1. 首页
  2. 问答
  3. Spring在注销后不接受我的第二次登录

Spring在注销后不接受我的第二次登录

2013-04-25 66 views
0

我从Spring Security框架入手。我设置了框架。它工作正常,但我的问题是在注销功能... 当我断开连接。并且我再次连接他,让他在页面访问被拒绝时通过我。每当我被迫重新启动tomcat,因为他接受我的连接Spring在注销后不接受我的第二次登录

我的第二个问题:我试图测试的事情说到超时会话我呆了超过1分钟,当我回来时我仍然在同一页。我不知道如何激活这个选项我觉得我在我的security.xml配置,但它不工作

这是我的Sprinconfiguration

<?xml version="1.0" encoding="UTF-8"?> 
<beans:beans xmlns:sec="http://www.springframework.org/schema/security" 
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd 
         http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd"> 



    <sec:http auto-config="true" use-expressions="true"> 
     <sec:intercept-url pattern="/pagess/**" access="hasRole('ROLE_USER')"/> 
     <sec:form-login login-page="/login.jsf" authentication-failure-url="/loginFailed.jsf" default-target-url="/pagess/Menu.jsf"/> 
     <sec:logout logout-success-url="/login.jsf" delete-cookies="JSESSIONID" invalidate-session="true"/> 

     <sec:session-management invalid-session-url="/login.jsf"> 
      <sec:concurrency-control max-sessions="1" 
       error-if-maximum-exceeded="true" /> 
     </sec:session-management>  
    </sec:http> 

    <sec:authentication-manager alias="authenticationManager"> 
     <sec:authentication-provider> 
      <sec:jdbc-user-service data-source-ref="DataSource"/> 
     </sec:authentication-provider> 
    </sec:authentication-manager> 
</beans:beans>

,这是我的豆Loginbean

@ManagedBean(name="loginBean") 
@SessionScoped 
public class LoginBean { 

    private String username; 

    private String password; 


    public String getUsername() { 
     return username; 
    } 

    public void setUsername(String username) { 
     this.username = username; 
    } 

    public String getPassword() { 
     return password; 
    } 

    public void setPassword(String password) { 
     this.password = password; 
    } 


    public String doLogin() throws ServletException, IOException { 

     ExternalContext context = FacesContext.getCurrentInstance().getExternalContext(); 

     RequestDispatcher dispatcher = ((ServletRequest) context.getRequest()) 
       .getRequestDispatcher("/j_spring_security_check?j_username=" + username 
           + "&j_password=" + password); 

     dispatcher.forward((ServletRequest) context.getRequest(), 
       (ServletResponse) context.getResponse()); 

     FacesContext.getCurrentInstance().responseComplete(); 

     return null; 
    } 


    public String dologout() throws IOException { 
     FacesContext.getCurrentInstance().getExternalContext() 
     .invalidateSession(); 
this.username = ""; 
this.password = ""; 
     ExternalContext context =FacesContext.getCurrentInstance().getExternalContext(); 
     context.redirect(context.getRequestContextPath() 
       + "/j_spring_security_logout"); 
     FacesContext.getCurrentInstance().responseComplete(); 
     return null; 

    } 
}

这是WebXml

<?xml version="1.0" encoding="UTF-8"?> 
<web-app id="WebApp_ID" version="3.0" 
xmlns="http://java.sun.com/xml/ns/javaee" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> 
<display-name>PFE</display-name> 
<context-param> 
<param-name>primefaces.THEME</param-name> 
<param-value>trontastic</param-value> 
</context-param> 
<context-param> 
    <description>State saving method: 'client' or 'server' (=default). See JSF Specification 2.5.2</description> 
    <param-name>javax.faces.STATE_SAVING_METHOD</param-name> 
    <param-value>client</param-value> 
</context-param> 
<context-param> 
    <param-name>javax.servlet.jsp.jstl.fmt.localizationContext</param-name> 
    <param-value>resources.application</param-value> 
</context-param> 
<listener> 
    <listener-class>com.sun.faces.config.ConfigureListener</listener-class> 
</listener> 
<servlet> 
    <servlet-name>Faces Servlet</servlet-name> 
    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class> 
    <load-on-startup>1</load-on-startup> 
</servlet> 
<servlet-mapping> 
    <servlet-name>Faces Servlet</servlet-name> 
    <url-pattern>*.jsf</url-pattern> 
</servlet-mapping> 
<welcome-file-list> 
    <welcome-file>/Test.jsp</welcome-file> 
</welcome-file-list> 
<session-config> 
<session-timeout> 
30 
</session-timeout> 
</session-config> 

<context-param> 
    <param-name>contextConfigLocation</param-name> 
     <param-value> 
    /WEB-INF/application.xml 
    /WEB-INF/spring_sec.xml 
     </param-value> 
    </context-param> 
    <context-param> 
     <param-name>javax.faces.PROJECT_STAGE</param-name> 
     <param-value>Development</param-value> 
    </context-param> 
<listener> 
    <listener-class> 
    org.springframework.web.context.ContextLoaderListener 
    </listener-class> 
    </listener> 

    <filter> 
     <filter-name>springSecurityFilterChain</filter-name> 
     <filter-class> 
      org.springframework.web.filter.DelegatingFilterProxy 
     </filter-class> 
    </filter> 

    <filter-mapping> 
     <filter-name>springSecurityFilterChain</filter-name> 
     <url-pattern>/*</url-pattern> 
    <dispatcher>FORWARD</dispatcher> 
    <dispatcher>REQUEST</dispatcher> 
    </filter-mapping> 

    <listener> 
    <listener-class> 
    org.springframework.web.context.request.RequestContextListener 
    </listener-class> 
    </listener> 
</web-app>

来源

2013-04-25 FERESSS

回答

1

我固定我的问题是..there一个听者misssing

<listener> 
<listener-class> 
org.springframework.security.web.session.HttpSessionEventPublisher 
</listener-class> 
</listener

来源

2013-04-26 09:49:16 FERESSS

相关问题

 相关问题