会话期满后的Spring Security登录重定向到上一个JSF ajax请求并显示其< partial-response>.像纯文本一样的XML响应 [英] Spring Security login after session expiration redirects to last JSF ajax request and displays its <partial-response> XML response like plain text
问题描述
我正在与一个结合使用Spring Security,Spring bean,JSF,PrimeFaces和Hibernate的项目一起工作.
I'm working with a project that use Spring Security, Spring bean, JSF, PrimeFaces and Hibernate in combination.
在主页中,我使用民意调查每10秒自动获取最新数据.
In the homepage, I use poll to automatically get newest data after every 10 seconds.
<h:form>
<p:poll interval="10"
listener="#{mailBean.refreshMail}"
update=":list-email"/>
</h:form>
问题是登录到主页后,在另一个选项卡中打开主页,然后在该选项卡中单击注销,然后重定向到登录页面.
The problem is after I log-in to the homepage, I open the homepage in another tab and in that tab, I click log-out and it redirect to the log-in page.
即使会话结束,轮询也将继续发送ajax请求并每隔10秒获得响应.
Even though the session ends, poll will continue to send ajax request and get response after every 10 seconds.
然后我等待几秒钟,然后再次单击登录以转到主页,但这一次它显示了XML内容,这是民意调查的部分响应.
Then I wait some seconds and click log-in again to go to the homepage but this time it shows the XML content which is the partial response of the Poll.
如果刷新页面,它将再次恢复正常. 我不知道为什么会这样渲染视图.
If I refresh the page, it becomes normal again. I don't know why it render view like that.
我花了很多时间试图解决这个问题,但是我没有. 请帮帮我.谢谢.
I've spent a lot of time trying to solve this problem but I couldn't. Please help me out. Thank you.
推荐答案
正如BalusC先生所说,Spring Security将在登录后重定向到上一个请求.因为我使用了Poll,所以它会在10秒后向主页发出ajax请求,当我再次登录时,它将重定向到ajax请求.
As Mr. BalusC said, Spring Security will redirect to last request after login. Because I used Poll so the it makes ajax request to the homepage after 10 seconds and when I login again, it will redirect to the ajax request.
为解决此问题,我在安全性xml文件中进行了如下配置,以便在登录后始终将其重定向到默认页面.
So to solve this, I config in the security xml file as following, so that it will always redirect to the default page after login.
<form-login
login-page="/login.html"
authentication-failure-url="/login.html?status=LOGIN_FAILURE"
default-target-url="/index.html"
always-use-default-target="true" />
非常感谢BalusC先生.
Thank you so much, Mr. BalusC.
这篇关于会话期满后的Spring Security登录重定向到上一个JSF ajax请求并显示其< partial-response>.像纯文本一样的XML响应的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!