用户输入错误密码后,验证信息未以登录形式显示 [英] Validation message not being displayed in login form when the user enters wrong password
本文介绍了用户输入错误密码后,验证信息未以登录形式显示的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我试图理解为什么当输入密码错误时,我的登录表单为什么不显示验证消息"电子邮件或密码错误" .在所有其他情况下,它都可以正常工作(只是情况4不起作用):
I am trying to understand why my login form does not display the validation message that says "wrong email or password" when the password is entered wrong. In all the other cases it works correctly(Just case 4 doesnt work):
案例1正常运行(没有输入):
Case 1 works with no problem(No input given):
案例2可以正常工作(仅输入电子邮件):
Case 2 works with no problem(Only input given for email):
情况3可以正常工作(仅输入密码):
Case 3 works with no problem(Only input given for password):
情况4不起作用(两个输入均输入错误)
Case 4 doesn't work(Both inputs given wrong)
情况4不能正常工作,这里是源代码:
It is the case 4 that doesn't work correctly here is the source code:
JSF页面上的表单:
The form at the JSF page:
<h:form>
<p:panel>
<h:outputText value="*Em@il:" />
<h:inputText id="email" value="#{securityController.email}" binding="#{emailComponent}"/>
<br/>
<h:outputText value="*Lozinka: " />
<h:inputSecret id="password" value="#{securityController.password}" validator="#{securityController.validate}">
<f:attribute name="emailComponent" value="#{emailComponent}" />
</h:inputSecret>
<br/>
<span style="color: red;"><h:message for="password"
showDetail="true" /></span>
<br/>
<h:commandButton value="Login" action="#{securityController.logIn()}"/>
</p:panel>
</h:form>
从输入字段获取值的托管bean
The managed bean that gets the values from the input fields
@ManagedBean
@RequestScoped
public class SecurityController {
@EJB
private IAuthentificationEJB authentificationEJB;
private String email;
private String password;
private String notificationValue;
public String logIn() {
if (authentificationEJB.saveUserState(email, password)) {
notificationValue = "Dobro dosli";
return "main.xhtml";
} else {
return "";
}
}
public void validate(FacesContext context, UIComponent component,
Object value) throws ValidatorException {
UIInput emailComponent = (UIInput) component.getAttributes().get(
"emailComponent");
String email = "";
String password = "";
email = (String) emailComponent.getValue();
password = (String) value;
String emailInput = email;
String emailPatternText = "^[_A-Za-z0-9-]+(\\.[_A-Za-z0-9-]+)*@[A-Za-z0-9]+(\\.[A-Za-z0-9]+)*(\\.[A-Za-z]{2,})$";
Pattern emailPattern = null;
Matcher emailMatcher = null;
emailPattern = Pattern.compile(emailPatternText);
emailMatcher = emailPattern.matcher(emailInput);
String passwordInput = password;
String alphanumericPattern = "^[a-zA-Z0-9]+$";
Pattern passwordPattern = null;
Matcher passwordMatcher = null;
passwordPattern = Pattern.compile(alphanumericPattern);
passwordMatcher = passwordPattern.matcher(passwordInput);
if (!emailMatcher.matches() && !passwordMatcher.matches()) {
if (authentificationEJB.checkCredentials(emailInput, passwordInput) == false) {
FacesMessage msg = new FacesMessage(
"Pogresan email ili lozinka");
throw new ValidatorException(msg);
}
}
if(emailInput == null || passwordInput == null) {
FacesMessage msg = new FacesMessage("Pogresan email ili lozinka");
throw new ValidatorException(msg);
}
if (passwordInput.length() <= 0 || emailInput.length() <= 0) {
FacesMessage msg = new FacesMessage("Pogresan email ili lozinka");
throw new ValidatorException(msg);
}
}
public String getEmail() {
return email;
}
public String getPassword() {
return password;
}
public void setEmail(String email) {
this.email = email;
}
public void setPassword(String password) {
this.password = password;
}
public String getNotificationValue() {
return notificationValue;
}
public void setNotificationValue(String notificationValue) {
this.notificationValue = notificationValue;
}
}
访问数据库并检查凭据的EJB:
The EJB that accesses the DB and checks the credentials:
package ejbs;
import java.util.List;
import javax.ejb.Stateful;
import javax.faces.context.FacesContext;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;
import javax.persistence.Query;
import ejbinterfaces.IAuthentificationEJB;
import entities.Role;
@Stateful(name = "ejbs/AuthentificationEJB")
public class AuthentificationEJB implements IAuthentificationEJB {
@PersistenceContext
private EntityManager em;
// Login
public boolean saveUserState(String email, String password) {
// 1-Send query to database to see if that user exist
Query query = em
.createQuery("SELECT r FROM Role r WHERE r.email=:emailparam AND r.password=:passwordparam");
query.setParameter("emailparam", email);
query.setParameter("passwordparam", password);
// 2-If the query returns the user(Role) object, store it somewhere in
// the session
List<Object> tmpList = query.getResultList();
if (tmpList.isEmpty() == false) {
Role role = (Role) tmpList.get(0);
if (role != null && role.getEmail().equals(email)
&& role.getPassword().equals(password)) {
FacesContext.getCurrentInstance().getExternalContext()
.getSessionMap().put("userRole", role);
// 3-return true if the user state was saved
System.out.println(role.getEmail() + role.getPassword());
return true;
}
}
// 4-return false otherwise
return false;
}
// Logout
public void releaseUserState() {
// 1-Check if there is something saved in the session(or wherever the
// state is saved)
if (!FacesContext.getCurrentInstance().getExternalContext()
.getSessionMap().isEmpty()) {
// 2-If 1 then flush it
FacesContext.getCurrentInstance().release();
}
}
// Check if user is logged in
public boolean checkAuthentificationStatus() {
// 1-Check if there is something saved in the session(This means the
// user is logged in)
if ((FacesContext.getCurrentInstance().getExternalContext()
.getSessionMap().get("userRole") != null)) {
// 2-If there is not a user already loged, then return false
return true;
}
return false;
}
@Override
public boolean checkCredentials(String email, String password) {
Query checkEmailExists = em
.createQuery("SELECT COUNT(r) FROM Role r WHERE r.email=:emailparam AND r.password=:passwordparam");
checkEmailExists.setParameter("emailparam", email);
checkEmailExists.setParameter("passwordparam", password);
int matchCounter = 0;
matchCounter = checkEmailExists.getResultList().size();
if (matchCounter == 1) {
return true;
}
return false;
}
}
推荐答案
if (!emailMatcher.matches() && !passwordMatcher.matches()) {
if (authentificationEJB.checkCredentials(emailInput, passwordInput) == false) {
FacesMessage msg = new FacesMessage(
"Pogresan email ili lozinka");
throw new ValidatorException(msg);
}
}
因此,当电子邮件不匹配且密码不匹配且凭据不匹配时,将显示错误消息.
Thus, when the email doesn't match AND the password doesn't match AND the credentials doesn't match, then the error message will be displayed.
这不是您想要的.在第4种情况下,电子邮件做匹配.您想要这个:
This is not exactly what you want. In case 4 the email do match. You want this:
if (!emailMatcher.matches() || !passwordMatcher.matches() || !authentificationEJB.checkCredentials(emailInput, passwordInput)) {
FacesMessage msg = new FacesMessage("Pogresan email ili lozinka");
throw new ValidatorException(msg);
}
当电子邮件不匹配或密码不匹配或凭据不匹配时,这将显示错误.
This will show the error when the email doesn't match OR the password doesn't match OR the credentials doesn't match.
这篇关于用户输入错误密码后,验证信息未以登录形式显示的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
