Spring Security 和 ExtJS - session 超时时重定向到登录页面

Question

我正在将 ExtJS 与 Spring MVC/Security 结合使用。我希望当 session 过期时用户被重定向到登录页面，我在 Spring 安全应用程序上下文中给出了这个 -

<session-management invalid-session-url="/login.jsp"></session-management>

但是由于对服务器的调用都是基于 AJAX 的，因此不会发生重定向。请建议实现此目的的最佳方法。我有一个为 AJAX 登录实现的自定义 UserNamePasswordAuthenticationFilter:

@Override
    protected void successfulAuthentication(HttpServletRequest request,
        HttpServletResponse response, Authentication authResult) throws IOException,
        ServletException {
        SavedRequestAwareAuthenticationSuccessHandler srh = new SavedRequestAwareAuthenticationSuccessHandler();
        this.setAuthenticationSuccessHandler(srh);
        srh.setRedirectStrategy(new RedirectStrategy() {
            @Override
            public void sendRedirect(HttpServletRequest httpServletRequest,
                HttpServletResponse httpServletResponse, String s) throws IOException {
                // do nothing, no redirect
            }
        });
        super.successfulAuthentication(request, response, authResult);

        HttpServletResponseWrapper responseWrapper = new HttpServletResponseWrapper(
         response);
        Writer out = responseWrapper.getWriter();
        out.write("{success:true}");
        out.close();
    }

Answer 1

您也许可以构建以下内容来覆盖所有 ajax 请求，以测试超时 session 响应并相应地进行处理:

var origHandleResponse = Ext.data.Connection.prototype.handleResponse;
Ext.override(Ext.data.Connection, {
handleResponse : function(response){
    var text = Ext.decode(response.responseText);
    if (<test for response that means the session timed out>)
    {
            var login = new Ext.Window({
                plain: true,
                closeAction: 'hide',
                modal: true,
                title: "Login timed out, please log in.",
                width: 400,
                autoHeight: true,
                items: [
                {
                    xtype: 'form',
                    id: 'login-form',
                    items: [
                    {
                        xtype: 'textfield',
                        fieldLabel: 'Username',
                        name: 'username'
                    },
                    {
                        xtype: 'textfield',
                        inputType: 'password',
                        fieldLabel: 'Password',
                        name: 'password'
                    }]
                }],
                buttons: [
                {
                    text: 'Submit',
                    handler: function() {
                        Ext.getCmp('login-form').getForm().submit({url: '<login url>'});
                        login.hide();
                    }
                }]
            });
            login.show();
    }
    //else (optional?)
    origHandleResponse.apply(this, arguments);
}   

});