jquery ajax call and j_security redirect_问答_开发者

jquery ajax call and j_security redirect

开发者 https://www.devze.com 2023-02-07 05:39 出处：网络

Using Jquery (latest), IBM WebSphere 6.1 Server, Java JDK 1.5 Got a bit of a pickle for AJAX calls.All of my AJAX calls are to URLs that are a part of my web.xml\'s security constraint that requires

Using Jquery (latest), IBM WebSphere 6.1 Server, Java JDK 1.5

Got a bit of a pickle for AJAX calls. All of my AJAX calls are to URLs that are a part of my web.xml's security constraint that requires authentication. Authentication is standard form based j_security so on every request to the secure/protected URL the container (WebSphere) will intercept that call and see if the authentication is good and if the authentication isn't good it will auto-redirect to the login page. Pretty simple/standard and expected right I think.

Take a look at the following code. Regardless of the client's authentication status (authenticated, not authenticated, timed o开发者_Python百科ut) the GET call (or post, doesn't matter) to that url ALWAYS returns a 200. So there really isn't any easy way to figure out if we were redirected or not unless we evaluate the data that the server returns.

Perhaps I am missing something? This seems really convoluted. The only reliable way I've found to see if we were j_security redirected is to take the data coming back from the server and do a dom search for the j_password field. But that seems really inefficient since that's something I have to do for every AJAX call in my application. Some of our AJAX calls are to URLs that return JSON and some return HTML.

    $.ajax({
        type: 'GET',
        url: '<c:url value="/secure/supersecretthingy.html"/>',
        dataType: 'html',
        data:{
            requestDate: requestDate
        },
        beforeSend: function(request) {
        },
        complete: function(request) {
        },           
        success: function(data, textStatus, response) {
            var ll = $('<div id="#wee" class=""></div>').html(data).find("#j_password").length;
            //console.log(ll);
            $("#wee").remove();
            if ( ll != 0) {
                //console.log('we timed out says websphere!');
                window.location = '<c:url value="${GLOBAL_AJAX_TIMEOUT_PAGE}" />';
            } else {           
                //console.log("not timed out");
                dialogDiv.html(data);
            }   
          },
          error: function(xhr, textStatus, errorThrown) {   
              //console.log(errorThrown);
          }
    });

Got the same problem see how I handled it: How to handle authentication through AJAX with a java web app that uses form based login