Java EE:未经身份验证的 POST 和 j_security_check

发布于 2024-11-06 10:30:37 字数 481 浏览 5 评论 0原文

我尝试对此进行一些研究,并在另一个网站上遇到以下问题:

http ://www.theserverside.com/discussions/thread.tss?thread_id=36561

不幸的是,答案是切换到 GET 请求,我希望有更好的解决方案。重申一下这个问题:

例如,场景是当用户位于搜索页面时,他们的会话过期,然后他们单击提交按钮。此时,由于他们不再登录,因此会显示登录页面。成功登录后,j_security_check 将之前的 POST 请求重新发送到搜索,但不包含任何 POST 数据。我希望能够从原始请求中获取 POST 数据,或者我想将 j_security_check 配置为在登录后不再发送 POST 请求,而是强制它使用 GET 请求。

非常感谢任何帮助。

I tried to do some research on this and came across the following question on another site:

http://www.theserverside.com/discussions/thread.tss?thread_id=36561

Unfortunately, the answer there was to switch to GET requests, which I'm hoping there's a better solution. To reiterate the problem:

The scenario is when a user is on a search page for instance, their session expires, and then they click the submit button. At this point, the login page shows up since they aren't logged in anymore. After successfully logging in, j_security_check is resending the POST request to the search from before but without any of the POST data. I would like to be able to get the POST data from the original request, or I want to configure j_security_check to never send POST requests after logging in, but instead force it to use GET requests.

Any help is greatly appreciated.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

浪菊怪哟 2024-11-13 10:30:37

我最终检查了 doPost 方法以查看是否 request.getParameterMap().isEmpty()。如果为空,则 j_security_check 发送 POST 请求,因为它不发送任何 POST 数据。如果是这种情况,我只需调用 doGet 方法即可。

I ended up checking in the doPost method to see if request.getParameterMap().isEmpty(). If it is empty, then j_security_check sent the POST request since it doesn't send any POST data. If that is the case, I just call the doGet method instead.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文