Java JAAS可以处理AJAX部分请求吗？_Java_Authentication_Jsf 2_Primefaces_Jaas

Java JAAS可以处理AJAX部分请求吗？

java authentication jsf-2 primefaces

Java JAAS可以处理AJAX部分请求吗？,java,authentication,jsf-2,primefaces,jaas,Java,Authentication,Jsf 2,Primefaces,Jaas,我有一个配置了JAAS、JSF-2和Primefaces的示例项目。这是我的web.xml： <?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns

我有一个配置了JAAS、JSF-2和Primefaces的示例项目。这是我的web.xml：

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
    <display-name>JAASProject</display-name>
    <welcome-file-list>
        <welcome-file>index.jsp</welcome-file>
    </welcome-file-list>
    <context-param>
        <param-name>primefaces.THEME</param-name>
        <param-value>start</param-value>
    </context-param>
    <context-param>
        <param-name>primefaces.SUBMIT</param-name>
        <param-value>partial</param-value>
    </context-param>
    <servlet>
        <servlet-name>Faces Servlet</servlet-name>
        <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>Faces Servlet</servlet-name>
        <url-pattern>*.xhtml</url-pattern>
    </servlet-mapping>
    <context-param>
        <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
        <param-value>client</param-value>
    </context-param>
    <context-param>
        <param-name>javax.servlet.jsp.jstl.fmt.localizationContext</param-name>
        <param-value>resources.application</param-value>
    </context-param>
    <listener>
        <listener-class>com.sun.faces.config.ConfigureListener</listener-class>
    </listener>
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>Protected Area</web-resource-name>
            <url-pattern>/app/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
        </web-resource-collection>
        <auth-constraint>
            <role-name>*</role-name>
        </auth-constraint>
    </security-constraint>
    <login-config>
        <auth-method>FORM</auth-method>
        <realm-name>adbADRealm</realm-name>
        <form-login-config>
            <form-login-page>/login.xhtml</form-login-page>
            <form-error-page>/login.xhtml</form-error-page>
        </form-login-config>
    </login-config>
    <security-role>
        <role-name>*</role-name>
    </security-role>
    <session-config>
        <session-timeout>1</session-timeout>
    </session-config>
</web-app>

身份验证正在工作，我将被导航到家中。在home中，我有三个按钮：一个Primesfaces、一个JSF（非ajax）和一个JSF（支持ajax）

家

到目前为止一切进展顺利。当会话超时时，如果我单击Primefaces的按钮或支持ajax的JSF的按钮，它不会执行任何操作，不会调用任何异常或

actionListener

；没关系,；但我例外，我会被导航到登录页面

如果我通过Firebugging单击启用ajax的按钮，我可以看到一篇文章被炒鱿鱼，但就是这样。如果单击JSF按钮（非ajax），我将导航到登录页面，但如果单击其他两个按钮，则不会导航到登录页面

JAAS与AJAX POST一起工作吗？这是我的代码问题吗？我错过什么了吗

我的配置是：

服务器-JBossAS 7.1
Mojara-2.1.7
Primefaces-3.4.2

安装OmniFaces，这个问题将像魔法一样完全消失，而不需要任何额外的配置。@BalusC是的，我这样做了。

FullAjaxExceptionHandlerFactory

工作起来很有魅力。您能解释一下这种行为吗？为什么它不适用于此

例外HandlerFactory

？您不需要针对此特定情况进行其他配置。解释是对这个重复问题的回答：@BalusC您能否解释一下

，但是，由于这是一个ajax请求，并且没有呈现信息（整个POST请求基本上在安全性向前检查期间被丢弃），因此只会返回视图状态。

根据您给出的POST进行注释。我不太清楚。@BalusC唯一不清楚的一点是，

FacesServlet

是否生成登录页面的视图，并且由于该视图未受保护，为什么该视图会被安全性丢弃！

<%
    response.sendRedirect("app/home.xhtml");
%>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:h="http://java.sun.com/jsf/html" xmlns:p="http://primefaces.org/ui"
    xmlns:f="http://java.sun.com/jsf/core">

<h:head>
    <title>Login</title>
</h:head>
<h:body>
    <h:form>
        <h:panelGrid columns="2" cellpadding="5">
            <p:outputLabel value="Username" />
            <p:inputText value="#{authenticationController.username}" required="true"/>
            <p:outputLabel value="Password" />
            <p:password value="#{authenticationController.password}" required="true"/>
            <f:facet name="footer">
                <p:commandButton id="loginButton" actionListener="#{authenticationController.login}" value="Login"/>
            </f:facet>
        </h:panelGrid>
    </h:form>
</h:body>
</html>

package com.myself.jassproject.controller;

import java.io.Serializable;

import javax.annotation.PostConstruct;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.ViewScoped;
import javax.faces.context.ExternalContext;
import javax.faces.context.FacesContext;
import javax.faces.event.ActionEvent;
import javax.servlet.RequestDispatcher;
import javax.servlet.http.HttpServletRequest;

@ManagedBean(name = "authenticationController")
@ViewScoped
public class AuthenticationController implements Serializable{

    private static final long serialVersionUID = 7083052321396088714L;

    private String originalURL;

    private String username;
    private String password;

    public AuthenticationController() {

    }

    @PostConstruct
    public void initialize() {
        ExternalContext externalContext = getExternalContext();
        originalURL = (String) externalContext.getRequestMap().get(RequestDispatcher.FORWARD_REQUEST_URI);

        if (originalURL == null) {
            originalURL = externalContext.getRequestContextPath() + "/app/home.xhtml";
        }

        System.out.println(originalURL);
    }

    public void login(ActionEvent event){
        System.out.println("==");
        try {
            getServletRequest().login(username, password);
            getExternalContext().redirect(originalURL);
        } catch (Exception ex) {
            ex.printStackTrace();
        }       
    }

    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }

    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }

    private ExternalContext getExternalContext() {
        return getFacesContext().getExternalContext();
    }

    private FacesContext getFacesContext() {
        return FacesContext.getCurrentInstance();
    }

    private HttpServletRequest getServletRequest() {
        return (HttpServletRequest) getExternalContext().getRequest();
    }
}

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
      xmlns:h="http://java.sun.com/jsf/html"
      xmlns:f="http://java.sun.com/jsf/core"
      xmlns:ui="http://java.sun.com/jsf/facelets"
      xmlns:p="http://primefaces.org/ui">

    <h:head>
        <title>Home</title>
    </h:head>
    <h:body>
        <h:form>
            <p:commandButton value="Click me (Primefaces)" actionListener="#{homeController.doSomething}"/>
            <h:commandButton value="Click me (JSF)" actionListener="#{homeController.doSomething}" />
            <h:commandButton value="Click me (JSF - AJAX)" actionListener="#{homeController.doSomething}">
                <f:ajax execute="@form"/>
            </h:commandButton>
        </h:form>
    </h:body>
</html>