Jsf 2 也许FacesServlet的配置不好_Jsf 2_Security_Web.xml_Jaas

Jsf 2 也许FacesServlet的配置不好

jsf-2 security

Jsf 2 也许FacesServlet的配置不好,jsf-2,security,web.xml,jaas,Jsf 2,Security,Web.xml,Jaas,在下面的web.xml中，jsf标记被呈现出来，但是我在模板、css和按钮方面遇到了很多问题 <?xml version="1.0" encoding="UTF-8"?> <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun

在下面的web.xml中，jsf标记被呈现出来，但是我在模板、css和按钮方面遇到了很多问题

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">

 <context-param>
    <param-name>javax.faces.PROJECT_STAGE</param-name>
    <param-value>Production</param-value>
  </context-param>

  <context-param>
    <param-name>javax.faces.DEFAULT_SUFFIX</param-name>
    <param-value>.xhtml</param-value>
  </context-param>

  <servlet>
    <servlet-name>Faces Servlet</servlet-name>
    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
  </servlet>
  <servlet-mapping>
  <servlet-name>Faces Servlet</servlet-name>
  <url-pattern>*.xhtml</url-pattern>
  </servlet-mapping>

<security-constraint>

        <!-- Applicazione Web -->
        <web-resource-collection>
            <web-resource-name>Applicazione</web-resource-name>
                <url-pattern>*.xhtml</url-pattern>
                    <http-method>GET</http-method>
                    <http-method>POST</http-method>
        </web-resource-collection>


        <auth-constraint>
            <role-name>*</role-name>
        </auth-constraint>

</security-constraint>

<login-config>
    <auth-method>FORM</auth-method>
        <form-login-config>
            <form-login-page>/login.xhtml</form-login-page>
            <form-error-page>/login.xhtml</form-error-page>
        </form-login-config>
</login-config>

<security-role>
    <role-name>*</role-name>
</security-role>         

<welcome-file-list>
   <welcome-file>index.xhtml</welcome-file>
</welcome-file-list>

</web-app>


javax.faces.PROJECT_阶段
生产
javax.faces.DEFAULT_后缀
.xhtml
Facesservlet
javax.faces.webapp.FacesServlet
1.
Facesservlet
*.xhtml
应用锡安
*.xhtml
得到
邮递
*
形式
/login.xhtml
/login.xhtml
*
index.xhtml

相反，这是我的login.xtml，位于我的应用程序的/文件夹中

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<ui:composition xmlns="http://www.w3.org/1999/xhtml" xmlns:h="http://java.sun.com/jsf/html"
    xmlns:f="http://java.sun.com/jsf/core" xmlns:ui="http://java.sun.com/jsf/facelets" xmlns:a4j="http://richfaces.org/a4j"
    xmlns:rich="http://richfaces.org/rich" template = "/WEB-INF/template/login.xhtml" >

    <ui:define name="areaLogin">
     <p>Login to access secure :</p>
     <h:form >

        <h:panelGrid styleClass="myTable3" columns='2' border="1" >

            <h:outputLabel value='Username: ' />
            <h:inputText value="#{beanLogin.username}" />

            <h:outputLabel value='Password: ' />
            <h:inputSecret value="#{beanLogin.password}" />

            <h:outputText value='' />

            <h:panelGrid columns='1'>
       <a4j:commandButton action="#{beanLogin.login()}" value="Login" onclick="selezionaClientiAttivi();selezionaFattureInScadenza();selezionaOrdiniNonFatturati();" status="StatoLogin"  />
       </h:panelGrid>
      </h:panelGrid>

    </ui:define>
</ui:composition>


登录以访问安全：

如上所述，jsf组件是呈现的，但是如果我删除安全约束并更改欢迎文件列表，则不会调用tempate，a4j:commandButton也不会工作

  <welcome-file-list>
    <welcome-file>login.xhtml</welcome-file>
  </welcome-file-list>


login.xhtml

一切正常

我哪里错了？

你的脸很好。您的安全约束是错误的。如何修复它？我希望所有URL都受保护（/*）重复：