我对安全约束的ajax重定向有这个奇怪的问题:
在会话超时后,在角色安全页面上进行ajax调用(通过单击可排序p:dataTable列或p:poll触发器)时,<partial-response><redirect-url=...屏幕上会显示OmniFaces中的XML.
当我删除OmniFaces时,ajax调用似乎无声地失败,我没有显示XML.
安全性在web.xml中配置如下:
<security-constraint>
<web-resource-collection>
<web-resource-name>Pages</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Resources</web-resource-name>
<url-pattern>/javax.faces.resource/*</url-pattern>
</web-resource-collection>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>myRealm</realm-name>
<form-login-config>
<form-login-page>/login.xhtml</form-login-page>
<form-error-page>/login.xhtml?error=true</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>user</role-name>
</security-role>