首页 > 其他分享> > Spring Security&ExtJS-在会话超时时重定向到登录页面

Spring Security&ExtJS-在会话超时时重定向到登录页面

2019-12-08 14:20:06 作者：互联网

我在Spring MVC / Security中使用ExtJS.我希望在会话过期后将用户重定向到登录页面,并在Spring安全应用程序上下文中提供了该密码-

<session-management invalid-session-url="/login.jsp"></session-management>

但是由于对服务器的调用全部基于AJAX,因此不会发生重定向.
请提出实现此目标的最佳方法.
我有一个用于AJAX登录的自定义UserNamePasswordAuthenticationFilter：

@Override
    protected void successfulAuthentication(HttpServletRequest request,
        HttpServletResponse response, Authentication authResult) throws IOException,
        ServletException {
        SavedRequestAwareAuthenticationSuccessHandler srh = new SavedRequestAwareAuthenticationSuccessHandler();
        this.setAuthenticationSuccessHandler(srh);
        srh.setRedirectStrategy(new RedirectStrategy() {
            @Override
            public void sendRedirect(HttpServletRequest httpServletRequest,
                HttpServletResponse httpServletResponse, String s) throws IOException {
                // do nothing, no redirect
            }
        });
        super.successfulAuthentication(request, response, authResult);

        HttpServletResponseWrapper responseWrapper = new HttpServletResponseWrapper(
         response);
        Writer out = responseWrapper.getWriter();
        out.write("{success:true}");
        out.close();
    }

解决方法:

您也许可以塑造以下内容以覆盖所有ajax请求,以测试超时的会话响应并相应地进行处理：

var origHandleResponse = Ext.data.Connection.prototype.handleResponse;
Ext.override(Ext.data.Connection, {
handleResponse : function(response){
    var text = Ext.decode(response.responseText);
    if (<test for response that means the session timed out>)
    {
            var login = new Ext.Window({
                plain: true,
                closeAction: 'hide',
                modal: true,
                title: "Login timed out, please log in.",
                width: 400,
                autoHeight: true,
                items: [
                {
                    xtype: 'form',
                    id: 'login-form',
                    items: [
                    {
                        xtype: 'textfield',
                        fieldLabel: 'Username',
                        name: 'username'
                    },
                    {
                        xtype: 'textfield',
                        inputType: 'password',
                        fieldLabel: 'Password',
                        name: 'password'
                    }]
                }],
                buttons: [
                {
                    text: 'Submit',
                    handler: function() {
                        Ext.getCmp('login-form').getForm().submit({url: '<login url>'});
                        login.hide();
                    }
                }]
            });
            login.show();
    }
    //else (optional?)
    origHandleResponse.apply(this, arguments);
}

});

标签：extjs,spring-security,spring,spring-mvc
来源： https://codeday.me/bug/20191208/2091947.html