Apache Shiro,无法将值从登录表单传递到支持 bean
Apache Shiro, can not pass values from login form to backing bean
我无法将值从我的登录表单传递到支持 bean,以便在我的网络应用程序中通过 apache shiro 对用户进行身份验证。有人知道为什么吗?
shiro.ini
[main]
authc.loginUrl = /login.jsf
authc.successUrl = /pages/welcome.jsf
[users]
admin = 1234
[urls]
/login.jsf = authc
/pages/** = authc
login.xhtml
<ui:define name="content">
<div id="login_form">
<h:form prependId="false">
<center>
<h1>Sign in <p:link value="or create an account" outcome="registration" style="color: #0A9CE5; text-decoration: none;" /></h1>
<table>
<tr>
<td><p:inputText id="username" value="#{shiroLoginBean.username}" placeholder="Login" required="true" /></td>
</tr>
<tr>
<td><p:password id="password" value="#{shiroLoginBean.password}" placeholder="Password" required="true" /></td>
</tr>
</table>
</center>
<p:commandButton value="Sign in" action="#{shiroLoginBean.doLogin}" />
</h:form>
</div>
豆类:
package utils.security;
import java.io.IOException;
import java.io.Serializable;
import javax.ejb.Stateless;
import javax.faces.bean.ViewScoped;
import javax.faces.context.FacesContext;
import javax.inject.Named;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@Named("shiroLoginBean")
@Stateless
@ViewScoped
public class ShiroLoginBean implements Serializable {
private static final long serialVersionUID = 1L;
private static final Logger log = LoggerFactory.getLogger(ShiroLoginBean.class);
private String username;
private String password;
public ShiroLoginBean() {
}
/**
* Try and authenticate user.
*/
public void doLogin() {
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(getUsername(), getPassword());
try {
subject.login(token);
FacesContext.getCurrentInstance().getExternalContext().redirect("pages/welcome.jsf");
} catch (UnknownAccountException ex) {
log.error(ex.getMessage(), ex);
} catch (IncorrectCredentialsException ex) {
log.error(ex.getMessage(), ex);
} catch (LockedAccountException ex) {
log.error(ex.getMessage(), ex);
} catch (AuthenticationException | IOException ex) {
log.error(ex.getMessage(), ex);
} finally {
token.clear();
}
}
//~ Setters and Getters
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
}
问题出在这一行...
UsernamePasswordToken token = new UsernamePasswordToken(getUsername(), getPassword());
... getUsername 和 getPassword 始终为空。非常感谢您的回答!!
你的 @ViewScoped 导入是错误的 - 因为你使用 @Named (意味着它是一个 CDI bean)你应该使用
import javax.faces.view.ViewScoped;
因为你省略了一个相关的范围,你会得到 @Dependent 范围,我从未见过它的用途,但它的寿命很短(输入将绑定到一个 bean,但是当 doLogin()运行它将在一个新的中)。
我无法将值从我的登录表单传递到支持 bean,以便在我的网络应用程序中通过 apache shiro 对用户进行身份验证。有人知道为什么吗?
shiro.ini
[main]
authc.loginUrl = /login.jsf
authc.successUrl = /pages/welcome.jsf
[users]
admin = 1234
[urls]
/login.jsf = authc
/pages/** = authc
login.xhtml
<ui:define name="content">
<div id="login_form">
<h:form prependId="false">
<center>
<h1>Sign in <p:link value="or create an account" outcome="registration" style="color: #0A9CE5; text-decoration: none;" /></h1>
<table>
<tr>
<td><p:inputText id="username" value="#{shiroLoginBean.username}" placeholder="Login" required="true" /></td>
</tr>
<tr>
<td><p:password id="password" value="#{shiroLoginBean.password}" placeholder="Password" required="true" /></td>
</tr>
</table>
</center>
<p:commandButton value="Sign in" action="#{shiroLoginBean.doLogin}" />
</h:form>
</div>
豆类:
package utils.security;
import java.io.IOException;
import java.io.Serializable;
import javax.ejb.Stateless;
import javax.faces.bean.ViewScoped;
import javax.faces.context.FacesContext;
import javax.inject.Named;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@Named("shiroLoginBean")
@Stateless
@ViewScoped
public class ShiroLoginBean implements Serializable {
private static final long serialVersionUID = 1L;
private static final Logger log = LoggerFactory.getLogger(ShiroLoginBean.class);
private String username;
private String password;
public ShiroLoginBean() {
}
/**
* Try and authenticate user.
*/
public void doLogin() {
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(getUsername(), getPassword());
try {
subject.login(token);
FacesContext.getCurrentInstance().getExternalContext().redirect("pages/welcome.jsf");
} catch (UnknownAccountException ex) {
log.error(ex.getMessage(), ex);
} catch (IncorrectCredentialsException ex) {
log.error(ex.getMessage(), ex);
} catch (LockedAccountException ex) {
log.error(ex.getMessage(), ex);
} catch (AuthenticationException | IOException ex) {
log.error(ex.getMessage(), ex);
} finally {
token.clear();
}
}
//~ Setters and Getters
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
}
问题出在这一行... UsernamePasswordToken token = new UsernamePasswordToken(getUsername(), getPassword()); ... getUsername 和 getPassword 始终为空。非常感谢您的回答!!
你的 @ViewScoped 导入是错误的 - 因为你使用 @Named (意味着它是一个 CDI bean)你应该使用
import javax.faces.view.ViewScoped;
因为你省略了一个相关的范围,你会得到 @Dependent 范围,我从未见过它的用途,但它的寿命很短(输入将绑定到一个 bean,但是当 doLogin()运行它将在一个新的中)。