使用过滤器时不显示PrimeFaces水印

时间:2012-10-12 07:05:34

标签: java jsf-2 primefaces

我目前正在使用PrimeFaces构建原型,并参考我们当前生产运行的Java Web应用程序(jsp-servlet-java)。我对PrimeFaces的水印组件有一个小问题。

在login.jsf中有两个InputText组件 - “Username”和“Password”。每个InputText都有2个Watermark组件。

一切都很好,直到我在web.xml中添加过滤器。在过滤器中,指定如果请求URL不是“login.jsf”;以及“.js.jsf”和“.js”结尾的任何内容;以及任何包含“.css”,“。png”和“.gif”的内容,以便在用户登录时进行验证。如果用户未登录,则过滤器将重定向到logout.jsf。

logout.jsf是一个带有CommandLink到login.jsf的简单页面。通过点击链接,它会将用户带到login.jsf页面,但是不会显示水印。但是如果是login.jsf通过在浏览器地址栏中输入来直接访问,然后显示水印。

当我点击链接将我带到login.jsf时,我正在摸不着为什么水印没有显示。有没有我阻止过的资源?或者我做错了过滤器?

我使用的库是PrimeFaces 3.3.1,GlassFish 3.1.2.2,Java JDK 6u32。

login.xhtml

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
  xmlns:h="http://java.sun.com/jsf/html"
  xmlns:p="http://primefaces.org/ui"
  xmlns:f="http://java.sun.com/jsf/core">
<h:head>
    <title>PROFITEDI Login</title>
    <h:outputStylesheet name="styles.css" library="css" />
</h:head>
<h:body>
    <h:form id="frmLogin">
        <p:panel styleClass="panelLogin">
            <p:messages id="messages" autoUpdate="true" />
            <f:facet name="header">
                <h:outputText value="Login" />
            </f:facet>
            <h:panelGrid columns="2" cellpadding="5">
                <p:inputText id="username" value="#{loginController.username}" required="true" />
                <p:watermark for="username" value="User ID" />
                <p:password id="password" value="#{loginController.password}" required="true" />
                <p:watermark for="password" value="Password" />
                <p:outputLabel value="Remember Me" for="rememberme" />
                <p:selectBooleanCheckbox id="rememberme" value="#{loginController.rememberme}" />
            </h:panelGrid>
            <f:facet name="footer">
                <h:panelGroup>
                    <p:commandButton id="btnReset" type="Reset" value="Reset" />
                    <p:spacer width="10" />
                    <p:commandButton id="btnLogin" type="Submit" value="Submit"
                                     action="#{loginController.doLogin}" />
                </h:panelGroup>
            </f:facet>
        </p:panel>
    </h:form>
</h:body>

logout.xhtml

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
  xmlns:h="http://java.sun.com/jsf/html"
  xmlns:p="http://primefaces.org/ui">
<h:head>
    <title>PROFITEDI - Logout</title>
</h:head>
<h:body>
    <h:form id="frmLogout">
        You have been logged-out. Click here to <p:commandLink value="login" type="button" action="login" /> again.
    </h:form>
</h:body>

的web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">

<!-- Context Param -->
<context-param>
    <param-name>javax.faces.PROJECT_STAGE</param-name>
    <param-value>Development</param-value>
</context-param>
<context-param>
    <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
    <param-value>server</param-value>
</context-param>
<!-- this is to treat empty fields as NULL instead of blank. -->
<context-param>
    <param-name>javax.faces.INTERPRET_EMPTY_STRING_SUBMITTED_VALUES_AS_NULL</param-name>
    <param-value>true</param-value>
</context-param>

<!-- Servlet -->
<servlet>
    <servlet-name>facesServlet</servlet-name>
    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
    <servlet-name>facesServlet</servlet-name>
    <url-pattern>*.jsf</url-pattern>
</servlet-mapping>

<!-- Welcome file -->
<welcome-file-list>
    <welcome-file>index.jsf</welcome-file>
</welcome-file-list>

<!-- Session Configuration -->
<session-config>
    <session-timeout>
        30
    </session-timeout>
</session-config>

<!-- Listener -->
<listener>
    <listener-class>com.qrra.PROFIT.web.SessionListener</listener-class>
</listener>

