我必須對現有項目(tomcat和java WebApplication)進行更改。 現在,在loginForm中,如果用戶輸入正確的登錄名和密碼,那麼用戶將會看到 將顯示主頁。但是當任何用戶輸入不正確的密碼時, 或可能被他的賬號暫時鎖定,所以給用戶再次會顯示loginform, 用戶無法知道他爲什麼不能登錄,由什麼原因導致他無法登錄。 (例如「無效的用戶名/密碼」,「用戶帳戶鎖定」等)。 現在我想插入會話錯誤消息,其中還包括爲什麼用戶無法登錄的原因。 向會話插入(保存)名爲「LoggingError」的屬性。 我寫爲:java getSession()。setAttribute()
request.getSession().setAttribute("LoggingError", message);
但在運行應用程序時,該行
request.getSession().setAttribute("LoggingError", message);
發生在網頁錯誤:
type Exception report
message
description The server encountered an internal error() that prevented it from fulfilling this request.
exception
java.lang.NullPointerException
com.se.eee.security.EeeAuthenticationProvider.authenticate(EeeAuthenticationProvider.java:153)
net.sf.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:159)
net.sf.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:49)
net.sf.ace
...
...
這裏EeeAuthenticationProvider.java
的Java代碼package com.se.eee.security;
import net.sf.acegisecurity.*;
import net.sf.acegisecurity.providers.AuthenticationProvider;
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import net.sf.acegisecurity.providers.dao.User;
import net.sf.acegisecurity.providers.dao.UsernameNotFoundException;
import net.sf.acegisecurity.providers.dao.event.*;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.BeansException;
import org.springframework.context.ApplicationContext;
import com.se.eee.bus.*;
import com.se.eee.bus.SecurityManager;
import com.se.spring.datasource.core.MakeConnectionException;
import com.se.spring.ext.CurrentRequestContext;
import com.opensymphony.webwork.interceptor.SessionAware;
import com.opensymphony.webwork.interceptor.ServletRequestAware;
import javax.servlet.http.HttpServletRequest;
import java.util.Map;
public class EeeAuthenticationProvider implements AuthenticationProvider, SessionAware, ServletRequestAware {
private static Log log = LogFactory.getLog(EeeAuthenticationProvider.class);
private JDBCProperties jdbcProp;
private ApplicationContext context;
private SecurityManager securityManager;
private HttpServletRequest request;
public void setServletRequest(HttpServletRequest req) {
this.request = req;
}
public void setSession(Map session) {
//To change body of implemented methods use File | Settings | File Templates.
}
public void setSecurityManager(SecurityManager securityManager) {
this.securityManager = securityManager;
}
public void setApplicationContext(ApplicationContext applicationContext)
throws BeansException {
this.context = applicationContext;
}
public void setJdbcProp(JDBCProperties jdbcProp) {
this.jdbcProp = jdbcProp;
}
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
// Determine username
// log.warn((authentication.isAuthenticated()?"Already Authenticated. Skip it!":"")+"authenticate: "+authentication);
if(authentication.isAuthenticated()) {
//log.warn("Already Authenticated. Skip it!");
return authentication;
}
String username = "NONE_PROVIDED";
if (authentication.getPrincipal() != null) {
username = authentication.getPrincipal().toString();
}
if (authentication.getPrincipal() instanceof UserDetails) {
username = ((UserDetails) authentication.getPrincipal()).getUsername();
}
UserDetails user = null;
com.se.eee.bus.User principal=null;
try
{
JDBCProperties props = jdbcProp.deserialize();
String input_passwords= authentication.getCredentials().toString();
String[] psd = input_passwords.split(":");
Filial fil = props.getFilial(psd[1]);
String sgn = input_passwords;
int i= sgn.indexOf(":", 1);
sgn = sgn.substring(i+1,sgn.length());
i= sgn.indexOf(":", 1);
sgn = sgn.substring(i+1,sgn.length());
if(fil==null)username=null;
securityManager.makeConnect(username, psd[0], fil);
user=new User(username, "skipped",true,true,true,true, new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_USER")});
//set connection for DataSource
ContextDataBean dataBean=(ContextDataBean)CurrentRequestContext.get();
dataBean.setUserKey(username+fil.id);
principal=securityManager.getUserByLogin(username.toUpperCase());
if(principal == null) throw new UsernameNotFoundException("Couldn't login.");
principal.setLogin(username);
principal.setPassword("******");
//principal.setBranch(fil.id);
if (principal.getBanktype().equals("055"))
{
if (sgn!=null && sgn.length() != 0)
{
securityManager.insUserKey(principal.getBranch(), principal.getId(), sgn);
com.se.eee.bus.Document docum = new com.se.eee.bus.Document();
docum.setBranch(principal.getBranch());
docum.setEmpId(principal.getId());
docum.setErrCode("991");
docum = securityManager.getAnswerUserKey(docum);
if (!docum.getErrCode().equals("000")) throw new UsernameNotFoundException("Key code error. User: "+principal.getLogin());
}
else
{
throw new UsernameNotFoundException("error while inserting test key code. please touch i-key or check loginform.ftl. user: "+principal.getLogin());
}
}
}
catch (MakeConnectionException mex)
{
log.error(mex.getMessage());
if (this.context != null) {
context.publishEvent(new AuthenticationFailureUsernameOrPasswordEvent(authentication, new User("".equals(username)? "EMPTY_STRING_PROVIDED" : username, "*****", false, false, false, false, new GrantedAuthority[0])));
}
throw new BadCredentialsException("Couldn't login connection problem.");
}
catch(Exception ex)
{
Throwable cause=ex.getCause();
String message=null;
if(cause!=null)message = cause.getMessage();
else message = ex.toString();
log.error(message);
// здес я пытаюс написать в session
request.getSession().setAttribute("LoggingError", message);
// но код не компилируется
throw new UsernameNotFoundException("Couldn't login.");
}
return createSuccessAuthentication(principal, authentication, user);
}
protected Authentication createSuccessAuthentication(Object principal, Authentication authentication, UserDetails user) {
UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(principal, authentication.getCredentials(), user.getAuthorities());
result.setDetails((authentication.getDetails() != null) ? authentication.getDetails() : null);
result.setAuthenticated(true);
return result;
}
public boolean supports(Class aClass) {
if (UsernamePasswordAuthenticationToken.class.isAssignableFrom(aClass)) return true;
return false;
}
}
你有什麼錯誤?我們需要更多的細節來幫助你 – 2010-02-26 14:24:50
如果你可以發佈你在編譯時得到的錯誤,這將是非常有幫助的。 – Cesar 2010-02-26 14:25:25
除了這個問題之外,您通常使用請求作用域作爲此範圍,而不是會話作用域。 – BalusC 2010-02-27 15:45:53