在我的AuthenticationFilter重定向到登录页面后,我想退出给用户.
这就是为什么,我把identity.logout();在我的预渲染方法login.xhtml的checkPermission(…)中.
但是,当用户再次登录时,我得到了ViewExpiredException.
我的问题是
1:如果我不执行identity.logout();,则由于旧用户会话仍然存在,用户再次重新登录.
2:如果我执行identity.logout();,我会收到ViewExpiredException.
AuthenticationFilter.java
public class AuthenticationFilter implements Filter { ..... public void doFilter(ServletRequest servletRequest,ServletResponse servletResponse,FilterChain filterChain) throws IOException,servletexception { HttpServletRequest httpRequest = (HttpServletRequest) servletRequest; HttpServletResponse httpResponse = (HttpServletResponse) servletResponse; HttpSession session = httpRequest.getSession(); User user = (User) session.getAttribute(Constants.LOGIN_USER); if (user == null) { session.setAttribute(Constants.MESSAGE_ID,MessageId.required_TO_LOGIN); String loginView = httpRequest.getcontextpath() + Constants.LOGIN_PAGE; httpResponse.sendRedirect(loginView); } else if (!user.getRole().equals(Role.SYstem_ADMINISTRATOR)) { System.out.println("User Role : " + user.getRole()); session.setAttribute(Constants.MESSAGE_ID,MessageId.required_TO_ADMIN_ROLE); String loginView = httpRequest.getcontextpath() + Constants.LOGIN_PAGE; httpResponse.sendRedirect(loginView); } else { filterChain.doFilter(servletRequest,servletResponse); } servletContext.log("Exiting the filter"); } public void destroy() { } }
login.xhtml
.... <f:event listener="#{LoginBean.checkPermission}" type="preRenderView" /> ....
LoginBean.java
@Scope(ScopeType.EVENT) @Name("LoginBean") public class LoginBean extends BaseBean { .... public boolean authenticate() { .... } public void checkPermission(ComponentSystemEvent event) { FacesContext context = getFacesContext(); ExternalContext extContext = context.getExternalContext(); String messageId = (String) extContext.getSessionMap().remove(Constants.MESSAGE_ID); if(messageId != null) { identity.logout(); addMessage(null,FacesMessage.SEVERITY_ERROR,messageId); } } }
解决方法
原文地址:https://www.jb51.cc/java/130139.html
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。