I'm working with a project that use Spring Security, Spring bean, JSF, PrimeFaces and Hibernate in combination.
In the homepage, I use poll to automatically get newest data after every 10 seconds.
<h:form>
<p:poll interval="10"
listener="#{mailBean.refreshMail}"
update=":list-email"/>
</h:form>
The problem is after I log-in to the homepage, I open the homepage in another tab and in that tab, I click log-out and it redirect to the log-in page.
Even though the session ends, poll will continue to send ajax request and get response after every 10 seconds.
Then I wait some seconds and click log-in again to go to the homepage but this time it shows the XML content which is the partial response of the Poll.
If I refresh the page, it becomes normal again. I don't know why it render view like that.
I've spent a lot of time trying to solve this problem but I couldn't. Please help me out. Thank you.
As Mr. BalusC said, Spring Security will redirect to last request after login. Because I used Poll so the it makes ajax request to the homepage after 10 seconds and when I login again, it will redirect to the ajax request.
So to solve this, I config in the security xml file as following, so that it will always redirect to the default page after login.
<form-login
login-page="/login.html"
authentication-failure-url="/login.html?status=LOGIN_FAILURE"
default-target-url="/index.html"
always-use-default-target="true" />
Thank you so much, Mr. BalusC.
来源:https://stackoverflow.com/questions/28317891/spring-security-login-after-session-expiration-redirects-to-last-jsf-ajax-reques