登录时的用户限制页面

时间:2014-12-27 03:56:15

标签: jsf servlet-filters

我的网站包含两种类型的用户,即用户和管理员。我试图限制用户访问管理控制页面,我尝试在doFilter()内执行此操作:

System.out.print("\nNumber of objects constructed:->" + Counter.show() + "\n\n");
String path = req.getRequestURI().substring(req.getContextPath().length());

if (path.startsWith("/faces/xadmin.xhtml") && !JloginDAO.per.equals("admin")) {
    res.sendError(HttpServletResponse.SC_UNAUTHORIZED);
}

if (path.startsWith("/faces/calendar.xhtml") && !JloginDAO.per.equals("admin")) {
    res.sendError(HttpServletResponse.SC_UNAUTHORIZED);
}

但它不起作用,并且没有错误显示!

的web.xml 

 <display-name>web2</display-name>
 <servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
  <servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<servlet>
    <description></description>
    <display-name>DisplayImage</display-name>
    <servlet-name>DisplayImage</servlet-name>
    <servlet-class>calender.DisplayImage</servlet-class>
</servlet>
<servlet-mapping>
    <servlet-name>DisplayImage</servlet-name>
    <url-pattern>/DisplayImage</url-pattern>
</servlet-mapping>

 <servlet>
    <description></description>
    <display-name>PrivateDisplayImage</display-name>
    <servlet-name>PrivateDisplayImage</servlet-name>
    <servlet-class>displayCalendar.PrivateDisplayImage</servlet-class>
</servlet>
<servlet-mapping>
    <servlet-name>PrivateDisplayImage</servlet-name>
    <url-pattern>/PrivateDisplayImage</url-pattern>
</servlet-mapping>

     <servlet>
    <description></description>
    <display-name>PublicDisplayImage</display-name>
    <servlet-name>PublicDisplayImage</servlet-name>
    <servlet-class>public_display_Calendar.PublicDisplayImage</servlet-class>
</servlet>
<servlet-mapping>
    <servlet-name>PublicDisplayImage</servlet-name>
    <url-pattern>/PublicDisplayImage</url-pattern>
</servlet-mapping>


<session-config>
    <session-timeout>
        30
    </session-timeout>
</session-config>
 <filter>
   <filter-name>PrimeFaces FileUpload Filter</filter-name>
   <filter-class>org.primefaces.webapp.filter.FileUploadFilter</filter-class>
  <init-param>
  <param-name>thresholdSize</param-name>
  <param-value>10240</param-value> <!-- 10 Mb -->
</init-param>
 </filter>
   <filter-mapping>
   <filter-name>PrimeFaces FileUpload Filter</filter-name>
    <servlet-name>Faces Servlet</servlet-name>
  </filter-mapping>
   </web-app>

有什么想法吗?

1 个答案:

答案 0 :(得分:1)

确保您的网址格式如下:

<url-pattern>*.xhtml</url-pattern>

和你的webfilter一样

@WebFilter(filterName = "AuthFilter", urlPatterns = {"*.xhtml"})

您的代码从未被调用,因为它在try {}旁边,请确保您的代码在req定义下。

相关问题
最新问题