SSM集成SpringSecurity（六）自定義登錄成功失敗處理邏輯

在現實的很多開發中，前後端都是分離的，前端訪問接口返回的數據一般都是json格式。前端表單登錄，我們應該返回一個登錄成功或失敗的json，然後由前端自己進行處理。

SpringSecurity提供了AuthenticationSuccessHandler和AuthenticationFailureHandler接口，允許我們實現自定義的登錄成功和失敗邏輯。

自定義成功

1: 在com.xhc.security包下新建一個類MyAuthenticationSuccessHandler，實現AuthenticationSuccessHandler接口，重寫其方法。

package com.xhc.security;

 

import com.fasterxml.jackson.databind.ObjectMapper;

import org.springframework.security.core.Authentication;

import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

 

import javax.servlet.ServletException;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import java.io.IOException;

import java.util.HashMap;

import java.util.Map;

/**

* 自定義成功處理的邏輯類

*/

public class MyAuthenticationSuccessHandler implements AuthenticationSuccessHandler {

private ObjectMapper objectMapper = new ObjectMapper();

@Override

public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {

Map map = new HashMap();

map.put("success", true);

String str = objectMapper.writeValueAsString(map);

response.setContentType("text/json;charset=utf-8");

response.getWriter().write(str);

}

}

2: 在spring-security.xml文件中加入下面代碼

<bean id="myAuthenticationSuccessHandler" class="com.xhc.security.MyAuthenticationSuccessHandler"/>

修改form-login標籤，加入authentication-success-handler-ref

<security:form-login login-page="/userLogin" login-processing-url="/securityLogin" default-target-url="/goods/index" authentication-success-handler-ref="myAuthenticationSuccessHandler"/>

3:啓動項目，成功登錄後會返回成功的json信息。

自定義失敗

操作和自定義成功基本一致

1: 在com.xhc.security包下新建一個類MyAuthenticationFailureHandler，實現AuthenticationFailureHandler接口，重寫其方法。

package com.xhc.security;

 

import com.fasterxml.jackson.databind.ObjectMapper;

import org.springframework.security.core.AuthenticationException;

import org.springframework.security.web.authentication.AuthenticationFailureHandler;

 

import javax.servlet.ServletException;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import java.io.IOException;

import java.util.HashMap;

import java.util.Map;

 

public class MyAuthenticationFailureHandler implements AuthenticationFailureHandler {

private ObjectMapper objectMapper = new ObjectMapper();

 

@Override

public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException e) throws IOException, ServletException {

Map map = new HashMap();

map.put("success", false);

map.put("errorMsg", e.getMessage());

String str = objectMapper.writeValueAsString(map);

response.setContentType("text/json;charset=utf-8");

response.getWriter().write(str);

}

}

2: 在spring-security.xml文件中加入下面代碼

<bean id="myAuthenticationFailureHandler" class="com.xhc.security.MyAuthenticationFailureHandler"/>

修改form-login標籤，加入authentication-failure-handler-ref

<security:form-login login-page="/userLogin" login-processing-url="/securityLogin"

default-target-url="/goods/index"

authentication-success-handler-ref="myAuthenticationSuccessHandler"

authentication-failure-handler-ref="myAuthenticationFailureHandler"/>

3:啓動項目，登錄失敗後會返回失敗的json信息。