在JSF导航后，单击浏览器后退按钮会导致“文档过期".在浏览器中 [英] Clicking browser back button after JSF navigation causes "Document expired" in browser

问题描述

在登录页面后的项目中，如果我单击菜单链接1 ==>，则主页面包含左侧站点的菜单，您将导航至页面1，然后单击菜单链接2 ==>，您将导航至页面2，如果您使用后退按钮，然后我得到 文档已过期 .

In my project after login page, main page contain menu on left hand site if I clicked on menu link 1 ==> you will navigate to page 1 then click menu link 2 ==> you will navigate to page 2 ,if you use back button then i get document expired.

我要注销，为此我要使用阶段侦听器.

I want to delete the browser cache after logged out for this i use phase listener.

相位监听器的代码

    @Override
        public void beforePhase(PhaseEvent event) {
            FacesContext facesContext = event.getFacesContext();
            HttpServletResponse response = (HttpServletResponse) facesContext
             .getExternalContext().getResponse();
        logger.log(Level.INFO,"Cache control phase listener called");
             response.addHeader("Pragma", "no-cache");
             response.addHeader("Cache-Control", "no-cache");
             response.addHeader("Cache-Control", "no-store");
             response.addHeader("Cache-Control", "must-revalidate"); 
             response.addHeader("Expires","Mon, 8 Aug 2006 10:00:00 GMT");
        }

我还使用 UserFilter 保护/user/*文件夹中的页面
这是UserFilter的 doFilter 代码

I also use UserFilter for secured the pages in /user/* folder
here is UserFilter's doFilter code

@Override
    public void doFilter(ServletRequest request, ServletResponse response,
            FilterChain chain) throws IOException, ServletException {
        logger.log(Level.INFO,"User Filter's doFilter called");
        UserManager userManager = (UserManager)((HttpServletRequest)request).getSession().getAttribute("userManager");
            if(userManager==null || !userManager.getIsLoggedIn() || !userManager.getCurrentRole().equals("user")){
                String contextPath = ((HttpServletRequest)request).getContextPath();
                ((HttpServletResponse)response).sendRedirect(contextPath+"/login.xhtml");
            }else{
                chain.doFilter(request, response);
            }
    }

我还希望登录后的用户不能退出登录页面，直到注销.

I also want after login user can't go back again in login page until logout.

推荐答案

如果您使用后退按钮，那么我会收到文档已过期"

如果先前的请求是同步POST请求(表单提交)，则会发生这种情况.您不应该使用POST进行页面间导航.使用GET.

That will happen if the previous request was a synchronous POST request (a form submit). You're not supposed to use POST for page-to-page navigation. Use GET for it.

换句话说，用<h:link/button>替换表示纯页面到页面导航链接/按钮的<h:commandLink/Button>.并且，当您需要在提交表单后导航到新页面时，例如要在提交条目后显示列表，请使用POST-redirect-GET.

In other words, replace <h:commandLink/Button> representing pure page-to-page navigation links/buttons by <h:link/button>. And, when you need to navigate to a new page after a form submit, e.g. to display a list after submit of an entry, use POST-redirect-GET.

• 何时应使用h:outputLink代替h:commandLink?
• 如何在JSF中导航?如何使URL反映当前页面(而不是上一页)
• JSF 2.0 View Scope后退按钮安全吗?
• 在JSF Web应用程序上避免后退按钮

• When should I use h:outputLink instead of h:commandLink?
• How to navigate in JSF? How to make URL reflect current page (and not previous one)
• Is JSF 2.0 View Scope back-button safe?
• Avoid back button on JSF web application

不相关与具体问题:PhaseListener是处理HTTP响应标头的错误工具.使用普通的Filter.

Unrelated to the concrete problem: a PhaseListener is the wrong tool for the job of manipulating HTTP response headers. Use a normal Filter.

这篇关于在JSF导航后，单击浏览器后退按钮会导致“文档过期".在浏览器中的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！