Tuesday May 27, 2008
Acegisecurity Memo-8, Login Page & Logout URL
| Table of Content |
|---|
新增 Login Page (login.jsp)
在完成之前介紹的設定後,再來即要新增一個登入頁面。登入頁面,最重要的,即 login url, login id, login password,而 Acegi 內有固定的 login url 與 login id 和 login password 的 parameter name。
| Name | 值 | 說明 |
|---|---|---|
| login url | /contextPath/j_acegi_security_check | 使用者輸入帳號密碼且按確定後,會處理認證的 URL 記得要加上 contextPath |
| login id name | j_username 或用 AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY | 帳號的 key,即 Server 要用來取出 parameter 用的 key |
| login password name | j_password 或用 AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY | 密碼的 key,即 Server 要用來取出 parameter 用的 key |
| 登入錯誤的 Exception | AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY | 從 Session 的 Attribute 中,可以取得登入錯誤的 AuthenticationException。 |
login.jsp
<%@ page pageEncoding = "UTF-8"%> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%> <%@ taglib uri="http://java.sun.com/jsf/html" prefix="h"%> <%@ taglib uri="http://java.sun.com/jsf/core" prefix="f"%> <%@page import="org.acegisecurity.AuthenticationException"%> <%@page import="org.acegisecurity.ui.AbstractProcessingFilter"%> <%@page import="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"%> <html> <head> <title>會員登入</title> </head> <body> <c:if test="${param.error==1}"> <font color="red"> Your login attempt was not successful, try again.<BR><BR> Reason: <%=((AuthenticationException)session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage()%> </font> </c:if> <form action = "<c:url value="/j_acegi_security_check"/>" method = "POST"> <table border="1"> <tr> <td>帳號</td> <td> <input type="text" name="<%=AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY%>" size = "20"> </td> </tr> <tr> <td>密碼</td> <td> <input type="password" name="<%=AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY %>" size="20"/> </td> </tr> <!-- <tr> <td colspan="2" align="center"><input type="checkbox" name="_acegi_security_remember_me">Remember Me</td> </tr> --> <tr> <td colspan="2" align="center"><input type = "submit" value = "登入"/></td> </tr> </table> </form> </body> </html>
Logout URL (登出網址)
登入後,通常會在網頁的某個地方,提供一個登出的按鈕來讓使用者登出。 我發現 acegi 的文件中,並沒有提到登出的網址是什麼,不過還是給我從 source 找到了,Acegi 登出的網址為
/contextPath/j_acegi_logout //use taglib <c:url value="/j_acegi_logout"/>
Download
- Download [AcegisecurityMemo8.zip]
Contains:- login.jsp
Reference
http://www.acegisecurity.org/http://forum.springframework.org/forumdisplay.php?f=33
Navigation:
Index: Acegisecurity Memo, Table of ContentsPrevious: Acegisecurity Memo-7, In-LDAP Authertication 設定
Next: Acegisecurity Memo-9, Login Password with PasswordEncoder(SHA,MD5...)
Posted at 2008-05-27 17:12 by Piaoyi Kao in Acegisecurity | Permalink | Comments[4]
roles <a href="http://www.watchessell.com/">Rolex Watches</a>
Posted by Rolex Watchesc on April 07, 2009 at 09:24 AM CST #
very good...
Posted by nike shoes on April 07, 2009 at 09:25 AM CST #
http://www.uggbootshome.net wholesale ugg boots
Posted by shengxiang on November 11, 2009 at 03:16 PM CST #
thank you for share,good blog
Posted by roller shoes on June 05, 2010 at 02:57 PM CST #