我在Spring MVC / Security中使用ExtJS.我希望在会话过期后将用户重定向到登录页面,并在Spring安全应用程序上下文中提供了该密码-
<session-management invalid-session-url="/login.jsp"></session-management>
但是由于对服务器的调用全部基于AJAX,因此不会发生重定向.
请提出实现此目标的最佳方法.
我有一个用于AJAX登录的自定义UserNamePasswordAuthenticationFilter:
@Override
protected void successfulAuthentication(HttpServletRequest request,HttpServletResponse response,Authentication authResult) throws IOException,ServletException {
SavedRequestAwareAuthenticationSuccessHandler srh = new SavedRequestAwareAuthenticationSuccessHandler();
this.setAuthenticationSuccessHandler(srh);
srh.setRedirectStrategy(new RedirectStrategy() {
@Override
public void sendRedirect(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String s) throws IOException {
// do nothing,no redirect
}
});
super.successfulAuthentication(request,response,authResult);
HttpServletResponseWrapper responseWrapper = new HttpServletResponseWrapper(
response);
Writer out = responseWrapper.getWriter();
out.write("{success:true}");
out.close();
}
最佳答案
您也许可以塑造以下内容以覆盖所有ajax请求,以测试超时的会话响应并相应地进行处理:
原文链接:https://www.f2er.com/spring/531706.htmlvar origHandleResponse = Ext.data.Connection.prototype.handleResponse;
Ext.override(Ext.data.Connection,{
handleResponse : function(response){
var text = Ext.decode(response.responseText);
if (<test for response that means the session timed out>)
{
var login = new Ext.Window({
plain: true,closeAction: 'hide',modal: true,title: "Login timed out,please log in.",width: 400,autoHeight: true,items: [
{
xtype: 'form',id: 'login-form',items: [
{
xtype: 'textfield',fieldLabel: 'Username',name: 'username'
},{
xtype: 'textfield',inputType: 'password',fieldLabel: 'Password',name: 'password'
}]
}],buttons: [
{
text: 'Submit',handler: function() {
Ext.getCmp('login-form').getForm().submit({url: '<login url>'});
login.hide();
}
}]
});
login.show();
}
//else (optional?)
origHandleResponse.apply(this,arguments);
}
});
