Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to display error message in my JSP page using spring security 2.0

Hi I am now using spring security. It works fine. But if login failed, no error message display. I am wondering how can I display error message?

I have configured the ResourceBundleMessageSource in my applicationContext.xml

<!-- Spring security error message config -->
    <bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
        <property name="basenames">
             <list>
                  <value>messages</value>
             </list>
        </property>
    </bean>

And my security-config.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:David="http://www.springframework.org/schema/security"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
                           http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
                           http://www.springframework.org/schema/security
                           http://www.springframework.org/schema/security/spring-security-2.0.xsd">

    <David:http auto-config="true" access-denied-page="/accessDenied.html">

        <!-- Don`t set any role restriction on login.jsp -->
        <David:intercept-url pattern="/login.jsp"
            access="IS_AUTHENTICATED_ANONYMOUSLY" />

        <!-- Restrict access to All other pages -->
        <David:intercept-url pattern="/admin.jsp"
            access="ROLE_ADMIN" />

        <!-- Set the login page and what to do if login fails -->
        <David:form-login login-page="/login.jsp"
            default-target-url="/"/>
        <David:logout logout-success-url="/" />
    </David:http>

    <!-- Specify login examnination strategy -->
    <David:authentication-provider>
        <David:password-encoder hash="md5" />
        <David:jdbc-user-service
            data-source-ref="dataSource"
            users-by-username-query="select username, password, status as enabled from user where username=?"
            authorities-by-username-query="select u.username,r.name as authority
                                             from user u
                                             join user_role ur
                                               on u.id=ur.user_id
                                             join role r
                                               on r.id=ur.role_id
                                            where u.username=?" />
    </David:authentication-provider>
</beans>

My jsp page:

<%@ page contentType="text/html;charset=utf-8"%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ page
    import="org.springframework.security.ui.AbstractProcessingFilter"%>
<%@ page
    import="org.springframework.security.ui.webapp.AuthenticationProcessingFilter"%>
<%@ page import="org.springframework.security.AuthenticationException"%>

<form id="myform" class="cmxform" method="post"
                            action="${pageContext.request.contextPath}/j_spring_security_check">
                            <fieldset>
                                <legend>
                                    Please input correct username and password to login
                                </legend>
                                <p>
                                    <label for="user">


                                        Username:
                                    </label>
                                    <input id="user" name="j_username" />
                                </p>
                                <p>
                                    <label for="pass">


                                        Password:
                                    </label>
                                    <input type="password" name="j_password" id="password" />
                                </p>
                                <p>
                                    <input type="submit" class="submit" value="Login" />
                                </p>
                            </fieldset>
                        </form>

Any suggestions? Any help will be appreciated.

like image 911
David He Avatar asked Oct 02 '10 00:10

David He


1 Answers

<c:if test="${not empty param.login_error}">
    <div class="error">
        Your login attempt was not successful, try again.<br />
        Reason: #{sessionScope.SPRING_SECURITY_LAST_EXCEPTION.message}
    </div>
</c:if>
like image 165
Keith Avatar answered Sep 23 '22 07:09

Keith