Java Ajax会话超时FullAjaxExceptionHandlerFactory不与shiro一起工作
我为使用Ajax会话超时添加的代码的详细信息,如 Faces Config.xmlJava Ajax会话超时FullAjaxExceptionHandlerFactory不与shiro一起工作,java,jsf-2,session-timeout,shiro,omnifaces,Java,Jsf 2,Session Timeout,Shiro,Omnifaces,我为使用Ajax会话超时添加的代码的详细信息,如 Faces Config.xml <factory> <exception-handler-factory>org.omnifaces.exceptionhandler.FullAjaxExceptionHandlerFactory</exception-handler-factory> </factory> <error-page> <exception
<factory>
<exception-handler-factory>org.omnifaces.exceptionhandler.FullAjaxExceptionHandlerFactory</exception-handler-factory>
</factory>
<error-page>
<exception-type>javax.faces.application.ViewExpiredException</exception-type>
<location>/expired.xhtml</location>
</error-page>
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager" />
<!-- override these for application-specific URLs if you like: -->
<property name="loginUrl" value="/index.xhtml" />
<property name="successUrl" value="/dashboard" />
<property name="unauthorizedUrl" value="/login" />
<property name="filters">
<util:map>
<entry key="authc">
<bean
class="org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter" />
</entry>
</util:map>
</property>
<property name="filterChainDefinitions">
<value>
[main]
user.loginUrl = /login.xhtml
[users]
admin = password
[urls]
/login.xhtml = user
/css/**=anon
/images/**=anon
/emailimages/**=anon
/login=anon
/test=anon
/sso=anon
/ssologin=anon
/**=authc
</value>
</property>
</bean>
<bean id="facesFilter" class="com.xxx.temp.FacesAjaxAwareUserFilter"></bean>
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<!-- <property name="sessionMode" value="native"/> -->
<property name="realms">
<list>
<ref bean="jdbcRealm" />
<ref bean="googleRealm" />
</list>
</property>
<!-- <property name="realms" ref="jdbcRealm googleRealm" /> -->
<property name="cacheManager" ref="cacheManager" />
<!-- <property name="sessionManager" ref="sessionManager"/> -->
</bean>
<!-- <bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManagerConfigFile" value="/WEB-INF/ehcache.xml"/> </bean> -->
<bean id="passwordService"
class="org.apache.shiro.authc.credential.DefaultPasswordService">
</bean>
<bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManager" ref="ehCacheManager" />
</bean>
<!-- <bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
<property name="sessionDAO" ref="sessionDAO"/> </bean> -->
<bean id="ehCacheManager"
class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean" />
<!-- <bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO"/> -->
<bean id="jdbcRealm" class="com.xxx.domain.web.permissions.MyWebRealm">
</bean>
<bean id="googleRealm" class="com.xxx.domain.web.permissions.GoogleRealm">
<!-- <property name="dataSource" ref="dataSource" /> -->
<property name="credentialsMatcher"> <bean class="com.fetchinglife.domain.web.permissions.GoogleCredentialsMatcher"/> </property>
</bean>
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
<bean
class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor" />
<factory>
<exception-handler-factory>org.omnifaces.exceptionhandler.FullAjaxExceptionHandlerFactory</exception-handler-factory>
</factory>
<util:map>
<entry key="authc">
<bean
class="org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter" />
<bean class="com.xxx.custom.FacesAjaxAwareUserFilter" />
</entry>
</util:map>
将此添加到.xhtml文件中
omniface-1.7.jar
xmlns:o="http://omnifaces.org/ui"
xmlns:of="http://omnifaces.org/functions"
提出警告
当前状态:
omniface-1.7.jar
xmlns:o="http://omnifaces.org/ui"
xmlns:of="http://omnifaces.org/functions"
未找到响应,页面在会话超时ajax调用时不会重定向。使用此配置解决了问题 faces config.xml
<factory>
<exception-handler-factory>org.omnifaces.exceptionhandler.FullAjaxExceptionHandlerFactory</exception-handler-factory>
</factory>
<error-page>
<exception-type>javax.faces.application.ViewExpiredException</exception-type>
<location>/expired.xhtml</location>
</error-page>
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager" />
<!-- override these for application-specific URLs if you like: -->
<property name="loginUrl" value="/index.xhtml" />
<property name="successUrl" value="/dashboard" />
<property name="unauthorizedUrl" value="/login" />
<property name="filters">
<util:map>
<entry key="authc">
<bean
class="org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter" />
</entry>
</util:map>
</property>
<property name="filterChainDefinitions">
<value>
[main]
user.loginUrl = /login.xhtml
[users]
admin = password
[urls]
/login.xhtml = user
/css/**=anon
/images/**=anon
/emailimages/**=anon
/login=anon
/test=anon
/sso=anon
/ssologin=anon
/**=authc
</value>
</property>
</bean>
<bean id="facesFilter" class="com.xxx.temp.FacesAjaxAwareUserFilter"></bean>
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<!-- <property name="sessionMode" value="native"/> -->
<property name="realms">
<list>
<ref bean="jdbcRealm" />
<ref bean="googleRealm" />
</list>
</property>
<!-- <property name="realms" ref="jdbcRealm googleRealm" /> -->
<property name="cacheManager" ref="cacheManager" />
