JSF 2.3: Session expired vs ViewExpired 问题
[英]JSF 2.3: Session expired vs ViewExpired problems
问题描述
我在 WildFly 17 上使用 JSF 2.3 (Mojarra) 和 PrimeFaces 7 并且对(我想)过期的 Z80791B3AE7002CB88C246876D9FAA8 的回答有问题,使用下面的链接 IZFAA8 无法回答:
不断收到 javax.faces.application.ViewExpiredException: viewId with jsf 2
JSF 2.3 基于表单的登录和 ViewExpiredException
为了测试我的假设,我在 web.xml 中添加了以下条目:
<session-config>
<cookie-config>
<http-only>true</http-only>
</cookie-config>
<session-timeout>1</session-timeout>
</session-config>
部署应用程序后,我在不同的浏览器中打开了它的两个页面: 第一个页面需要我成功执行的登录,然后打开该页面。 第二个页面只需要单击一个链接(无需登录)并在单击此链接时打开。 两个页面都使用 ViewScoped bean。
我等了一分钟多一点,根据上面的配置,session 应该已经过期了。
1.)在第一页:当我点击下面的按钮时:
<p:commandButton icon="ui-icon-check" value="....." action="#{aveAngelBean.aveAngelegtOK}" update="@form" />
我只看到在右下角有一个圆圈旋转,表明可能执行了 JavaScript,但没有其他任何反应。 我在控制台中没有收到任何错误。 当我第二次单击该按钮时,什么也没有发生。 此外,服务器上没有执行任何代码
2.)在第二页:当我点击下面的按钮时:
<p:commandButton icon = "ui-icon-check" value="#{msg['immobilien.ave.go.forward']}" action="#{persDatenBean.weiterUnterlagen}" update="@form">
<f:param name="validateOnWeiter" value="true"/>
</p:commandButton>
支持 bean 的 @init 方法被执行——这意味着可能是服务器尝试恢复视图。 然后出现错误,因为 HTTP GET 参数,在链接的 URL 中找到,我最初调用它来访问此页面:
?linkId=c91cc387-45f4-4c22-8829-4e3fd266c311_abd45a61-0e4e-4e7b-aa48-e9d858a5dbb9
没有被发现。
我的问题是:
1.)关于第一页:我怎样才能显示登录页面而不是什么都不显示? 2.) 关于第二页:如何在单击按钮时使用最初调用该页面的 HTTP GET 参数重新加载页面? 为什么是这个参数
?linkId=c91cc387-45f4-4c22-8829-4e3fd266c311_abd45a61-0e4e-4e7b-aa48-e9d858a5dbb9
在按下按钮时不知何故没有考虑?
在我的 web.xml 下面:
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<context-param>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>server</param-value>
</context-param>
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
<context-param>
<param-name>primefaces.THEME</param-name>
<param-value>sapphire-#{guestPreferences.theme}</param-value>
</context-param>
<context-param>
<param-name>primefaces.FONT_AWESOME</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>javax.faces.FACELETS_LIBRARIES</param-name>
<param-value>/WEB-INF/primefaces-sapphire.taglib.xml</param-value>
</context-param>
<!-- @see http://jsfcorner.blogspot.co.at/2014/01/client-side-validation-example-of.html -->
<context-param>
<param-name>primefaces.CLIENT_SIDE_VALIDATION</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>primefaces.FONT_AWESOME</param-name>
<param-value>true</param-value>
</context-param>
<listener>
<listener-class>com.sun.faces.config.ConfigureListener</listener-class>
</listener>
<filter>
<filter-name>Character Encoding Filter</filter-name>
<filter-class>org.primefaces.sapphire.filter.CharacterEncodingFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>Character Encoding Filter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>
<!-- JSF mapping -->
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>Job Repair Servlet</servlet-name>
<servlet-class>at.home.digest.web.ave.JobRepairServlet</servlet-class>
<load-on-startup>0</load-on-startup>
</servlet>
<servlet>
<servlet-name>InitServlet Servlet</servlet-name>
<servlet-class>at.home.digest.web.ave.InitServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>Download Servlet</servlet-name>
<servlet-class>at.home.digest.web.DownloadServlet</servlet-class>
<load-on-startup>0</load-on-startup>
</servlet>
<!-- Map these files with JSF -->
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsf</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.faces</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*/faces/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Job Repair Servlet</servlet-name>
<url-pattern>/ave/makler/admin/jobRep</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Download Servlet</servlet-name>
<url-pattern>/heimdi/ave/download</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Download Servlet</servlet-name>
<url-pattern>/ave/download</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>All resources in /ave/makler/*</web-resource-name>
<description>All resources in /ave/makler/*</description>
<url-pattern>/ave/makler/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>makler</role-name>
<role-name>maklerChef</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>jBossJaasHeimdiRealm</realm-name>
<form-login-config>
<form-login-page>/login/login.jsf</form-login-page>
<form-error-page>/login/loginFailed.jsf</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>makler</role-name>
</security-role>
<security-role>
<role-name>maklerChef</role-name>
</security-role>
<security-role>
<role-name>kaufer</role-name>
</security-role>
<session-config>
<cookie-config>
<http-only>true</http-only> <!-- https://owasp.org/www-community/HttpOnly , @see also: https://www.cookiepro.com/knowledge/httponly-cookie/ -->
<!-- <secure>true</secure> --> <!-- https://owasp.org/www-community/controls/SecureCookieAttribute -->
</cookie-config>
<session-timeout>1</session-timeout>
</session-config>
<error-page>
<exception-type>javax.servlet.ServletException</exception-type>
<location>/error.faces</location>
</error-page>
<error-page>
<exception-type>javax.faces.FacesException</exception-type>
<location>/error.faces</location>
</error-page>
<error-page>
<exception-type>java.lang.Exception</exception-type>
<location>/error.faces</location>
</error-page>
<!--
<error-page>
<exception-type>javax.faces.application.ViewExpiredException</exception-type>
<location>/error.faces</location>
</error-page>
-->
</web-app>
谢谢
1 个解决方案
解决方案1
0 2022-08-22 11:39:07
只需使用此 SessionDebugListener 调试您的 Session 问题...
import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener;
import lombok.extern.slf4j.Slf4j;
/**
* HttpSessionListener to monitor the creation and destruction of JSESSIONs.
*/
@Slf4j
public class SessionDebugListener implements HttpSessionListener {
@Override
public void sessionCreated(final HttpSessionEvent se) {
LOG.info("Session Created {}", se.getSession().getId());
}
@Override
public void sessionDestroyed(final HttpSessionEvent se) {
LOG.info("Session Destroyed {}", se.getSession().getId());
}
}
web.xml
<web-app ...>
<listener>
<listener-class>com.your.SessionDebugListener </listener-class>
</listener>
</web-app>
这是一个更高级的示例: https://www.baeldung.com/httpsessionlistener_with_metrics
JSF ViewExpired与SecurityFilter混合
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.