在JSF中过滤javax.faces.resource

时间:2012-06-05 10:15:59

标签: jsf glassfish richfaces

我的项目使用JSF 2.1,RichFaces 4.1和GlassFish 3.1.2。 我在web.xml中注册了一个过滤器。
问题:如何过滤自动包含在项目中的JSF和RichFaces(例如javax.faces.resource / richfaces-queue.js.xhtml)的资源?

的web.xml

    <?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
         version="3.0">

    <!-- configuration of the session -->
    <session-config>
        <session-timeout>15</session-timeout>
        <cookie-config>
            <http-only>true</http-only>
        </cookie-config>
    </session-config>

    <welcome-file-list>
        <welcome-file>index.xhtml</welcome-file>
    </welcome-file-list>

    <context-param>
        <param-name>org.richfaces.skin</param-name>
        <param-value>myskin</param-value>
    </context-param>

    <!-- The runtime must interpret each entry with  Facelet tag library-->
    <context-param>
        <param-name>facelets.LIBRARIES</param-name>
        <param-value>/WEB-INF/tags/taglib.xml</param-value>
    </context-param>

    <!-- Alternate suffix for JSF pages -->
    <context-param>
        <param-name>javax.faces.DEFAULT_SUFFIX</param-name>
        <param-value>.xhtml</param-value>
    </context-param>

    <!-- XML comments in the Facelets source page are not delivered to the client -->
    <context-param>
        <param-name>javax.faces.FACELETS_SKIP_COMMENTS</param-name>
        <param-value>true</param-value>
    </context-param>

    <!-- Project Stage for JSF (Production | Development | UnitTest | SystemTes | Extension) -->
    <context-param>
        <param-name>javax.faces.PROJECT_STAGE</param-name>
        <param-value>Development</param-value>
    </context-param>


    <filter>
        <filter-name>AuthenticationFilter</filter-name>
        <filter-class>ru.axetta.utils.web.JSFAuthenticationFilter</filter-class>
        <init-param>
            <param-name>includes</param-name>
            <param-value>/index.xhtml, /login.xhtml</param-value>
        </init-param>
        <init-param>
            <!--
                Relational to context root, must start from "/".
                Example to be excludes: /javax.faces.resource/jquery.position.js.xhtml, /resource/images/logo.png, /rfRes/toolbar.ecss.xhtml
             -->
            <param-name>excludes</param-name>
            <param-value>^(/rfRes/)(.+)(\u002E[a-zA-Z]+)(\u002Exhtml)$,
                ^(/javax.faces.resource/)(.+)(\u002E[a-zA-Z]+)(\u002Exhtml)$,
                ^(/resources/)([a-zA-Z]+/)(\w+)(\u002E)([a-zA-Z]+)$, /services, /cryptopro/applet
            </param-value>
        </init-param>
        <init-param>
            <param-name>loginPage</param-name>
            <param-value>/login.xhtml</param-value>
        </init-param>
        <init-param>
            <param-name>loginPageReplacement</param-name>
            <param-value>/index.xhtml</param-value>
        </init-param>
    </filter>

    <filter-mapping>
        <filter-name>AuthenticationFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <!-- Faces Servlet -->
    <servlet>
        <servlet-name>Faces Servlet</servlet-name>
        <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>

    <!-- Faces Servlet Mapping -->
    <servlet-mapping>
        <servlet-name>Faces Servlet</servlet-name>
        <url-pattern>*.xhtml</url-pattern>
    </servlet-mapping>

    <!-- Page for errors -->
    <error-page>
        <error-code>404</error-code>
        <location>/include/error/ErrorPage.xhtml</location>
    </error-page>

    <error-page>
        <error-code>500</error-code>
        <location>/include/error/ErrorPage.xhtml</location>
    </error-page>

    <error-page>
        <error-code>503</error-code>
        <location>/include/error/ErrorPage.xhtml</location>
    </error-page>

    <error-page>
        <exception-type>java.lang.Throwable</exception-type>
        <location>/include/error/ErrorPage.xhtml</location>
    </error-page>

</web-app>

JSFAuthenticationFilter

public class JSFAuthenticationFilter implements Filter {

    // ... variables

    @Override       //initialize
    public void init(FilterConfig filterConfig) throws ServletException {
        // ... do something
    }

    @Override      //filtering URI
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        HttpServletRequest httpRequest = (HttpServletRequest) request;
        HttpSession httpSession = httpRequest.getSession(true);
        HttpServletResponse httpResponse = (HttpServletResponse) response;
        String servletPath = httpRequest.getServletPath();

        //excluded data for the filtration (/javax.faces.resource/richfaces-queue.js.xhtml and other)
        if (isURLExcluded(servletPath)) {
            chain.doFilter(request, response);
            return;
        }

        //processed data to filter (/login.xhtml and /index.html)
        if (isURLIncluded(servletPath)) {
            // ... do something
        } else {    //for errors page
            httpResponse.sendError(HttpServletResponse.SC_NOT_FOUND, MessageFormat.format("Error message: page:{0} not found", servletPath));//404
            chain.doFilter(request, response);
            return;//redirect -> errorPage.xhtml
        }
    }

    @Override
    public void destroy() {
        // nothing to do here
    }
}

问题#1:如果浏览器地址栏输入路径 HTTP:///myapp/javax.faces.resource/richfaces-queue.js.xhtml 窗口将打印包含资源的所有文本

问题#2:要检查我使用regexp的Excluded资源。如果输入有效地址,例如 http:///myapp/javax.faces.resource/richfaces2-queue.js.xhtml 窗口将打印:

  

解析XML时出错:找不到元素地址:   HTTP:///myapp/javax.faces.resource/richfaces2-queue.js.xhtml   第1行,第1个字符:

不会重定向到页面 ErrorPage.xhtml ,而且GlassFish日志中没有信息。 请告诉我,让我过滤资源并切换到错误页面?

PS:类似问题(https://forums.oracle.com/forums/thread.jspa?threadID=1717040

0 个答案:

没有答案