<!-- URL Filter -->
<filter>
    <filter-name>SecurityFilter</filter-name>
    <filter-class>com.qrra.PROFIT.web.SecurityFilter</filter-class>
    <init-param>
        <param-name>PAGE_LOGIN</param-name>
        <param-value>login.jsf</param-value>
    </init-param>
    <init-param>
        <param-name>PAGE_LOGOUT</param-name>
        <param-value>logout.jsf</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>SecurityFilter</filter-name>
    <url-pattern>*.jsf</url-pattern>
</filter-mapping>

SecurityFilter类

package com.qrra.PROFIT.web;

import com.qrra.util.QRUtil;
import java.io.IOException;
import javax.ejb.EJB;
import javax.servlet.FilterChain;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import qrcom.webedi.ejb.AduserFacade;
import qrcom.webedi.jpa.Aduser;

/**
*
* @author Alvin Sim
*/
public class SecurityFilter extends GenericFilter {

    // Actions ---------------------------------------------------------------------------------------------------------

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        HttpServletRequest httpServletRequest;
        HttpServletResponse httpServletResponse;
        String pageLogin;
        String pageLogout;
        String requestUrl;

        if (request instanceof HttpServletRequest) {
            httpServletRequest = (HttpServletRequest) request;
            httpServletResponse = (HttpServletResponse) response;
            pageLogin = (String) httpServletRequest.getAttribute("PAGE_LOGIN");
            pageLogout = (String) httpServletRequest.getAttribute("PAGE_LOGOUT");
            requestUrl = (String) httpServletRequest.getRequestURI();

            if (QRUtil.isStringEmpty(pageLogin)) {
                pageLogin = "/login.jsf";
            }

            if (QRUtil.isStringEmpty(pageLogout)) {
                pageLogout = "/logout.jsf";
            }

//            logger.debug("requested URL: {}", requestUrl);

            if (requestUrl.endsWith(pageLogin) == false && requestUrl.endsWith(".js.jsf") == false
                    && requestUrl.contains(".css") == false && requestUrl.contains(".gif") == false
                    && requestUrl.contains(".png") == false && requestUrl.endsWith(".js") == false) {
                logger.debug("URL blocked: {}", requestUrl);

                if (verifyUser(httpServletRequest, httpServletResponse) == false) {
                    gotoLogoutPage(httpServletRequest, httpServletResponse, pageLogout);
                }
            }
        }

        chain.doFilter(request, response);
    }

    private void gotoLogoutPage(HttpServletRequest request, HttpServletResponse response, String pageLogout)
            throws IOException, ServletException {
        RequestDispatcher dispatcher = request.getSession().getServletContext().getRequestDispatcher(pageLogout);

        dispatcher.forward(request, response);
    }

    private boolean verifyUser(HttpServletRequest request, HttpServletResponse response)
            throws IOException, ServletException {
        Aduser aduser = (Aduser) request.getSession().getAttribute("aduser");

        if (aduser == null || QRUtil.isStringEmpty(aduser.getUsrId()) == false
                || request.isRequestedSessionIdValid() == false) {
            logger.debug("Invalid user session. Proceed to logout user {}.", (aduser == null) ? "" : aduser.getUsrId());
            return false;
        }
        else {
            return true;
        }
    }

    // Services --------------------------------------------------------------------------------------------------------

    @EJB
    private AduserFacade aduserFacade;

    // Constants -------------------------------------------------------------------------------------------------------

    private final Logger logger = LoggerFactory.getLogger(SecurityFilter.class);

}

GenericFilter

package com.qrra.PROFIT.web;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

/**
*
* @author Alvin Sim
*/
public class GenericFilter implements Filter {

    @Override
    public void destroy() {
        this.filterConfig = null;
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) 
            throws IOException, ServletException {
        chain.doFilter(request, response);
    }

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        this.filterConfig = filterConfig;
    }

    protected FilterConfig filterConfig = null;

}

1 个答案:

答案 0 :(得分:0)

我设法找到了解决方法。它实际上不是过滤器的错误,而是logout.jsf中的CommandLink。在调试时,我看到点击登录链接后,我在jquery.js.jsf?ln=primefaces中收到了JavaScript错误。很少有对象是未定义的。所以我尝试将CommandLink的ajax属性设置为“false”并且它有效。

为什么呢?我不太确定。