@wendal 集成后能登录,但是登录后向requireuser跳,直接跳到/user/login,而且在nutzdaorealm里打断点,根本不停,why????
usermodule:
@At
@RequiresUser
public int count() {
return dao.count(User.class);
}
@At
@Filters // 覆盖UserModule类的@Filter设置,因为登陆可不能要求是个已经登陆的Session
@POST
public Object login(@Param("username") String username, @Param("password") String password,
// @Param("captcha") String captcha, @Attr(scope = Scope.SESSION,
// value = "nutz_captcha") String _captcha,
HttpSession session) {
NutMap re = new NutMap();
int userId = userService.fetch(username, password);
if (userId < 0) {
return re.setv("ok", false).setv("msg", "用户名或密码错误");
} else {
session.setAttribute("me", userId);
return re.setv("ok", true);
}
}
@GET
@At("/login")
@Filters
@Ok("jsp:jsp.user.login")
public void loginPage() {
}
}
nutzdaorealm:
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) {
// TODO Auto-generated method stub
SimpleAuthorizationInfo auth = new SimpleAuthorizationInfo();
return auth;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
// TODO Auto-generated method stub
CaptchaUsernamePasswordToken uptoken = (CaptchaUsernamePasswordToken) token;
User user = dao.fetch(User.class, Cnd.where("name", "=", uptoken.getUsername()));
if (user == null) {
return null;
}
if (user.isLocked()) {
throw new LockedAccountException("Account [" + uptoken.getUsername() + "] is locked.");
}
SimpleAccount account = new SimpleAccount(user.getId(), user.getName(), getName());
account.setCredentialsSalt(ByteSource.Util.bytes(user.getSalt()));
return account;
}
shiro.ini:
[main]
sha256Matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
nutzdao_realm = net.wendal.nutzbook.shiro.realm.NutDaoRealm
nutzdao_realm.credentialsMatcher = $sha256Matcher
authc = org.nutz.integration.shiro.CaptchaFormAuthenticationFilter
authc.loginUrl = /user/login
logout.redirectUrl= /user/login
[urls]
/rs/* = anon
/user/logout = logout
/user/error = anon
/user/profile/active/mail = anon
/user/** = authc