1

我目前正在扩展我的 JSF 网站。我使用 Tomcat 容器管理的身份验证机制(效果很好,用户在访问保护区之前被强制登录),现在我想提供一个额外的登录按钮。

使用登录按钮,我希望用户获得“LOGGED_IN_CUST”凭据,以便网站在到达安全页面(如 orderProducts.xhtml)之前提供其他功能(如更改/添加/删除地址)

例子:

当前站点:index.xhtml
如果单击右上角的登录链接,将显示 login.xhtml 页面:

    <form action="j_security_check">
        <h:panelGrid columns="2" bgcolor="#eff5fa" cellspacing="5"
            frame="box" styleClass="center">
            <h:outputLabel value="User name:" />
            <h:inputText id="j_username" tabindex="1" />
            <h:outputLabel value="Password:" />
            <h:inputSecret id="j_password" />
            <h:outputLabel value="" />
            <h:commandButton id="login" value="Login" />
        </h:panelGrid>
    </form>

使用正确的用户凭据并按下登录按钮后,我收到以下错误:

HTTP Status 400 - Invalid direct reference to form login page
message: Invalid direct reference to form login page
description: The request sent by the client was syntactically incorrect.

是否有使用附加登录链接登录的解决方案。而在客户成功登录后,之前显示的站点又是活跃的吗?(在本例中为 index.xhtml)

4

1 回答 1

0

我已经重建了应用程序。"j_security_check"我创建了一个commandButton调用以下 doLogin 方法的常规而不是具有操作属性的登录表单

public void doLogin(ActionEvent e) throws IOException {
    FacesContext context = FacesContext.getCurrentInstance();
    HttpServletRequest request = (HttpServletRequest) context
            .getExternalContext().getRequest();

    try {
        // Try to login customer via container management
        request.login(eMail, password);

        /*
         * In case that the Login link was clicked, then the variable
         * "requestedURI" is null ! In that case we can redirect the
         * customer directly to his customerOverview site. A user with role
         * ADMIN will be redirected to systemInfo.xhtml and a user with role
         * CUST is redirected to customerOverview.xhtml.
         */
        if(requestedURI == null){
            if(request.isUserInRole(ROLE_ADMIN)){
                requestedURI = BASE_NAME+"/faces/sections/admin/systemInfo.xhtml";
            }
            else if(request.isUserInRole(ROLE_CUST)){
                requestedURI = BASE_NAME+"/faces/sections/customer/customerOverview.xhtml";
            }
            else{
                requestedURI = BASE_URL;
            }
        }

        /*
         * If everything worked well, redirect the customer to the desired
         * page
         */
        context.getExternalContext().redirect(requestedURI);
    } catch (ServletException se) {
        context.addMessage(null, new FacesMessage(Internationalization.getLoginFailed()));
    }
}

这个解决方案对我来说很好:)

于 2013-06-17T09:18:10.063 回答