我在Spring MVC / Security中使用ExtJS。我希望在会话过期时将用户重定向到登录页面,我在Spring安全应用程序上下文中给出了这一点 -
<session-management invalid-session-url="/login.jsp"></session-management>
但由于对服务器的调用都是基于AJAX的,因此重定向不会发生。
请建议实施此方法的最佳方法。
我为AJAX登录实现了自定义UserNamePasswordAuthenticationFilter
:
@Override
protected void successfulAuthentication(HttpServletRequest request,
HttpServletResponse response, Authentication authResult) throws IOException,
ServletException {
SavedRequestAwareAuthenticationSuccessHandler srh = new SavedRequestAwareAuthenticationSuccessHandler();
this.setAuthenticationSuccessHandler(srh);
srh.setRedirectStrategy(new RedirectStrategy() {
@Override
public void sendRedirect(HttpServletRequest httpServletRequest,
HttpServletResponse httpServletResponse, String s) throws IOException {
// do nothing, no redirect
}
});
super.successfulAuthentication(request, response, authResult);
HttpServletResponseWrapper responseWrapper = new HttpServletResponseWrapper(
response);
Writer out = responseWrapper.getWriter();
out.write("{success:true}");
out.close();
}
答案 0 :(得分:3)
您可以模拟以下内容来覆盖所有ajax请求以测试超时会话响应并相应地处理它:
var origHandleResponse = Ext.data.Connection.prototype.handleResponse;
Ext.override(Ext.data.Connection, {
handleResponse : function(response){
var text = Ext.decode(response.responseText);
if (<test for response that means the session timed out>)
{
var login = new Ext.Window({
plain: true,
closeAction: 'hide',
modal: true,
title: "Login timed out, please log in.",
width: 400,
autoHeight: true,
items: [
{
xtype: 'form',
id: 'login-form',
items: [
{
xtype: 'textfield',
fieldLabel: 'Username',
name: 'username'
},
{
xtype: 'textfield',
inputType: 'password',
fieldLabel: 'Password',
name: 'password'
}]
}],
buttons: [
{
text: 'Submit',
handler: function() {
Ext.getCmp('login-form').getForm().submit({url: '<login url>'});
login.hide();
}
}]
});
login.show();
}
//else (optional?)
origHandleResponse.apply(this, arguments);
}
});