问题
I am trying to understand why my login form does not display the validation message that says "wrong email or password" when the password is entered wrong. In all the other cases it works correctly(Just case 4 doesnt work):
Case 1 works with no problem(No input given):
Case 2 works with no problem(Only input given for email):
Case 3 works with no problem(Only input given for password):
Case 4 doesn't work(Both inputs given wrong)
It is the case 4 that doesn't work correctly here is the source code:
The form at the JSF page:
<h:form>
<p:panel>
<h:outputText value="*Em@il:" />
<h:inputText id="email" value="#{securityController.email}" binding="#{emailComponent}"/>
<br/>
<h:outputText value="*Lozinka: " />
<h:inputSecret id="password" value="#{securityController.password}" validator="#{securityController.validate}">
<f:attribute name="emailComponent" value="#{emailComponent}" />
</h:inputSecret>
<br/>
<span style="color: red;"><h:message for="password"
showDetail="true" /></span>
<br/>
<h:commandButton value="Login" action="#{securityController.logIn()}"/>
</p:panel>
</h:form>
The managed bean that gets the values from the input fields
@ManagedBean
@RequestScoped
public class SecurityController {
@EJB
private IAuthentificationEJB authentificationEJB;
private String email;
private String password;
private String notificationValue;
public String logIn() {
if (authentificationEJB.saveUserState(email, password)) {
notificationValue = "Dobro dosli";
return "main.xhtml";
} else {
return "";
}
}
public void validate(FacesContext context, UIComponent component,
Object value) throws ValidatorException {
UIInput emailComponent = (UIInput) component.getAttributes().get(
"emailComponent");
String email = "";
String password = "";
email = (String) emailComponent.getValue();
password = (String) value;
String emailInput = email;
String emailPatternText = "^[_A-Za-z0-9-]+(\\.[_A-Za-z0-9-]+)*@[A-Za-z0-9]+(\\.[A-Za-z0-9]+)*(\\.[A-Za-z]{2,})$";
Pattern emailPattern = null;
Matcher emailMatcher = null;
emailPattern = Pattern.compile(emailPatternText);
emailMatcher = emailPattern.matcher(emailInput);
String passwordInput = password;
String alphanumericPattern = "^[a-zA-Z0-9]+$";
Pattern passwordPattern = null;
Matcher passwordMatcher = null;
passwordPattern = Pattern.compile(alphanumericPattern);
passwordMatcher = passwordPattern.matcher(passwordInput);
if (!emailMatcher.matches() && !passwordMatcher.matches()) {
if (authentificationEJB.checkCredentials(emailInput, passwordInput) == false) {
FacesMessage msg = new FacesMessage(
"Pogresan email ili lozinka");
throw new ValidatorException(msg);
}
}
if(emailInput == null || passwordInput == null) {
FacesMessage msg = new FacesMessage("Pogresan email ili lozinka");
throw new ValidatorException(msg);
}
if (passwordInput.length() <= 0 || emailInput.length() <= 0) {
FacesMessage msg = new FacesMessage("Pogresan email ili lozinka");
throw new ValidatorException(msg);
}
}
public String getEmail() {
return email;
}
public String getPassword() {
return password;
}
public void setEmail(String email) {
this.email = email;
}
public void setPassword(String password) {
this.password = password;
}
public String getNotificationValue() {
return notificationValue;
}
public void setNotificationValue(String notificationValue) {
this.notificationValue = notificationValue;
}
}
The EJB that accesses the DB and checks the credentials:
package ejbs;
import java.util.List;
import javax.ejb.Stateful;
import javax.faces.context.FacesContext;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;
import javax.persistence.Query;
import ejbinterfaces.IAuthentificationEJB;
import entities.Role;
@Stateful(name = "ejbs/AuthentificationEJB")
public class AuthentificationEJB implements IAuthentificationEJB {
@PersistenceContext
private EntityManager em;
// Login
public boolean saveUserState(String email, String password) {
// 1-Send query to database to see if that user exist
Query query = em
.createQuery("SELECT r FROM Role r WHERE r.email=:emailparam AND r.password=:passwordparam");
query.setParameter("emailparam", email);
query.setParameter("passwordparam", password);
// 2-If the query returns the user(Role) object, store it somewhere in
// the session
List<Object> tmpList = query.getResultList();
if (tmpList.isEmpty() == false) {
Role role = (Role) tmpList.get(0);
if (role != null && role.getEmail().equals(email)
&& role.getPassword().equals(password)) {
FacesContext.getCurrentInstance().getExternalContext()
.getSessionMap().put("userRole", role);
// 3-return true if the user state was saved
System.out.println(role.getEmail() + role.getPassword());
return true;
}
}
// 4-return false otherwise
return false;
}
// Logout
public void releaseUserState() {
// 1-Check if there is something saved in the session(or wherever the
// state is saved)
if (!FacesContext.getCurrentInstance().getExternalContext()
.getSessionMap().isEmpty()) {
// 2-If 1 then flush it
FacesContext.getCurrentInstance().release();
}
}
// Check if user is logged in
public boolean checkAuthentificationStatus() {
// 1-Check if there is something saved in the session(This means the
// user is logged in)
if ((FacesContext.getCurrentInstance().getExternalContext()
.getSessionMap().get("userRole") != null)) {
// 2-If there is not a user already loged, then return false
return true;
}
return false;
}
@Override
public boolean checkCredentials(String email, String password) {
Query checkEmailExists = em
.createQuery("SELECT COUNT(r) FROM Role r WHERE r.email=:emailparam AND r.password=:passwordparam");
checkEmailExists.setParameter("emailparam", email);
checkEmailExists.setParameter("passwordparam", password);
int matchCounter = 0;
matchCounter = checkEmailExists.getResultList().size();
if (matchCounter == 1) {
return true;
}
return false;
}
}
回答1:
if (!emailMatcher.matches() && !passwordMatcher.matches()) {
if (authentificationEJB.checkCredentials(emailInput, passwordInput) == false) {
FacesMessage msg = new FacesMessage(
"Pogresan email ili lozinka");
throw new ValidatorException(msg);
}
}
Thus, when the email doesn't match AND the password doesn't match AND the credentials doesn't match, then the error message will be displayed.
This is not exactly what you want. In case 4 the email do match. You want this:
if (!emailMatcher.matches() || !passwordMatcher.matches() || !authentificationEJB.checkCredentials(emailInput, passwordInput)) {
FacesMessage msg = new FacesMessage("Pogresan email ili lozinka");
throw new ValidatorException(msg);
}
This will show the error when the email doesn't match OR the password doesn't match OR the credentials doesn't match.
来源:https://stackoverflow.com/questions/5653640/validation-message-not-being-displayed-in-login-form-when-the-user-enters-wrong