使用过滤器类

时间:2017-02-14 06:50:40

标签: jsf servlet-filters

JSF 2.2和Primefaces 6.0

我正在尝试使用过滤器类进行身份验证会话控制。但是过滤器类运行21次并且浏览器设置错误消息ERR_TOO_MANY_REDIRECTS。

Web.xml中:

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns="http://java.sun.com/xml/ns/javaee"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
    version="3.0">
    <display-name>maintenancemonitoring</display-name>
    <context-param>
        <param-name>javax.faces.DEFAULT_SUFFIX</param-name>
        <param-value>.xhtml</param-value>
    </context-param>
    <context-param>
        <description>State saving method: 'client' or 'server' (=default). See JSF Specification 2.5.2</description>
        <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
        <param-value>client</param-value>
    </context-param>
    <context-param>
        <param-name>javax.servlet.jsp.jstl.fmt.localizationContext</param-name>
        <param-value>resources.application</param-value>
    </context-param>
    <listener>
        <listener-class>com.sun.faces.config.ConfigureListener</listener-class>
    </listener>
    <filter>
        <filter-name>authFilter</filter-name>
        <filter-class>view.filters.AuthenticationFilter</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>authFilter</filter-name>
        <url-pattern>*.xhtml</url-pattern>
        <dispatcher>REQUEST</dispatcher>
    </filter-mapping>
    <context-param>
        <param-name>javax.faces.PROJECT_STAGE</param-name>
        <param-value>Development</param-value>
    </context-param>
    <context-param>
        <param-name>primefaces.THEME</param-name>
        <param-value>cupertino</param-value>
    </context-param>
    <welcome-file-list>
        <welcome-file>index.xhtml</welcome-file>
    </welcome-file-list>
</web-app>

过滤类:

public void
        doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException,
                                                                                                         ServletException {
    HttpServletRequest request = (HttpServletRequest) servletRequest;
    request.setCharacterEncoding("UTF-8");
    HttpServletResponse response = (HttpServletResponse) servletResponse;
    HttpSession session = request.getSession();

    System.out.println("aaaaa");

    String currentLoginId = null;
    if(session.getAttribute("currentLoginId")!=null){
        currentLoginId = (String) session.getAttribute("currentLoginId");
    }

    if(currentLoginId != null){
        setResponseHeaders(response);
        filterChain.doFilter(request, response);
    } else {
        response.sendRedirect(request.getContextPath() + "/faces/login.xhtml");
    }
}

private void setResponseHeaders(HttpServletResponse httpResponse) {
    httpResponse.addHeader("Pragma", "no-cache");
    httpResponse.addHeader("Cache-Control", "no-cache");
    httpResponse.addHeader("Cache-Control", "must-revalidate");
    httpResponse.addHeader("Cache-Control", "post-check=0");
    httpResponse.addHeader("Cache-Control", "pre-check=0");
    httpResponse.addHeader("Cache-Control", "no-store");
    httpResponse.addDateHeader("Expires", 0);
}

loginBean中的登录操作:

public String actionLogin(ActionEvent actionEvent) throws ServletException, IOException {
    HttpServletRequest request = (HttpServletRequest) getExternalContext().getRequest();
    HttpServletResponse response = (HttpServletResponse) getExternalContext().getResponse();

    AuthUser user = getValidUser();

    request.setAttribute("user", user);

    if (user == null) {
        addMessage("Kullanıcı adı ya da şifre hatalı");
        return null;
    }

    return handleUserLogin(user, request, response);
}

在loginHandler类中创建会话:

private String createNewSessionAndRedirect(HttpServletRequest request, HttpServletResponse response, AuthUser user) {
    HttpSession session = getSessionForRequest(request);

    session.setAttribute("currentLoginId", user.getUserName());

    if (request.isRequestedSessionIdValid() && session != null && session.getAttribute("currentLoginId") != null) {
        try {
            response.sendRedirect(request.getContextPath() + "/faces/welcome.xhtml");
        } catch (IOException e) {
            e.printStackTrace();
        }
    }
    return "/welcome.xhtml";
}

1 个答案:

答案 0 :(得分:4)

我看到此错误的原因是递归调用。

由于您要过滤每个.xthml页面并在过滤器中重定向到

response.sendRedirect(request.getContextPath() + "/faces/login.xhtml");

您正在过滤此重定向。您应该转发请求,因为您已将过滤器设置为REQUEST而不是FORWARD

<filter-mapping>
    <filter-name>authFilter</filter-name>
    <url-pattern>*.xhtml</url-pattern>
    <dispatcher>REQUEST</dispatcher>
</filter-mapping>

前锋看起来像这样(不完全是,没有记住过滤器中的确切代码......):

ServletContext.getRequestDispatcher("/faces/welcome.xhtml").forward()

如果您将<dispatcher>FORWARD</dispatcher>添加到过滤器映射

,则只会过滤转发
相关问题
最新问题