问题
I developed a PrimeFaces based application that I now want to protect with PicketLink in a CDI way. I followed this example and created a login page with several PrimeFaces components including a layout). All styling and functionality is however lost. Even a simplified login.xhtml page (to match the example linked to above) does not have styling.
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:p="http://primefaces.org/ui">
<h:head/>
<h:body>
<p:panel>
<h:form method="POST" prependId="false">
<p:inputText id="j_username" />
<p:password id="j_password"/>
<p:commandButton id="login" value="Login" action="#{identity.login()}" ajax="false"/>
</h:form>
</p:panel>
<p>Tip: you can login with a username/password of jane/abcd1234.</p>
</h:body>
</html>
回答1:
The reason the css and js files are not loaded is because the security 'profile' in the original example has all resources protected besides a login.xhtml file. JSF by default loads resources from the 'virtual' javax.faces.resource folder. This needs to be excluded from authentication to. The HttpSecurityConfiguration in the original example should be adapted to exlude this virtual folder in the config.
public class HttpSecurityConfiguration {
public void onInit(@Observes SecurityConfigurationEvent event) {
SecurityConfigurationBuilder builder = event.getBuilder();
builder
.http()
.forPath("/javax.faces.resource/*")
.unprotected()
.forPath("/index.jsf")
.unprotected()
.allPaths()
.authenticateWith()
.form()
.authenticationUri("/login.jsf")
.loginPage("/login.jsf")
.errorPage("/error.jsf")
.restoreOriginalRequest()
.forPath("/logout")
.logout()
.redirectTo("/index.jsf");
}
}
来源:https://stackoverflow.com/questions/28373178/primefaces-based-application-with-picketlink-does-not-show-style-in-login-page