之前用戶注冊(cè)后是先跳到登錄頁面:
- @RequestMapping(method = RequestMethod.POST)
- public String register(@Valid User user, RedirectAttributes redirectAttributes) {
- accountService.registerUser(user);
- redirectAttributes.addFlashAttribute("username",
- user.getLoginName());
- return "redirect:/login";
- }
現(xiàn)在要求用戶注冊(cè)成功后自動(dòng)登錄,改寫如下:
- @RequestMapping(method = RequestMethod.POST)
- public String register(@Valid User user, RedirectAttributes redirectAttributes) {
- accountService.registerUser(user);
- UsernamePasswordToken token = new UsernamePasswordToken();
- token.setUsername(user.getLoginName());
- token.setPassword(user.getPassword().toCharArray());
- SecurityUtils.getSubject().login(token);
- return "redirect:/";
- }
結(jié)果報(bào)錯(cuò):
- org.apache.shiro.authc.IncorrectCredentialsException: Submitted credentials for token [org.apache.shiro.authc.UsernamePasswordToken - user01, rememberMe=false] did not match the expected credentials.
問題補(bǔ)充:問題解決了,改寫成token.setPassword(user.getPlainPassword().toCharArray()); 就可以了。因?yàn)槲业膗ser的plainPassword是明文,user的password是hash。