public String submit(String username, String password, String captcha,
String processUrl, String returnUrl, String message,
HttpServletRequest request, HttpServletResponse response,
ModelMap model) {
Integer errorRemaining = unifiedUserMng.errorRemaining(username);
WebErrors errors = validateSubmit(username, password, captcha,
errorRemaining, request, response);
if (!errors.hasErrors()) {
try {
String ip = RequestUtils.getIpAddr(request);
Authentication auth = authMng.login(username, password, ip,
request, response, session);
// 是否需要在这里加上登录次数的更新?按正常的方式,应该在process里面处理的,不过这里处理也没大问题。
cmsUserMng.updateLoginInfo(auth.getUid(), ip);
CmsUser user = cmsUserMng.findById(auth.getUid());
if (user.getDisabled()) {
// 如果已经禁用,则退出登录。
authMng.deleteById(auth.getId());
session.logout(request, response);
throw new DisabledException("user disabled");
}
removeCookieErrorRemaining(request, response);
returnUrl="/jeeadmin/jeecms/index.do";
System.out.println("我在com.jeecms.cms.action.admin.CmsLoginAct.submit加 returnUrl= /jeeadmin/jeecms/index.do");
String view = getView(processUrl, returnUrl, auth.getId());
cmsLogMng.loginSuccess(request, user, "login.log.loginSuccess");
if (view != null) {
return view;
} else {
return "redirect:login.jspx";
}
} catch (UsernameNotFoundException e) {
errors.addErrorString(e.getMessage());
cmsLogMng.loginFailure(request, "login.log.loginFailure",
"username=" + username + ";password=" + password);
} catch (BadCredentialsException e) {
errors.addErrorString(e.getMessage());
cmsLogMng.loginFailure(request, "login.log.loginFailure",
"username=" + username + ";password=" + password);
} catch (DisabledException e) {
errors.addErrorString(e.getMessage());
cmsLogMng.loginFailure(request, "login.log.loginFailure",
"username=" + username + ";password=" + password);
}
}
// 登录失败
writeCookieErrorRemaining(errorRemaining, request, response, model);
errors.toModel(model);
if (!StringUtils.isBlank(processUrl)) {
model.addAttribute(PROCESS_URL, processUrl);
}
if (!StringUtils.isBlank(returnUrl)) {
model.addAttribute(RETURN_URL, returnUrl);