因为业务的特殊性,需要在用户校验的同时做一些其他的处理。所以定义了一个类并继承了UsernamePasswordAuthenticationFilter类,重写了其中的attemptAuthentication方法(参考了一个网友的帖子)。<http use-expressions="true" entry-point-ref="authenticationProcessingFilterEntryPoint">
<!-- 重写登陆校验方法 -->
<custom-filter ref="myUsernamePasswordAuthenticationFilter" position="FORM_LOGIN_FILTER" />
<!-- 会话管理 -->
<session-management invalid-session-url="/common/timeout.jsp">
<!-- 防止一个用户重复登录多次 -->
<concurrency-control max-sessions="1" error-if-maximum-exceeded="true" />
</session-management>
<!--<remember-me data-source-ref="dataSource"/> -->
<remember-me services-ref="rememberMeServices" /> <beans:bean id="authenticationProcessingFilterEntryPoint" class="org.springframework.security.web.authentication.AuthenticationProcessingFilterEntryPoint">
<beans:property name="loginFormUrl" value="/login.jsp" />
</beans:bean><beans:bean id="myUsernamePasswordAuthenticationFilter" class="com.neusoft.iss.learning.business.security.filter.MyUsernamePasswordAuthenticationFilter">
<beans:property name="filterProcessesUrl" value="/j_spring_security_check"></beans:property>
<beans:property name="authenticationSuccessHandler" ref="savedRequestAwareAuthenticationSuccessHandler"></beans:property>
<beans:property name="authenticationFailureHandler" ref="simpleUrlAuthenticationFailureHandler"></beans:property>
<beans:property name="authenticationManager" ref="authenticationManager"></beans:property>
</beans:bean>
<beans:bean id="savedRequestAwareAuthenticationSuccessHandler" class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<beans:property name="defaultTargetUrl" value="/default.action" />
<beans:property name="alwaysUseDefaultTargetUrl" value="true" />
</beans:bean>
<beans:bean id="simpleUrlAuthenticationFailureHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<beans:property name="defaultFailureUrl" value="/login.action" />
</beans:bean>
以上是配置文件中的部分代码,现在登录已经实现,而且权限也得到了控制,但是“会话管理”和“记住我”的功能不能正常使用。有没有人知道到底是哪块出的问题?
<!-- 重写登陆校验方法 -->
<custom-filter ref="myUsernamePasswordAuthenticationFilter" position="FORM_LOGIN_FILTER" />
<!-- 会话管理 -->
<session-management invalid-session-url="/common/timeout.jsp">
<!-- 防止一个用户重复登录多次 -->
<concurrency-control max-sessions="1" error-if-maximum-exceeded="true" />
</session-management>
<!--<remember-me data-source-ref="dataSource"/> -->
<remember-me services-ref="rememberMeServices" /> <beans:bean id="authenticationProcessingFilterEntryPoint" class="org.springframework.security.web.authentication.AuthenticationProcessingFilterEntryPoint">
<beans:property name="loginFormUrl" value="/login.jsp" />
</beans:bean><beans:bean id="myUsernamePasswordAuthenticationFilter" class="com.neusoft.iss.learning.business.security.filter.MyUsernamePasswordAuthenticationFilter">
<beans:property name="filterProcessesUrl" value="/j_spring_security_check"></beans:property>
<beans:property name="authenticationSuccessHandler" ref="savedRequestAwareAuthenticationSuccessHandler"></beans:property>
<beans:property name="authenticationFailureHandler" ref="simpleUrlAuthenticationFailureHandler"></beans:property>
<beans:property name="authenticationManager" ref="authenticationManager"></beans:property>
</beans:bean>
<beans:bean id="savedRequestAwareAuthenticationSuccessHandler" class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<beans:property name="defaultTargetUrl" value="/default.action" />
<beans:property name="alwaysUseDefaultTargetUrl" value="true" />
</beans:bean>
<beans:bean id="simpleUrlAuthenticationFailureHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<beans:property name="defaultFailureUrl" value="/login.action" />
</beans:bean>
以上是配置文件中的部分代码,现在登录已经实现,而且权限也得到了控制,但是“会话管理”和“记住我”的功能不能正常使用。有没有人知道到底是哪块出的问题?
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货