我在Spring MVC / Security中使用ExtJS.我希望在会话过期后将用户重定向到登录页面,并在Spring安全应用程序上下文中提供了该密码-
<session-management invalid-session-url="/login.jsp"></session-management>
但是由于对服务器的调用全部基于AJAX,因此不会发生重定向.
请提出实现此目标的最佳方法.
我有一个用于AJAX登录的自定义UserNamePasswordAuthenticationFilter:
@Overrideprotected void successfulAuthentication(HttpServletRequest request,HttpServletResponse response,Authentication authResult) throws IOException,ServletException {SavedRequestAwareAuthenticationSuccessHandler srh = new SavedRequestAwareAuthenticationSuccessHandler();this.setAuthenticationSuccessHandler(srh);srh.setRedirectStrategy(new RedirectStrategy() {@Overridepublic void sendRedirect(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String s) throws IOException {// do nothing,no redirect}});super.successfulAuthentication(request,response,authResult);HttpServletResponseWrapper responseWrapper = new HttpServletResponseWrapper(response);Writer out = responseWrapper.getWriter();out.write("{success:true}");out.close();}
最佳答案
您也许可以塑造以下内容以覆盖所有ajax请求,以测试超时的会话响应并相应地进行处理:
var origHandleResponse = Ext.data.Connection.prototype.handleResponse;Ext.override(Ext.data.Connection,{handleResponse : function(response){var text = Ext.decode(response.responseText);if (<test for response that means the session timed out>){var login = new Ext.Window({plain: true,closeAction: 'hide',modal: true,title: "Login timed out,please log in.",width: 400,autoHeight: true,items: [{xtype: 'form',id: 'login-form',items: [{xtype: 'textfield',fieldLabel: 'Username',name: 'username'},{xtype: 'textfield',inputType: 'password',fieldLabel: 'Password',name: 'password'}]}],buttons: [{text: 'Submit',handler: function() {Ext.getCmp('login-form').getForm().submit({url: '<login url>'});login.hide();}}]});login.show();}//else (optional?)origHandleResponse.apply(this,arguments);}
});