<!-- <property name="sessionManager" ref="sessionManager"/> -->
</bean>
<!-- <bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManagerConfigFile" value="/WEB-INF/ehcache.xml"/> </bean> -->
<bean id="passwordService"
class="org.apache.shiro.authc.credential.DefaultPasswordService">
</bean>
<bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManager" ref="ehCacheManager" />
</bean>
<!-- <bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
<property name="sessionDAO" ref="sessionDAO"/> </bean> -->
<bean id="ehCacheManager"
class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean" />
<!-- <bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO"/> -->
<bean id="jdbcRealm" class="com.xxx.domain.web.permissions.MyWebRealm">
</bean>
<bean id="googleRealm" class="com.xxx.domain.web.permissions.GoogleRealm">
<!-- <property name="dataSource" ref="dataSource" /> -->
<property name="credentialsMatcher"> <bean class="com.fetchinglife.domain.web.permissions.GoogleCredentialsMatcher"/> </property>
</bean>
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
<bean
class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor" />
<factory>
<exception-handler-factory>org.omnifaces.exceptionhandler.FullAjaxExceptionHandlerFactory</exception-handler-factory>
</factory>
<util:map>
<entry key="authc">
<bean
class="org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter" />
<bean class="com.xxx.custom.FacesAjaxAwareUserFilter" />
</entry>
</util:map>
web.xml
<factory>
<exception-handler-factory>org.omnifaces.exceptionhandler.FullAjaxExceptionHandlerFactory</exception-handler-factory>
</factory>
<error-page>
<exception-type>javax.faces.application.ViewExpiredException</exception-type>
<location>/expired.xhtml</location>
</error-page>
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager" />
<!-- override these for application-specific URLs if you like: -->
<property name="loginUrl" value="/index.xhtml" />
<property name="successUrl" value="/dashboard" />
<property name="unauthorizedUrl" value="/login" />
<property name="filters">
<util:map>
<entry key="authc">
<bean
class="org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter" />
</entry>
</util:map>
</property>
<property name="filterChainDefinitions">
<value>
[main]
user.loginUrl = /login.xhtml
[users]
admin = password
[urls]
/login.xhtml = user
/css/**=anon
/images/**=anon
/emailimages/**=anon
/login=anon
/test=anon
/sso=anon
/ssologin=anon
/**=authc
</value>
</property>
</bean>
<bean id="facesFilter" class="com.xxx.temp.FacesAjaxAwareUserFilter"></bean>
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<!-- <property name="sessionMode" value="native"/> -->
<property name="realms">
<list>
<ref bean="jdbcRealm" />
<ref bean="googleRealm" />
</list>
</property>
<!-- <property name="realms" ref="jdbcRealm googleRealm" /> -->
<property name="cacheManager" ref="cacheManager" />
<!-- <property name="sessionManager" ref="sessionManager"/> -->
</bean>
<!-- <bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManagerConfigFile" value="/WEB-INF/ehcache.xml"/> </bean> -->
<bean id="passwordService"
class="org.apache.shiro.authc.credential.DefaultPasswordService">
</bean>
<bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManager" ref="ehCacheManager" />
</bean>
<!-- <bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
<property name="sessionDAO" ref="sessionDAO"/> </bean> -->
<bean id="ehCacheManager"
class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean" />
<!-- <bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO"/> -->
<bean id="jdbcRealm" class="com.xxx.domain.web.permissions.MyWebRealm">
</bean>
<bean id="googleRealm" class="com.xxx.domain.web.permissions.GoogleRealm">
<!-- <property name="dataSource" ref="dataSource" /> -->
<property name="credentialsMatcher"> <bean class="com.fetchinglife.domain.web.permissions.GoogleCredentialsMatcher"/> </property>
</bean>
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
<bean
class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor" />
<factory>
<exception-handler-factory>org.omnifaces.exceptionhandler.FullAjaxExceptionHandlerFactory</exception-handler-factory>
</factory>
<util:map>
<entry key="authc">
<bean
class="org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter" />
<bean class="com.xxx.custom.FacesAjaxAwareUserFilter" />
</entry>
</util:map>
将错误重定向页面添加到web.xml
<error-page>
<error-code>500</error-code>
<location>/error.xhtml</location>
</error-page>
看起来您将
FacesAjaxAwareUserFilter
配置为Spring管理的bean,而不是Shiro过滤器。为什么?在您找到的JSF2 Shiro教程中绝对没有这样描述。@BalusC我对Shiro和spring不太在行,我不知道这是如何工作的。我刚刚按照说明进行了操作,在我的应用程序中没有shiro.ini文件,所以当我在web上搜索时,它向我展示了我实现的这个示例。你能帮我修一下这个吗所以你一开始连Shiro都没有?我将首先使用普通的HTML页面来解决这个问题,直到它起作用,然后您可以开始集中精力解决JSF ajax方面的问题。一次咬一口大象。@BalusC是的shiro工作得很好,我只是在解决ajax超时问题。我正在将spring jsf与shiro一起使用,我将使用完整的细节更新application config.xml。我检查了更新的application config.xml
,并且filterChainDefinitions
的值正好代表shiro.ini
文件的内容。我不知道Spring为什么会这样,怎么会这样,但从逻辑上讲,把它当作一个真正的shiro.ini
。我只需要按照实际的Shiro.ini
文件的说明在那里配置Shiro过滤器。