FullAjaxExceptionHandler does not show session expired error page on ajax button
I have implemented Omnifaces FullAjaxExceptionHandler but the problem is It is not working with ajax requests. After session expires when I click to non-ajax button, It work
-
You're sending a synchronous redirect as a response to the ajax request (a HTTP 302 response using e.g.
response.sendRedirect()). This is not right. The JavaScript ajax engine treats the 302 response as a new destination to re-send the ajax request to. However, that in turn returns a plain vanilla HTML page instead of a XML document with instructions which parts of the page to update. This is confusing and thus the redirected response is altogether ignored. That explains precisely the symptoms you're facing.The very same problem is also asked and answered in the following closely related questions:
- FullAjaxExceptionHandler does not redirect to error page after invalidated session
- How to move user to timeout page when session expires, if user click on browser back button
- GET request for redirect initiated by browser but not successful
- Authorization redirect on session expiration does not work on submitting a JSF form, page stays the same
- JSF Filter not redirecting After Initial Redirect
Basically, you need to instruct Spring Security in some way to perform the following conditional check:
if ("partial/ajax".equals(request.getHeader("Faces-Request"))) { // JSF ajax request. Return special XML response which instructs JavaScript that it should in turn perform a redirect. response.setContentType("text/xml"); response.getWriter() .append("") .printf("I'm however no Spring user and I'm not interested to use it, and am therefore not able to give a more detailed answer how to perform this check in Spring Security. I can however tell that Apache Shiro has exactly the same problem which is explained and solved in this blog article: Make Shiro JSF Ajax Aware.
加载中...
- 热议问题