我正在开发应用程序,它正在跳过在应用程序中配置的FILTERS,同时通过代码连接到http URL。其中一个过滤器是使用URL模式/*配置的UTF8Filter。以下是我的网址连接的代码段。
String protocol = "http";
String port = "50000";
String host = "localhost";
URL url = new URL(protocol + "://" + host + ":" + port + path + "/"
+ fs + "_" + fsv + ".jspx?id=" + wid + "&rt=pdf");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.disconnect();
conn.setUseCaches(false);
conn.setDefaultUseCaches(false);
conn.setDoOutput(true);
if (jsessionid != null) {
conn.addRequestProperty("Cookie", jsessionid.getName() + "="
+ jsessionid.getValue());
}
logger.info("Before connect....");
conn.connect();
logger.info("After connect...");
logger.info("get response code : " + conn.getResponseCode());//200
以下是从应用程序中捕获的日志。
INFO GPBean:201 - Before connect....
INFO GPBean:203 - After connect...
INFO GPBean:207 - get response code : 200
--- It has skipped the filters. Request hasn't gone through the UTF8Filter.
我们的应用程序使用基于表单的身份验证。我看到显示登录图像有一些问题,因为它在其他文件夹中查找这些图像,不确定这一点。
我尝试删除了身份验证模块并测试了该应用程序。它工作正常。
以下是禁用基于表单的身份验证的日志。
19 Feb 2015 12:32:19,289 INFO GPBean:201 - Before connect....
19 Feb 2015 12:32:19,292 INFO GPBean:203 - After connect...
19 Feb 2015 12:32:19,363 INFO UTF8Filter:38 - In UTF8Filter class, doFilter() method...
19 Feb 2015 12:32:19,365 INFO UTF8Filter:41 - In UTF8 Filter, Filtering the request
-----some other log messages
19 Feb 2015 12:32:27,017 INFO GPBean:207 - get response code : 200
此时,我不确定问题是基于FORM的身份验证还是HTTPUrl连接代码或其他配置。任何帮助表示赞赏。
更新 根据要求,我正在使用我的web.xml片段进行更新
<filter>
<filter-name>RF</filter-name>
<filter-class>com.srk.filters.RF</filter-class>
</filter>
<filter>
<filter-name>UTF8Filter</filter-name>
<filter-class>com.srk.filters.UTF8Filter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>RF</filter-name>
<servlet-name>Persistent Faces Servlet</servlet-name>
</filter-mapping>
<filter-mapping>
<filter-name>RF</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>
<filter-mapping>
<filter-name>UTF8Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>0</load-on-startup>
</servlet>
<servlet>
<servlet-name>Persistent Faces Servlet</servlet-name>
<servlet-class>com.icesoft.faces.webapp.xmlhttp.PersistentFacesServlet</servlet-class>
<load-on-startup>0</load-on-startup>
</servlet>
<servlet>
<servlet-name>Blocking Servlet</servlet-name>
<servlet-class>com.icesoft.faces.webapp.xmlhttp.BlockingServlet</servlet-class>
<load-on-startup>0</load-on-startup>
</servlet>
<servlet>
<servlet-name>uploadServlet</servlet-name>
<servlet-class>com.icesoft.faces.component.inputfile.FileUploadServlet</servlet-class>
<load-on-startup>0</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Persistent Faces Servlet</servlet-name>
<url-pattern>*.faces</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Persistent Faces Servlet</servlet-name>
<url-pattern>*.jspx</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Persistent Faces Servlet</servlet-name>
<url-pattern>*.iface</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Persistent Faces Servlet</servlet-name>
<url-pattern>/xmlhttp/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Blocking Servlet</servlet-name>
<url-pattern>/block/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>uploadServlet</servlet-name>
<url-pattern>/uploadHtml</url-pattern>
</servlet-mapping>
答案 0 :(得分:3)
我认为您的过滤器不会使用HttpURLConnection拦截您的代码发出的请求,因为它不属于过滤器的范围。可以在容器(您的tomcat服务器)级别配置过滤器,以拦截使用Container API触发的请求,如RequestDispatcher的forward()(或)include()。基本上,可以在web.xml中使用以下<dispatcher>类型
答案 1 :(得分:1)
Servlet过滤器的默认调度程序设置是REQUEST,因此Servlet过滤器只处理对资源的直接请求。
表单身份验证由Servlet容器直接处理(而不是由Web应用程序本身处理)。然后,servlet容器将请求转发到您的应用程序,并将您的登录表单转发给资源。转发请求时,不会处理Servlet过滤器(及其默认的REQUEST调度程序绑定/映射)!
尝试将UTF8Filter的Servlet过滤器映射更新为
<filter-mapping>
<filter-name>UTF8Filter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
我已经在Tomcat上测试了解决方案,并且在使用FORM身份验证时触发了Sevlet Filter,并且在Sevlet Filter映射中指定了dispatcher FORWARD。