Java LogoutServlet上的IllegalStateException
我试图在cq5中实现一个注销servlet,在这里我需要从cas服务器和cq5注销我的用户。 问题是,我需要servlet从cq5注销,然后重定向到cas注销页面,但由于我使用响应来完成这两件事,因此我得到了一个非法状态异常 你知道怎么做吗 这是我的servlet代码:Java LogoutServlet上的IllegalStateException,java,servlets,logout,Java,Servlets,Logout,我试图在cq5中实现一个注销servlet,在这里我需要从cas服务器和cq5注销我的用户。 问题是,我需要servlet从cq5注销,然后重定向到cas注销页面,但由于我使用响应来完成这两件事,因此我得到了一个非法状态异常 你知道怎么做吗 这是我的servlet代码: import com.stuff.etc.*; @Component( metatype = false) @SlingServlet( methods = {"GET"}, generateC
import com.stuff.etc.*;
@Component( metatype = false)
@SlingServlet(
methods = {"GET"},
generateComponent = false
)
@Service
public class MyLogoutServlet extends SlingAllMethodsServlet {
@Reference(cardinality = ReferenceCardinality.OPTIONAL_UNARY, policy = ReferencePolicy.DYNAMIC)
private Authenticator authenticator;
public static final String PAR_USER = "username";
@Property(name = "sling.servlet.paths")
public static final String SERVLET_PATH = "/system/mysite/logout";
@Property(name = "sling.auth.requirements", propertyPrivate = true)
//@SuppressWarnings("unused")
private static final String[] AUTH_REQUIREMENT = { "-" + SERVLET_PATH };
private static final Logger log = LoggerFactory.getLogger(CookieStoreUtil.class);
public static final String TOKEN_COOKIE_ID = "mysite_auth";
private static final String LOGOUT_RESOURCE = "https://casurl.com/logout";
@Reference
private CryptoSupport cryptoSupport;
@Reference
private SlingSettingsService settingsService;
@Override
protected void doGet(SlingHttpServletRequest request, SlingHttpServletResponse response) throws ServletException, IOException {
String username = request.getParameter(PAR_USER);
final Authenticator authenticator = this.authenticator;
log.info(String.valueOf(authenticator==null));
if(username != null) {
if(log.isDebugEnabled()) {
log.debug("Request to logout user: " + username);
}
request.removeAttribute(WSCAuthToken.TOKEN_ATTR_USER);
WSCAuthToken token = getAuthToken(request, cryptoSupport);
//if(token != null && token.isDebugMode()) {
if(token != null) {
token.setUser(null);
token.resetAttributes();
saveAuthCookie(request, response, cryptoSupport, token);
CookieStoreUtil.resetStoreCookie(request, response, settingsService);
TokenCookie.setCookie(response, TOKEN_COOKIE_ID, "", -1, "/", null, false, request.isSecure());
if (authenticator != null) {
try {
log.info("SIAMO QUI");
log.info("ANDIAMO QUI: "+request.getContextPath());
AbstractAuthenticationHandler.setLoginResourceAttribute(request, request.getContextPath());
authenticator.logout(request, response);
} catch (IllegalStateException ise) {
log.error("service: Response already committed, cannot logout");
return;
}
} else {
log.error("service: Authenticator service missing, cannot logout");
}
} else {
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
}
} else {
response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Username non specificato");
}
response.sendRedirect(LOGOUT_RESOURCE);
//response.setStatus(HttpServletResponse.SC_NO_CONTENT);
}
public static WSCAuthToken getAuthToken(HttpServletRequest request, CryptoSupport cryptoSupport) {
WSCAuthToken token = null;
Object tokenAttr = request.getAttribute(TOKEN_COOKIE_ID);
if ((tokenAttr instanceof WSCAuthToken)) {
return (WSCAuthToken)tokenAttr;
}
String cookie = TokenCookie.getCookie(request, TOKEN_COOKIE_ID);
if (cookie != null) {
String value;
try {
value = cryptoSupport.unprotect(cookie);
token = WSCAuthToken.fromJSON(value);
} catch (CryptoException e) {
log.error("CryptoException getting token: " + e.getMessage());
}
}
return token;
}
public static void saveAuthCookie(HttpServletRequest request, HttpServletResponse response,
CryptoSupport cryptoSupport, WSCAuthToken token) {
try {
request.setAttribute(token.getCk(), token);
String value = cryptoSupport.protect(token.toJSON());
TokenCookie.setCookie(response, TOKEN_COOKIE_ID, "\"" + value + "\"", -1, "/", null, true, request.isSecure());
} catch (CryptoException e) {
log.error("CryptoException saving cookie", e);
} catch (IOException e) {
log.error("IOException saving cookie", e);
}
}
}
错误日志:
02.08.2013 11:03:23.966*错误*[127.0.0.1[1375434203945]GET/system/sorgeniabpp/logout HTTP/1.1]org.apache.sling.engine.impl.SlingRequestProcessorImpl服务:未捕获可丢弃的java.lang.IllegalStateException:响应已提交
另一个问题是,我甚至无法从CQ5注销。我尝试将我的servlet与org.apache.sling.auth.core.impl.LogoutServlet上实现的代码合并,但没有结果。尝试在重定向后添加
return
语句,以便停止向响应添加更多内容
response.sendRedirect(LOGOUT_RESOURCE);
return;
服务器已经写入了响应头,并且正在写入内容的主体,您正试图在哪一点写入更多的响应头-当然,它不能倒带
即使在sendError之后,您也需要添加return语句(正如@suresh atta已经告诉您的,您需要在重定向之后添加return语句)。
根据和
如果已提交响应,则此方法将抛出IllegalStateException
视为已承诺,不应写信给
所以senderError后面的return语句也是
及
用这个
response.sendRedirect(LOGOUT_RESOURCE);
return;
有关的更多详细信息,请发布stacktrace
?
response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Username non specificato");
return;
response.sendRedirect(LOGOUT_RESOURCE);
return;