我目前正在使用PrimeFaces构建原型,并参考我们当前生产运行的Java Web应用程序(jsp-servlet-java)。我对PrimeFaces的水印组件有一个小问题。
在login.jsf中有两个InputText组件 - “Username”和“Password”。每个InputText都有2个Watermark组件。
一切都很好,直到我在web.xml中添加过滤器。在过滤器中,指定如果请求URL不是“login.jsf”;以及“.js.jsf”和“.js”结尾的任何内容;以及任何包含“.css”,“。png”和“.gif”的内容,以便在用户登录时进行验证。如果用户未登录,则过滤器将重定向到logout.jsf。
logout.jsf是一个带有CommandLink到login.jsf的简单页面。通过点击链接,它会将用户带到login.jsf页面,但是不会显示水印。但是如果是login.jsf通过在浏览器地址栏中输入来直接访问,然后显示水印。
当我点击链接将我带到login.jsf时,我正在摸不着为什么水印没有显示。有没有我阻止过的资源?或者我做错了过滤器?
我使用的库是PrimeFaces 3.3.1,GlassFish 3.1.2.2,Java JDK 6u32。
login.xhtml
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:p="http://primefaces.org/ui"
xmlns:f="http://java.sun.com/jsf/core">
<h:head>
<title>PROFITEDI Login</title>
<h:outputStylesheet name="styles.css" library="css" />
</h:head>
<h:body>
<h:form id="frmLogin">
<p:panel styleClass="panelLogin">
<p:messages id="messages" autoUpdate="true" />
<f:facet name="header">
<h:outputText value="Login" />
</f:facet>
<h:panelGrid columns="2" cellpadding="5">
<p:inputText id="username" value="#{loginController.username}" required="true" />
<p:watermark for="username" value="User ID" />
<p:password id="password" value="#{loginController.password}" required="true" />
<p:watermark for="password" value="Password" />
<p:outputLabel value="Remember Me" for="rememberme" />
<p:selectBooleanCheckbox id="rememberme" value="#{loginController.rememberme}" />
</h:panelGrid>
<f:facet name="footer">
<h:panelGroup>
<p:commandButton id="btnReset" type="Reset" value="Reset" />
<p:spacer width="10" />
<p:commandButton id="btnLogin" type="Submit" value="Submit"
action="#{loginController.doLogin}" />
</h:panelGroup>
</f:facet>
</p:panel>
</h:form>
</h:body>
logout.xhtml
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:p="http://primefaces.org/ui">
<h:head>
<title>PROFITEDI - Logout</title>
</h:head>
<h:body>
<h:form id="frmLogout">
You have been logged-out. Click here to <p:commandLink value="login" type="button" action="login" /> again.
</h:form>
</h:body>
的web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<!-- Context Param -->
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
<context-param>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>server</param-value>
</context-param>
<!-- this is to treat empty fields as NULL instead of blank. -->
<context-param>
<param-name>javax.faces.INTERPRET_EMPTY_STRING_SUBMITTED_VALUES_AS_NULL</param-name>
<param-value>true</param-value>
</context-param>
<!-- Servlet -->
<servlet>
<servlet-name>facesServlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>facesServlet</servlet-name>
<url-pattern>*.jsf</url-pattern>
</servlet-mapping>
<!-- Welcome file -->
<welcome-file-list>
<welcome-file>index.jsf</welcome-file>
</welcome-file-list>
<!-- Session Configuration -->
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<!-- Listener -->
<listener>
<listener-class>com.qrra.PROFIT.web.SessionListener</listener-class>
</listener>
<!-- URL Filter -->
<filter>
<filter-name>SecurityFilter</filter-name>
<filter-class>com.qrra.PROFIT.web.SecurityFilter</filter-class>
<init-param>
<param-name>PAGE_LOGIN</param-name>
<param-value>login.jsf</param-value>
</init-param>
<init-param>
<param-name>PAGE_LOGOUT</param-name>
<param-value>logout.jsf</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>SecurityFilter</filter-name>
<url-pattern>*.jsf</url-pattern>
</filter-mapping>
SecurityFilter类
package com.qrra.PROFIT.web;
import com.qrra.util.QRUtil;
import java.io.IOException;
import javax.ejb.EJB;
import javax.servlet.FilterChain;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import qrcom.webedi.ejb.AduserFacade;
import qrcom.webedi.jpa.Aduser;
/**
*
* @author Alvin Sim
*/
public class SecurityFilter extends GenericFilter {
// Actions ---------------------------------------------------------------------------------------------------------
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httpServletRequest;
HttpServletResponse httpServletResponse;
String pageLogin;
String pageLogout;
String requestUrl;
if (request instanceof HttpServletRequest) {
httpServletRequest = (HttpServletRequest) request;
httpServletResponse = (HttpServletResponse) response;
pageLogin = (String) httpServletRequest.getAttribute("PAGE_LOGIN");
pageLogout = (String) httpServletRequest.getAttribute("PAGE_LOGOUT");
requestUrl = (String) httpServletRequest.getRequestURI();
if (QRUtil.isStringEmpty(pageLogin)) {
pageLogin = "/login.jsf";
}
if (QRUtil.isStringEmpty(pageLogout)) {
pageLogout = "/logout.jsf";
}
// logger.debug("requested URL: {}", requestUrl);
if (requestUrl.endsWith(pageLogin) == false && requestUrl.endsWith(".js.jsf") == false
&& requestUrl.contains(".css") == false && requestUrl.contains(".gif") == false
&& requestUrl.contains(".png") == false && requestUrl.endsWith(".js") == false) {
logger.debug("URL blocked: {}", requestUrl);
if (verifyUser(httpServletRequest, httpServletResponse) == false) {
gotoLogoutPage(httpServletRequest, httpServletResponse, pageLogout);
}
}
}
chain.doFilter(request, response);
}
private void gotoLogoutPage(HttpServletRequest request, HttpServletResponse response, String pageLogout)
throws IOException, ServletException {
RequestDispatcher dispatcher = request.getSession().getServletContext().getRequestDispatcher(pageLogout);
dispatcher.forward(request, response);
}
private boolean verifyUser(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
Aduser aduser = (Aduser) request.getSession().getAttribute("aduser");
if (aduser == null || QRUtil.isStringEmpty(aduser.getUsrId()) == false
|| request.isRequestedSessionIdValid() == false) {
logger.debug("Invalid user session. Proceed to logout user {}.", (aduser == null) ? "" : aduser.getUsrId());
return false;
}
else {
return true;
}
}
// Services --------------------------------------------------------------------------------------------------------
@EJB
private AduserFacade aduserFacade;
// Constants -------------------------------------------------------------------------------------------------------
private final Logger logger = LoggerFactory.getLogger(SecurityFilter.class);
}
GenericFilter
package com.qrra.PROFIT.web;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
/**
*
* @author Alvin Sim
*/
public class GenericFilter implements Filter {
@Override
public void destroy() {
this.filterConfig = null;
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
chain.doFilter(request, response);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig = filterConfig;
}
protected FilterConfig filterConfig = null;
}
答案 0 :(得分:0)
我设法找到了解决方法。它实际上不是过滤器的错误,而是logout.jsf中的CommandLink
。在调试时,我看到点击登录链接后,我在jquery.js.jsf?ln=primefaces
中收到了JavaScript错误。很少有对象是未定义的。所以我尝试将CommandLink
的ajax属性设置为“false
”并且它有效。
为什么呢?我不太确定。