1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.shiro.samples.spring.web;
20
21 import org.apache.shiro.SecurityUtils;
22 import org.apache.shiro.authc.AuthenticationException;
23 import org.apache.shiro.authc.UsernamePasswordToken;
24 import org.slf4j.Logger;
25 import org.slf4j.LoggerFactory;
26 import org.springframework.validation.BindException;
27 import org.springframework.web.servlet.ModelAndView;
28 import org.springframework.web.servlet.mvc.SimpleFormController;
29
30 import javax.servlet.http.HttpServletRequest;
31 import javax.servlet.http.HttpServletResponse;
32
33
34
35
36
37
38 public class LoginController extends SimpleFormController {
39
40 private static transient final Logger log = LoggerFactory.getLogger(LoginController.class);
41
42 protected ModelAndView onSubmit(HttpServletRequest request, HttpServletResponse response, Object cmd, BindException errors) throws Exception {
43
44 LoginCommand command = (LoginCommand) cmd;
45
46 UsernamePasswordToken token = new UsernamePasswordToken(command.getUsername(), command.getPassword());
47
48 try {
49 SecurityUtils.getSubject().login(token);
50 } catch (AuthenticationException e) {
51 log.debug("Error authenticating.", e);
52 errors.reject("error.invalidLogin", "The username or password was not correct.");
53 }
54
55 if (errors.hasErrors()) {
56 return showForm(request, response, errors);
57 } else {
58 return new ModelAndView(getSuccessView());
59 }
60 }
61 }