1

j_security_check对我来说似乎不足以执行登录过程。因此,我没有将表单提交给 j_security_check,而是创建了自己的 servlet,并且我正在以编程方式尝试登录。这可行,但我无法重定向到我的受限资源。谁能告诉我可能是什么问题?这是processRequest我的 servlet 的方法:-

protected void processRequest(HttpServletRequest request, HttpServletResponse response)
    throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        PrintWriter out = response.getWriter();
        try {
            String strUsername = request.getParameter("txtusername");
            String strPassword = request.getParameter("txtpassword");
            if(strUsername == null || strPassword == null || strUsername.equals("") || strPassword.equals(""))
                throw new Exception("Username and/or password missing.");
            request.login(strUsername, strPassword);
            System.out.println("Login succeeded!!");

            if(request.isUserInRole(ROLES.ADMIN.getValue())){//enum
                System.out.println("Found in Admin Role");
                response.sendRedirect("/app/Admin/home.jsf");

            }
            else if (request.isUserInRole(ROLES.GENERAL.getValue()))
                response.sendRedirect("/app/Common/index.jsf");
            else //guard
                throw new Exception("No role for user " + request.getRemoteUser());


        }catch(Exception ex){
            //patch work why there needs to be blogger here?
            System.out.println("Invalid username and/or password!!");
            response.sendRedirect("/app/Common/index.jsf");
        }finally {
            out.close();
        }
    }

一切正常,我什至可以看到“在管理员角色中找到”消息,但问题是即使经过身份验证,我也无法将我的请求重定向到其他页面。

4

2 回答 2

1

我不确定,但我认为这个问题是

https://glassfish.dev.java.net/issues/show_bug.cgi?id=11340

于 2010-03-23T05:20:00.547 回答
0

删除这些行,它们不属于那里:

    response.setContentType("text/html;charset=UTF-8");
    PrintWriter out = response.getWriter();


        out.close();

如果关闭OutputStream,则无法进行重定向。实际上,您应该已经IllegalStateException: Response already committed在服务器日志中看到了 。

于 2010-03-20T12:37:52.527 回答