我的xhtml网页是使用简单的请求从外部系统调用的,我想检查用户名 - 从请求中给出 - 是否有效,如果有效,他想到达主页,除了他被重定向到外部系统。我创建了一个过滤器来获取请求:
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
// skip the resources library
if (!req.getRequestURI().startsWith(req.getContextPath() + ResourceHandler.RESOURCE_IDENTIFIER)) {
res.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // HTTP
// 1.1.
res.setHeader("Pragma", "no-cache"); // HTTP 1.0.
res.setDateHeader("Expires", 0); // Proxies.
}
Object attr = req.getParameter("user");
String language = (String) req.getParameter("language");
if (attr != null && language != null) {
// check user in db
String userAdmin = (String) attr;
ResultStatus result = myDao.findUser(userAdmin);
if (result.getStatus().equals(ResponseStatus.SUCCESS)) {
// User is logged in, so just continue request.
User user = new User();
user.setAccountId(result.getAccount().getAccountId());
chain.doFilter(req, res);
} else {
// User is not logged in, so redirect to index.
res.sendRedirect(req.getContextPath() + "/test.xhtml");
}
} else {
// User is not logged in, so redirect to index.
res.sendRedirect(req.getContextPath() + "/test.xhtml");
}
}
如果用户是有效用户,我需要在过滤器中为用户创建会话,这样我就可以在任何后端bean中获取用户对象。
答案 0 :(得分:0)
设置它只需执行此操作:
req.getSession().getServletContext().setAttribute(LoginFilter.USER_KEY, user);
chain.doFilter(req, res);
获得它:
FacesContext facesContext = FacesContext.getCurrentInstance();
HttpServletRequest request = (HttpServletRequest) facesContext.getExternalContext().getRequest();
User user = (User) request.getSession().getServletContext().getAttribute(LoginFilter.USER_KEY);