Http 理解servlet过滤器重定向行为
我有以下过滤代码:Http 理解servlet过滤器重定向行为,http,servlets,redirect,servlet-filters,Http,Servlets,Redirect,Servlet Filters,我有以下过滤代码: @WebFilter(urlPatterns = "/faces/*") public class AuthenticationFilter implements Filter { @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException { Http
@WebFilter(urlPatterns = "/faces/*")
public class AuthenticationFilter implements Filter {
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
HttpSession session = req.getSession(true);
System.out.println("No Filtering");
chain.doFilter(request, response);
}
在NetBeans中启动project将导致打印两次“无筛选”,一次用于拦截请求,第二次用于拦截响应。到目前为止还不错,但直到现在还没有过滤。使用POST方法更新网页或提交表单的结果也是一样的。 现在添加以下过滤条件:
if ( !req.getRequestURI().toLowerCase().endsWith("/index.xhtml")
&&(session.isNew() || session.getAttribute("username") == null)) {
System.out.println("directed");
res.sendRedirect(req.getContextPath() + "/index.xhtml");
}else{
System.out.println("not directed");
chain.doFilter(request, response);}
将导致按预期打印“定向”一次。现在,当更新网页或提交表单时,这里出现了一个问题,没有打印的内容,即使“没有过滤”也不会打印?似乎该筛选器未应用于HTTP请求,我不明白为什么?这是我的web.xml文件:
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>faces/index.xhtml</welcome-file>
</welcome-file-list>
javax.faces.PROJECT_阶段
发展
Facesservlet
javax.faces.webapp.FacesServlet
1.
Facesservlet
/面孔/*
30
faces/index.xhtml
更新1:我尝试将HTTP响应状态设置为302303307,但没有任何更改
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException
{
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
HttpSession session = req.getSession(true);
String requestPath = req.getRequestURI();
PrintWriter out =res.getWriter();
if(session.getAttribute("UserName")==null)// Check for null user
{
if(needsAuthentication(requestPath)) //If user is on Login.jsp it lets user to stay there
{
chain.doFilter(req, res);
}
else
{//If user is not on login page with session attribute null it will check if the form has submitted user name and password
if((req.getParameter("username"))==null)
{//If no user name and password is submitted it means user is trying to access other pages without login so
//this condition will land user on login page
out.println("Please Login !");
RequestDispatcher rd =req.getRequestDispatcher("Login.jsp");
rd.include(req, res);
}
else
{
if ((req.getParameter("username")).equals("admin")&&(req.getParameter("password").equals("123")))
{//If correct credentials are submitted user session is started
LoginUser user =new LoginUser();
user.setUserName("admin");
session.setAttribute("UserName", user.getUserName());
session.setMaxInactiveInterval(60);
chain.doFilter(req, res);
}
else
{//This will send user to login page again when wrong credentials are set
out.print("Incorrect UserName or Password");
RequestDispatcher rd =req.getRequestDispatcher("Login.jsp");
rd.include(req, res);
}
}
}
}
else//This else part is checked when the user session is not null
{
if(session.getAttribute("UserName").equals("admin"))//if user is valid it will continue the flow
{
System.out.println("In Second If");
chain.doFilter(req, res);
}
else
{ //if user is invalid will land up on login page
System.out.println("In Second Else");
req.getRequestDispatcher("Login.jsp").forward(request, response);
}
}
}
试着用这个,她就是这个方法
private boolean needsAuthentication(String requestPath) {
{
String validNonAuthenticationUrls ="/Login.jsp";
if (requestPath.endsWith(validNonAuthenticationUrls)) {
return true;
}
}
return false;
}
}
在所提到的链接上没有任何有用的内容。问题的结构不好,恐怕我误解了…等等,为什么在web.xml和注释中都配置了过滤器?对不起,我的错误,这是最初使用的web.xml的旧版本,没有注释。。。。问题已更新。