尝试使用JSF中的Servlet过滤器登录时无限循环

时间:2014-01-15 12:32:48

标签: java jsf servlets jsf-2

我正在尝试使用JSF和servlet过滤器创建登录应用程序,但是当用户登录时没有任何反应。它再次重定向到登录页面。

这是项目目录: enter image description here

这是web.xml 

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.1" 
         xmlns="http://xmlns.jcp.org/xml/ns/javaee" 
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
         xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
    <context-param>
        <param-name>javax.faces.PROJECT_STAGE</param-name>
        <param-value>Development</param-value>
    </context-param>
    <filter>
        <filter-name>LoginFilter</filter-name>
        <filter-class>javaeetutorial.guessnumber.filters.LoggedInFilter</filter-class>
    </filter>
    <!-- Set the login filter to secure all the pages in the /secured/* path of the application  -->
    <filter-mapping>
        <filter-name>LoginFilter</filter-name>
        <url-pattern>/secured/*</url-pattern>
    </filter-mapping>
    <servlet>
        <servlet-name>Faces Servlet</servlet-name>
        <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>Faces Servlet</servlet-name>
        <url-pattern>*.xhtml</url-pattern>
    </servlet-mapping>
    <session-config>
        <session-timeout>
            30
        </session-timeout>
    </session-config>
    <welcome-file-list>
        <welcome-file>greeting.xhtml</welcome-file>
    </welcome-file-list>
</web-app>

这是LoggedInFilter.java 

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package javaeetutorial.guessnumber.filters;

import java.io.IOException;
import java.util.Enumeration;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javaeetutorial.guessnumber.TestBean;

/**
 *
 * @author salih
 */
public class LoggedInFilter implements Filter {

    FilterConfig fc;

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        fc = filterConfig;
        //throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        Enumeration<String> t = ((HttpServletRequest) request).getSession().getAttributeNames();

        while(t.hasMoreElements()) { System.out.println(t.nextElement().toString());}
        TestBean loginBean = (TestBean) ((HttpServletRequest) request).getSession().getAttribute("testBean");

        // For the first application request there is no loginBean in the session so user needs to log in
        // For other requests loginBean is present but we need to check if user has logged in successfully
        if (loginBean == null || !loginBean.isLoggedIn()) {
            String contextPath = ((HttpServletRequest) request).getContextPath();
            ((HttpServletResponse) response).sendRedirect(contextPath + "/login.xhtml");
        }

        chain.doFilter(request, response);
    }

    @Override
    public void destroy() {
        throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
    }
}

这是TestBean.java 

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package javaeetutorial.guessnumber;

import java.io.Serializable;
import javax.enterprise.context.SessionScoped;
import javax.faces.application.FacesMessage;
import javax.faces.bean.ManagedProperty;
import javax.faces.context.FacesContext;
import javax.inject.Named;

/**
 *
 * @author salih
 */
@Named
@SessionScoped
public class TestBean implements Serializable {

    private boolean loggedIn;
    private String username;
    private String password;


    private NavigationBean navigationBean = new NavigationBean();

    private static final String[] users = {"anna:qazwsx", "kate:123456"};

    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }

    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }

    public boolean isLoggedIn() {
        return loggedIn;
    }

    public void setLoggedIn(boolean loggedIn) {
        this.loggedIn = loggedIn;
    }

    public String doLogin() {
        // Get every user from our sample database :)
        for (String user : users) {
            String dbUsername = user.split(":")[0];
            String dbPassword = user.split(":")[1];

            // Successful login
            if (dbUsername.equals(username) && dbPassword.equals(password)) {
                loggedIn = true;
                return navigationBean.redirectToWelcome();
            }
        }

        // Set login ERROR
        FacesMessage msg = new FacesMessage("Login error!", "ERROR MSG");
        msg.setSeverity(FacesMessage.SEVERITY_ERROR);
        FacesContext.getCurrentInstance().addMessage(null, msg);

        // To to login page
        return navigationBean.toLogin();

    }
}

这是login.xhtml 

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"htth://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
      xmlns:f="http://java.sun.com/jsf/core"     
      xmlns:h="http://java.sun.com/jsf/html">

    <h:head>
        <title>Login form</title>
    </h:head>
    <h:body>
        <h3>Login here</h3>
        <h:form id="login-form">
           <h:outputText value="username:"/>
           <h:inputText value="#{testBean.username}" id="username"/>
           <br/>
           <h:outputText value="password:"/>
           <h:inputSecret value="#{testBean.password}" id="password"/>
           <br/>
           <h:commandButton id="button" value="Login" action="#{testBean.doLogin}"/>
           <br/>
           <h:commandLink action="#{navigationBean.redirectToInfo}" value="Info page"/>
           <br/>
           <h:messages />
           <br/>
        </h:form>
    </h:body>
</html>

1 个答案:

答案 0 :(得分:1)

您正在将JSF托管bean /概念与CDI托管bean混合使用。

首先,你忽略了指定容器,但我会为普通的servlet容器编写一个答案,为一个支持CDI的java应用程序服务器(如TomEE / Wildfly / Glassfish)编写一个答案。

使用@Named@SessionScoped但请确保您拥有正确的@SessionScoped。 javax.enterprise.context是包名。如果你使用来自JSF的SessionScoped,bean将依赖于作用域,这是错误的。

现在删除过滤器并使用测试页面进行快速测试。设置一个包含<h:inputText /><h:commandButton>的字段(均在<h:form>中)。确保F5之后的值仍然存在,因此成功@SessionScoped.

如果它不起作用,请确保您使用的是CDI 1.1,或者相应的文件中存在beans.xml。

最后使用

@Inject
private TestBean testBean;

或者,如果您有像Tomcat或Jetty这样的普通容器,则需要使用Deltaspike Core,然后:TestBean testBean = BeanProvider.getContextualReference(TestBean.class, false);

祝你好运

相关问题
最新问题