j_security_check url问题
希望你能帮我解决这个问题: 我正在使用 j_security_check 并遇到这个问题
我有一个配置文件页面必须限制为任何未登录的用户, 所以我在 web.xml 文件中添加了安全约束并且工作正常 如果我尝试通过地址栏访问,这会显示登录页面,
现在问题是:在我的索引页面示例中:
有一个链接
这会将我重定向到个人资料页面,但 URL 仍然相同
所以 j_security_check 不显示登录页面 据我所知, j_security_check 可以与 url 一起使用,而 jsf 则不能 如果在个人资料页面中点击 ex:myImages 的链接,那么现在的 url 会显示:
为什么会发生这种情况?有办法解决这个问题吗? 预先感谢
我一直在使用的替代方案是点赞
这向我显示了登录页面,但如果我转到index.xhtml并按个人资料,则找不到页面,因为将我重定向到:
例如:http://localhost/mySite/user/user/Profile.xhtml
hope you can help me with this:
I'm working with j_security_check and have this problem
I have a profile page that must be restricted to any unloged user,
so i add a security constraint in the web.xml file and works fine
if i try to access by adress bar, this show me the login page perfectly ok
now the problem is that: In my index page example:
have a link
<h:commandLink action="user/Profile" />
this redirect me to profile page ok but the URL still the same
so j_security_check don't show the login page
as far as i've seen j_security_check works with url and jsf don't
and if in the profile page press a link to ex:myImages then now the url says:
Why is this happend? is there anyway to fix this ??
Thanks in advance
an alternative i've been using is put a like
<a href="user/Profile.xhtml" >Profile</a>
this show me the login page but if i go to the index.xhtml and press profile this don't find the page because redirects me to:
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
h:commandLink和h:commandButton向当前触发 HTTP POST 请求(通过h:form) > 页面,该页面又转发到给定的资源。您不想使用 POST 进行页面间导航。这不仅是糟糕的用户体验(URL 不会改变,在浏览器历史记录中后退/前进时的行为不直观),而且也不利于 SEO(搜索机器人不会为 POST 建立索引)。
您需要用
h:outputLink替换它,或者,正如您发现的,如果您不需要任何 JSF 风格的功能,则需要用一个简单的元素替换它全部。至于最后一个问题,即定向到错误的 URL(具有重复的路径):当您使用
h:outputLink时,这个问题就可以解决。然后,JSF 将考虑当前上下文路径。A
h:commandLinkandh:commandButtonfires a HTTP POST request (by theh:form) to the current page which in turn forwards to the given resource.You don't want to use POST for page-to-page navigation. It's not only bad user experience (URL doesn't change, unintuive behaviour when going back/forward in browser history), but also not SEO friendly (searchbots doesn't index POST).
You need to replace it by
h:outputLinkor, as you found out, by a simple<a>element if you don't need any JSF-ish features at all.As to your last problem of going directed to the wrong URL (with duplicated path): this is solved when you use
h:outputLink. JSF will then take the current context path into account.