Win a copy of The Java Performance Companion this week in the Performance forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

A better way to display a login failure message

 
Dave Alvarado
Ranch Hand
Posts: 436
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I'm using Spring 3.0. I have this in my securityContext.xml file ...



Then on my login.jsp page, I have this login for displaying an error when login fails ...



However, this seems a little dopey, and I was wondering if there is a more elegant way to get the error message to display. Right now, someone could (for whatever odd reason), add the "?fail" string to the page and get the login error to come up.

Thanks, - Dave
 
Mark Spritzler
ranger
Sheriff
Posts: 17278
6
IntelliJ IDE Mac Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Looks like a good message to me. Why would you care if someone puts that in the URL and makes the error message display. It isn't like it gives them some secret way into your site.

Mark
 
Geeta Puttappanavar
Ranch Hand
Posts: 43
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Mark Spritzler wrote:Looks like a good message to me. Why would you care if someone puts that in the URL and makes the error message display. It isn't like it gives them some secret way into your site.

Mark



Hi All,

I want to validate the form in spring security (displaying not empty, size related errors in login.jsp which we achieve it by @valid in spring MVC).

Can any of you please guide me how to achieve this?

Here I am using j_username and j_password spring security property in login.jsp.

Thanks in advance,
Geeta
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic