发表新帖
发表新帖

JSF 2, Spring Security 3.x and Richfaces 4 redirect to login page on session time out for ajax requests

前端 未结
关注
2 1952
爱一瞬间的悲伤
爱一瞬间的悲伤 2020-12-05 22:05

It seems a very common problem. But I couldn\'t find any working solution. We are using Richafaces 4, Myfaces 2.0.5 and Spring security 3.0.X.

On session time for aj

2条回答
  • 天涯浪人
    天涯浪人 (楼主)
    2020-12-05 22:29

    I merge Ravi's answer with How to set a custom invalid session strategy in Spring Security.

    It modify the filter instead of creating a new one. Can split in multiple class if you want too.

        public class JSFRedirectStrategy implements InvalidSessionStrategy,
    BeanPostProcessor {

/**
 * JSF header
 */
private static final String FACES_REQUEST_HEADER = "faces-request";

/**
 * URL
 */
private String invalidSessionUrl;

public void setInvalidSessionUrl(String invalidSessionUrl) {
    this.invalidSessionUrl = invalidSessionUrl;
}

/**
 * {@inheritDoc}
 */
@Override
public void onInvalidSessionDetected(HttpServletRequest request,
        HttpServletResponse response) throws IOException, ServletException {
    String ajaxRedirectXml;
    String requestURI;

    // Force nouvelle session
    request.getSession(true);

    if ("partial/ajax".equals(request.getHeader(FACES_REQUEST_HEADER))) {
        requestURI = request.getContextPath() + invalidSessionUrl;
        requestURI = response.encodeRedirectURL(requestURI);
        ajaxRedirectXml = createAjaxRedirectXml(requestURI);
        response.setContentType("text/xml");
        response.getWriter().write(ajaxRedirectXml);
    } else {
        response.sendRedirect(response
                .encodeRedirectURL(getRequestUrl(request)));
    }
}

/**
 * Obtenir la requete qu'il voulait appeler
 * 
 * @param request
 * @return
 */
private String getRequestUrl(HttpServletRequest request) {
    StringBuffer requestURL;
    String queryString;

    requestURL = request.getRequestURL();
    queryString = request.getQueryString();
    if (!JavaUtil.isNullOrEmpty(queryString))
        requestURL.append("?").append(queryString);
    return requestURL.toString();
}

/**
 * XML redirect
 * 
 * @param redirectUrl
 * @return
 */
private String createAjaxRedirectXml(String redirectUrl) {
    return new StringBuilder()
            .append("")
            .append("").toString();
}

@Override
public Object postProcessBeforeInitialization(Object bean, String beanName)
        throws BeansException {
    SessionManagementFilter filter;
    if (bean instanceof SessionManagementFilter) {
        filter = (SessionManagementFilter) bean;
        filter.setInvalidSessionStrategy(this);
    }
    return bean;
}

@Override
public Object postProcessAfterInitialization(Object bean, String beanName)
        throws BeansException {
    return bean;
}}

    0 讨论(0)
 看不清?
提交回复
热议问题