0

我在集成 jsf 2.0、springframeork 3.0.2 和 primefaces 时遇到问题,
在这种情况下,我使用 spring security [login.jsp] 进行身份验证用户并且它可以工作,但我想将其更改为 jsf 页面 [login.jsf 包含在jsf 模板]。

我的意思是:当应用程序运行时,第一页显示第一个主页模板 [home.jsf],其中包含 login.jsf

任何人都给我这个问题的建议......:D
thx agung

web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<context-param>
    <param-name>javax.faces.PROJECT_STAGE</param-name>
    <param-value>Production</param-value>
</context-param>
<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>/WEB-INF/app-config.xml</param-value>
</context-param>
<context-param>
    <param-name>javax.faces.FACELETS_LIBRARIES</param-name>
    <param-value>/WEB-INF/springsecurity.taglib.xml</param-value>
</context-param>
<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<servlet>
    <servlet-name>Spring MVC Dispatcher Servlet</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <init-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/app-config.xml</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
</servlet>
<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
    <servlet-name>Faces Servlet</servlet-name>
    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>
<servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>*.jsf</url-pattern>
</servlet-mapping>
<servlet-mapping>
    <servlet-name>Spring MVC Dispatcher Servlet</servlet-name>
    <url-pattern>*.htm</url-pattern>
</servlet-mapping>
<welcome-file-list>
    <welcome-file>faces/index.jsp</welcome-file>
    <welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>

安全.xml

<?xml version="1.0" encoding="UTF-8"?>
<b:beans xmlns="http://www.springframework.org/schema/security"
xmlns:b="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
    http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">

<http realm="Project Realm" auto-config="true" use-expressions="true">
    <intercept-url pattern="/auth/**" filters="none"/>
    <intercept-url pattern="/admin/**" access="hasRole('ROLE_ADMIN')"/>
    <intercept-url pattern="/users/**" access="hasRole('ROLE_USER')"/>
    <intercept-url pattern="/**" access="hasAnyRole('ROLE_ADMIN','ROLE_USER')"/>

    <form-login login-page="/auth/login.jsp" authentication-failure-url="/auth/login.jsp?login_error=1"/>
    <logout logout-success-url="/auth/login.jsp"/>
    <remember-me />
</http>

<authentication-manager>
    <authentication-provider>
        <password-encoder hash="md5"/>
        <jdbc-user-service data-source-ref="dataSource" />
    </authentication-provider>
</authentication-manager>

</b:beans>

带有模板的 jsf 页面,tempHome.xhtml

<?xml version='1.0' encoding='UTF-8' ?> 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  <html xmlns="http://www.w3.org/1999/xhtml"
  xmlns:p="http://primefaces.org/ui"
  xmlns:ui="http://java.sun.com/jsf/facelets"
  xmlns:h="http://java.sun.com/jsf/html"
  style="overflow: hidden">

<h:head>

    <title>Facelets Template</title>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <link href="./../resources/css/default.css" rel="stylesheet" type="text/css" />
    <link href="./../resources/css/userCssLayout.css" rel="stylesheet" type="text/css" />
    <link href="./../resources/css/layout.css" rel="stylesheet" type="text/css" />

</h:head>

<h:body>

    <div id="top">
        <ui:insert name="top">

        </ui:insert>
    </div>
    <div>
        <div id="left">
            <ui:insert name="left"></ui:insert>
        </div>
        <div>
            <div id="right">
                <ui:insert name="right"></ui:insert>
            </div>
            <div id="content" class="right_content">
                <table style="width: 100%;">
                    <tbody>
                        <tr align="left">
                            <td width="0%"></td>
                            <td>
                                <ui:include src="./../userPage/userMenubar.xhtml"/>
                            </td>
                            <td>
                                <ui:include src="./../pageLogin/userLogin.xhtml"/>
                            </td>
                        </tr>
                    </tbody>
                </table>
                <ui:insert name="content">


                </ui:insert>
            </div>
        </div>
    </div>
    <div id="bottom">
        <ui:insert name="bottom"></ui:insert>
    </div>

</h:body>

索引.jsp

<% response.sendRedirect("userPage/home.jsf"); %>

用户登录.xhtml

<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
  xmlns:p="http://primefaces.org/ui"
  xmlns:h="http://java.sun.com/jsf/html">
<h:head>
    <title>Facelet Title</title>
</h:head>
<h:body>
    <h:form style="height: 50px; font-size: 10px;">
        <p:toolbar>  
            <p:toolbarGroup align="left">  
                <p:separator />  

                <h:outputText value="Username : "/>
                <p:inputText value="#{memberBean.selected.username}"/>

                <h:outputText value="Password : "/>
                <p:password value="#{memberBean.selected.password2}" feedback="false"/>

                <p:commandButton value="Login" actionListener="#{memberBean.cek()}"/>

                <p:commandButton type="button" title="Save" icon="ui-icon-disk"/>  

            </p:toolbarGroup>  

            <p:toolbarGroup align="right">  
                <p:menuButton value="Options">  
                    <p:menuitem value="Home" url="http://www.primefaces.org" />  
                    <p:menuitem value="ShowCase"  
                                url="http://www.primefaces.org/showcase" />  
                    <p:menuitem value="TouchFaces"  
                                url="http://www.primefaces.org/showcase/touch" />  
                </p:menuButton>  
            </p:toolbarGroup>  

        </p:toolbar>

    </h:form>
</h:body>
</html>
4

1 回答 1

0

可能听起来微不足道,但您是否尝试用 security.xml 中的 login.jsf 路径替换 login.jsp?当然,您必须从截获的 URL 中排除所需的文件。在没有此行的情况下对其进行测试:

<intercept-url pattern="/**" access="hasAnyRole('ROLE_ADMIN','ROLE_USER')"/>

上面这行确实不是一个好主意,它会阻止登录页面可能需要的 css 文件、javascript、图像。我更喜欢限制对特定区域的访问,并在默认情况下保持资源可访问。

还要记住,在某些情况下,登录页面可能会被加载数千次 - 脚本损坏、内部服务器状态监控等。普通的 jsp 页面应该处理得更快。

于 2012-05-21T12:48:37.543 回答