web.xml的问题

时间:2014-01-16 10:50:43

标签: primefaces tomcat7 web.xml jdbcrealm

首先,我想为我糟糕的英语道歉。好的,我有一个问题。我正在构建使用jdbcrealm和web.xml进行安全性的应用程序。登录由网络表单完成。应用程序在Apache Tomcat 7上运行,我正在使用Primefaces 4.0。在web.xml中,我定义了一些角色和一些安全约束。当我登录到应用程序httpservlet request.login(用户名,密码)时,工作正常,request.isUserInrole(“role”)也做了工作,Faces.getExternalContext.redirect重定向页面到正确的应用了安全约束的文件夹,在浏览器中我看到正确的URL .....但页面是空白的!如果我检查页面源我看到登录页面的页面源.....我会在下面放一些屏幕截图。请帮助我...我正在尝试解决问题2周了!

/ *

* / 这是web.xml 

    <param-name>primefaces.THEME</param-name>

    <param-value>afterdark</param-value>

</context-param>

<servlet>

    <servlet-name>Faces Servlet</servlet-name>

    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping> 

    <servlet-name>Faces Servlet</servlet-name>

   <url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<security-role>
    <description>Administrator A</description>
    <role-name>1</role-name>
</security-role>
 <security-constraint>
    <display-name>Administrator A</display-name>
    <web-resource-collection>
        <web-resource-name>Administratorske datoteke</web-resource-name>
        <description/>
        <url-pattern>/a1/*</url-pattern> --> 
        <http-method>GET</http-method>
        <http-method>POST</http-method>        
    </web-resource-collection>
    <auth-constraint>
        <description>Administrator A</description>
        <role-name>1</role-name>
      </auth-constraint>
</security-constraint>


    <login-config>

    <auth-method>FORM</auth-method>
    <realm-name>JDBCRealm</realm-name>
    <form-login-config>
        <form-login-page>/prijava.xhtml</form-login-page>
        <form-error-page>/pogreska.xhtml</form-error-page>
    </form-login-config>
</login-config>

<session-config>
    <session-timeout>
        30
    </session-timeout>
</session-config>

<welcome-file-list>
    <welcome-file>prijava.xhtml</welcome-file>
</welcome-file-list>

* 这是登录页面(prijava.xhtml) * 

        <div class="slika_za_prijavu">

        <h:outputLink id="loginLink" value="javascript:void(0)" onclick="PF('prozor_za_unos').show()" title="prijava">   
            <p:graphicImage value="/slike/prijava.png" /> 

        </h:outputLink>

        </div>           

        <p:growl id="growl" showDetail="true" life="3000" />  

        <p:dialog id="prozor_za_prijavu" header="Prijava" widgetVar="prozor_za_unos" resizable="false">  

        <h:panelGrid columns="2" cellpadding="5">  
        <h:outputLabel for="k_ime" value="Korisničko ime:" />  
        <p:inputText value="#{provjera_prijave.k_ime}"   
                id="k_ime" required="true" label="korisnicko_ime"   
                requiredMessage="Potrebno je upisati korisničko ime!"/>

        <h:outputLabel for="zaporka" value="Zaporka:" />  
        <h:inputSecret value="#{provjera_prijave.zaporka}"   
                id="zaporka" required="true" label="zaporka"
                requiredMessage="Potrebno je upisati zaporku!"/>

        <f:facet name="footer">  
            <p:commandButton id="gumb_za_prijavu" value="Prijavi se" update="growl"   
                             actionListener="#{provjera_prijave.prijava(actionEvent)}"   
                oncomplete="obrada_zahtjeva_za_prijavu(xhr, status, args)"/>  
        </f:facet>  
        </h:panelGrid>  

        </p:dialog>  
    </h:form>

这是登录控制器(provjera_prijave)

public void prijava(ActionEvent actionEvent)抛出IOException {

    FacesMessage poruka = null;
    FacesContext fc = FacesContext.getCurrentInstance();
    HttpServletRequest zahtjev = (HttpServletRequest) fc.getExternalContext().getRequest();
    try {
        String pocetna_stranica;            
        zahtjev.login(k_ime, zaporka);
        HttpSession sesija = zahtjev.getSession();
        if (!sesija.isNew()) {
            sesija.invalidate();
            sesija = zahtjev.getSession();                                
        }
        if (zahtjev.isUserInRole("1")) {
            sesija.setAttribute("trenutni_korisnik",k_ime);
            pocetna_stranica = "/a1/pocetna_a1.xhtml";
            poruka = new FacesMessage(FacesMessage.SEVERITY_INFO, "Dobro došao", k_ime);
            try {
                fc.getExternalContext().getFlash().setKeepMessages(true);
                fc.getExternalContext().redirect(zahtjev.getContextPath()+pocetna_stranica);

            }
            catch (IOException ex) {
                fc.addMessage(null, new FacesMessage("UPOZORENJE!", "Pogreška u izvođenju programa. Nije moguće preusmjeriti stranicu."));
            }
        } 
        else if (zahtjev.isUserInRole("2")) {

这是在我的浏览器中当角色为“1”的用户登录时的URL。在此之前,本地主机和端口...... ERMP是应用程序的内容....

“ERMP / A1 / pocetna_a1.xhtml”

此处是包含登录页面页面源的空白页面

我希望这个问题是可以理解的。 在web.xml中评论web资源时一切正常 请帮忙!!谢谢

1 个答案:

答案 0 :(得分:0)

如果您想使用tomcat内置的(Realm)身份验证和授权,那么您应该注意几件事。

首先,您的登录表单必须是这样的:

<form action="j_security_check" method="post">
    <input type="text" name="j_username" placeholder="Login"/>
    <input type="password" name="j_password" placeholder="Password"/>
    <input type="submit" value="Sign In" />
</form>

您可以使用primefaces组件来保留布局。在这种情况下,您需要执行一些“javascripting”,以便定义由JSF h:form 组件重新编写的表单的操作。                                ...     

<script>
jQuery("#form").submit(function() {
  jQuery(this).attr("action", "j_security_check");
  jQuery(loginVar.jqId).attr("name", "j_username");
  ....
});
</script>

第二个细节是您不必担心登录控制器中描述的登录部分。一旦你将j_username和j_password发送到j_security_check,一切都会正常运行。

相关问题
最新问题