起工作？

任何建议都不胜感激。

Answer 1

从你的问题，我认为你想要在登录控制器中获取用户名。

如果不是这样，请随时忽略我的答案。

实际上你可能已经把它往后拉了。

成功处理程序有点像“default-target-url”的自定义实现。

所以它是登录控制器后实际执行...

登录成功后，并没有先前请求的路径（这是由SavedRequestAwareAuthenticationSuccessHandler实现的），然后将请求发送到“默认靶网址”。

或者当有一个自定义成功处理程序时，成功处理程序将确定它的路径。