过滤器无法正常工作

时间:2013-05-21 12:35:55

标签: servlets servlet-filters

我为我的拍卖网络应用程序制作了两个过​​滤器。我实现了两个过滤器,第一个执行简单的日志记录操作,第二个过滤器检查用户是否有权访问特定资源。

问题是这些过滤器仅在我第一次连接到网站时才能正常工作。实际上,它会在工具栏中显示用户的名称,只有在您正确登录时才会发生这种情况。然后,我退出并重复此过程,但第二个过滤器根本不起作用。

我把println语句检查过滤器是否实际执行,但事实并非如此。第一个过滤器不断工作。当我更改xml映射时,会出现奇怪的部分。事实上,当我为两个过滤器取出映射时,第一个过滤器继续工作!我昨天整天都疯了,试图理解这一点。

更奇怪的是,如果我重写了过滤器的xml映射,它们同时适用于第一个登录过程,但是一旦我注销并重复操作,登录过滤器就不再起作用了。要创建我的Web应用程序,我只是JAVA7,netbeans 7.2和Tomcat 7.我担心这可能是Netbeans IDEA的错误,但我不确定。

xml映射如下:

<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<filter>
    <filter-name>FiltroLoggingFumettopoli</filter-name>
    <filter-class>Filtri.FiltroLoggingFumettopoli</filter-class>
</filter>
<filter-mapping>
    <filter-name>FiltroLoggingFumettopoli</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter>
    <filter-name>FiltroLogin</filter-name>
    <filter-class>Filtri.FiltroLogin</filter-class>
</filter>
<filter-mapping>
    <filter-name>FiltroLogin</filter-name>
    <url-pattern>/Registrato/*</url-pattern>
    <servlet-name>IlMioConto</servlet-name>
    <servlet-name>Vendi</servlet-name>
    <dispatcher>REQUEST</dispatcher>
</filter-mapping>**

以下是第一个在日志文件中进行日志记录的过滤器:

private void doBeforeProcessing(ServletRequest request, ServletResponse response)
        throws IOException, ServletException {
    if (debug) {
        log("FiltroLoggingFumettopoli:DoBeforeProcessing");
    }


    HttpServletRequest httpRequest = (HttpServletRequest) request;
    HttpServletResponse httpResponse = (HttpServletResponse) response;


    this.log(httpRequest.getRemoteHost()+" is trying to access page: "+httpRequest.getRequestURL()+
                " il "+TimeUtility.ottieniDataOra()+". "+filterConfig.getFilterName());
    System.out.println("FILTRO FILE DI LOG----> LOGGING OCCURED IN LOG FILE: "
            +httpRequest.getRequestURL()+" il "+TimeUtility.ottieniDataOra()+". "+filterConfig.getFilterName());
}    

private void doAfterProcessing(ServletRequest request, ServletResponse response)
        throws IOException, ServletException {
    if (debug) {
        log("FiltroLoggingFumettopoli:DoAfterProcessing");
    }
}


public void doFilter(ServletRequest request, ServletResponse response,
        FilterChain chain)
        throws IOException, ServletException {

    doBeforeProcessing(request, response);

    Throwable problem = null;
    try {
        chain.doFilter(request, response);
    } catch (Throwable t) {

        problem = t;
        t.printStackTrace();
    }

    doAfterProcessing(request, response);


    if (problem != null) {
        if (problem instanceof ServletException) {
            throw (ServletException) problem;
        }
        if (problem instanceof IOException) {
            throw (IOException) problem;
        }
        sendProcessingError(problem, response);
    }
}

这里是过滤器,它检查它是否是想要访问Registrato文件夹中包含的资源的授权用户,以及一些servlet:

public class FiltroLogin implements Filter
{    
private FilterConfig filterConfig = null;

public void init(FilterConfig filterConfig)
{
    this.filterConfig = filterConfig;
}

public void doFilter(ServletRequest request,ServletResponse response, 
     FilterChain chain) throws IOException, ServletException
{

    HttpServletRequest httpRequest = (HttpServletRequest) request;
    HttpServletResponse httpResponse = (HttpServletResponse) response;
    HttpSession sessione = httpRequest.getSession();

    ServletContext sc = filterConfig.getServletContext();

    String filterName = filterConfig.getFilterName();
    String servletPath = "Servlet path: " + httpRequest.getServletPath();

    String url ="";

    Utente user = null;
    user = (Utente) sessione.getAttribute("utente");
    if(user == null){

        Cookie[] cookies =httpRequest.getCookies();
        String email = CookieUtility.ottieniValoreCookie(cookies, "userCookie");
        if(email.equalsIgnoreCase("")){               
            System.out.println("FILTRO LOGIN----->NESSUN COOKIE TROVATO!");
            System.out.println("FILTRO LOGIN----->SERVLET CONTEXT: "+sc.getContextPath());


            url ="/MostraInserzioni";
            httpResponse.sendRedirect(sc.getContextPath()+url);
            return;
        }
        else{
            System.out.println("FILTRO LOGIN----->COOKIE TROVATO: "+email); 
            user = UtenteSql.cercaUtente(email);
            System.out.println("FILTRO LOGIN----->UTENTE TROVATO: "+user.getUsername());
            sessione.setAttribute("utente", user);     
            String salutoUtente = "Benvenuto "+user.getNome();
            sessione.setAttribute("messaggio", salutoUtente);

        }
    }
    else
        System.out.println("FILTRO LOGIN----->USER FOUND: "+user.getUsername());


     sc.log(httpRequest.getRemoteHost()+" cerca di accedere alla risorsa: "+httpRequest.getRequestURL()+
                " il "+TimeUtility.ottieniDataOra()+". "+filterConfig.getFilterName());
    System.out.println("FILTRO FILE DI LOG----> LOGGING OCCURED IN LOG FILE: "
            +httpRequest.getRequestURL()+" il "+TimeUtility.ottieniDataOra()+". "+filterConfig.getFilterName());
    chain.doFilter(request, response);

}

public void destroy()
{
     filterConfig = null;
}
}

1 个答案:

答案 0 :(得分:1)

user = sessione == null ? null : (Utente) sessione.getAttribute("utente");else {之后:sessione = httpRequest.getSession(true);阻止非用户持有会话。 - 昨天Joop Eggen 

HttpSession sessione = httpRequest.getSession(false);
if (sessione == null) {
    System.out.println("FILTRO LOGIN----->USER NOT FOUND IN SESSION!");

- Salvatore Servodio 44分钟前

然后我检查了饼干。如果我找到我需要的cookie,我只需创建一个新会话并将USER信息放入会话中,否则我只需重定向到登录页面

相关问题
最新问题