added cleaner login/logout failure handling and processing

pull/306/merge
Justin Richer 2013-02-20 16:10:55 -05:00
parent 1398575061
commit b840b31c74
4 changed files with 13 additions and 5 deletions

View File

@ -23,7 +23,7 @@
<div class="well">
<div>You are not logged in.</div>
<hr />
<div class="row-fluid"><a class="btn btn-primary span12" href="j_spring_security_check"><i class="icon-user icon-white"></i> Log in</a></div>
<div class="row-fluid"><a class="btn btn-primary span12" href="login"><i class="icon-user icon-white"></i> Log in</a></div>
</div>
</security:authorize>
</div><!--/span-->

View File

@ -76,12 +76,12 @@
<ul class="dropdown-menu">
<li><a>${ longName }</a></li>
<li class="divider"></li>
<li><a href="j_spring_security_logout"><i class="icon-remove"></i> Log out</a></li>
<li><a href="logout"><i class="icon-remove"></i> Log out</a></li>
</ul>
</div>
</security:authorize>
<security:authorize access="!hasRole('ROLE_USER')">
<a class="btn btn-primary btn-small" href="j_spring_security_check"><i class="icon-user icon-white"></i> Log in</a>
<a class="btn btn-primary btn-small" href="login"><i class="icon-user icon-white"></i> Log in</a>
</security:authorize>
</ul>

View File

@ -21,12 +21,16 @@
</security:authentication-manager>
<mvc:view-controller path="/login" view-name="login" />
<security:http pattern="/login**" use-expressions="true" entry-point-ref="http403EntryPoint">
<security:intercept-url pattern="/login**" access="permitAll"/>
</security:http>
<security:http disable-url-rewriting="true" use-expressions="true">
<security:form-login login-page="/login" />
<security:form-login login-page="/login" authentication-failure-url="/login?error=failure" />
<security:intercept-url pattern="/**" access="permitAll" />
<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<security:logout/>
<security:logout logout-url="/logout" />
<security:anonymous />
<security:expression-handler ref="oauthWebExpressionHandler" />
</security:http>

View File

@ -16,6 +16,10 @@ $(document).ready(function() {
<h1>Login with Username and Password</h1>
<c:if test="${ param.error != null }">
<div class="alert alert-error">The system was unable to log you in. Please try again.</div>
</c:if>
<!-- TODO: this is an ugly form but it gets the job done -->
<form action="<%=request.getContextPath()%>/j_spring_security_check" method="POST" class="well">