Jsf 2 JSF请求作用域的托管bean http会话导致实例化
我使用sessionfilterservlet验证用户,然后让他们访问系统。我的受限文件位于名为“com.shadibandhan.restricted”的文件夹中。 会话筛选器工作正常 下面是sessionfilter servlet的相关代码Jsf 2 JSF请求作用域的托管bean http会话导致实例化,jsf-2,servlet-filters,managed-bean,httpsession,Jsf 2,Servlet Filters,Managed Bean,Httpsession,我使用sessionfilterservlet验证用户,然后让他们访问系统。我的受限文件位于名为“com.shadibandhan.restricted”的文件夹中。 会话筛选器工作正常 下面是sessionfilter servlet的相关代码 @Override public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, Servlet
@Override
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
String servletPath = request.getServletPath();
String contextPath = request.getContextPath();
String remoteHost = request.getRemoteHost();
String url = contextPath + servletPath;
boolean allowedRequest = false;
if (urlList.contains(servletPath)) {
allowedRequest = true;
}
if (!allowedRequest) {
HttpSession session = request.getSession(false);
if (null == session) {
System.out.println("Session is not present");
response.sendRedirect(contextPath);
return;
} if (null != session) {
//String loggedIn = (String) session.getAttribute("sb_logged_in");
System.out.println("Session is present");
System.out.println("\nSession no. is = " + session.getId());
if (session.getAttribute("logged-in") == "true") {
System.out.println("Session logged-in attribute is true, " + session.getAttribute("sessionUsername") + " is logged in.");
//ServletContext context = request.getServletContext();
RequestDispatcher dispatcher = request.getRequestDispatcher(servletPath);
dispatcher.forward(request, response);
} else {
System.out.println("Session logged-in attribute is not true");
response.sendRedirect(contextPath);
}
}
}
chain.doFilter(req, res);
}
现在,当用户登录时,我将他的用户名和配置文件id放入httpsession,下面是与登录页面绑定的bean
@ManagedBean
@SessionScoped
public class UserLoginManagedBean {
private User user = null;
private String username = null;
private String password = null;
private ServiceProvider server = null;
HttpServletRequest request = null;
HttpServletResponse response = null;
HttpSession session = null;
private Date date;
private int profileActiveness=0;
private int profileActivenessPercentage=0;
public UserLoginManagedBean() {
this.user = new User();
this.server = ServiceProvider.getInstance();
}
public String validateLogin() {
System.out.println("Inside validate login");
boolean isUserValid = false;
System.out.println(this.username + " " + this.password);
isUserValid = this.authenticate(username, password);
if (isUserValid) {
//this.user = found;
System.out.println("User is valid---Redirecting to messages.xhtml");
return "com.shadibandhan.Restricted/profile.xhtml?faces-redirect=true";
} else {
//addGlobalErrorMessage("Unknown login, please try again");
return null;
}
}
public boolean authenticate(String username, String password) {
boolean isUserValid = false;
String status = null;
//isUserValid = this.server.authenticateUser(this.username, this.password);
this.user = (User) this.server.getRecordByTwoColumns(User.class, "username" , this.username, "password", this.password);
if(null != this.user){
isUserValid = true;
}else{
isUserValid = false;
}
if (isUserValid) {
FacesContext context = FacesContext.getCurrentInstance();
this.request = (HttpServletRequest) context.getExternalContext().getRequest();
this.response = (HttpServletResponse) context.getExternalContext().getResponse();
this.session = request.getSession(true);
// if there's no session, it'll creat a new one due to the true flag
status = this.updateUserRecord();
if (status.equals("success")) {
if (null != this.session) {
session.setAttribute("sessionUsername", this.user.getUsername());
session.setAttribute("sessionProfileId", this.user.getProfile().getProfileId());
session.setAttribute("logged-in", "true");
System.out.println("Session username is --->" + session.getAttribute("sessionUsername"));
}
} else {
isUserValid = false;
FacesMessage msg = new FacesMessage("Something went wrong");
FacesContext.getCurrentInstance().addMessage(null, msg);
}
}
return isUserValid;
}
public String logOut() {
FacesContext context = FacesContext.getCurrentInstance();
System.out.println("inside logout method");
this.request = (HttpServletRequest) context.getExternalContext().getRequest();
if (null != this.request) {
this.session = request.getSession(false);
session.invalidate();
System.out.println("Session is now invalidated");
return "../index.xhtml?faces-redirect=true";
} else {
System.out.println("You're already signed out");
return null;
}
}
private String updateUserRecord() {
String status = null;
Date lastLoginDate=this.user.getLastLogin();
Date currentDate= new Date();
this.profileActiveness=this.user.getProfileActiveness();
SimpleDateFormat format = new SimpleDateFormat("yy-MM-dd HH:mm:ss");
try {
lastLoginDate = format.parse(lastLoginDate.toString());
currentDate = format.parse(currentDate.toString());
} catch (ParseException e) {
e.printStackTrace();
}
// Get msec from each, and subtract.
long diff = currentDate.getTime() - lastLoginDate.getTime();
long diffSeconds = diff / 1000;
long diffMinutes = diff / (60 * 1000);
long diffHours = diff / (60 * 60 * 1000);
System.out.println("Time: " + diff + " .");
System.out.println("Time in seconds: " + diffSeconds + " seconds.");
System.out.println("Time in minutes: " + diffMinutes + " minutes.");
System.out.println("Time in hours: " + diffHours + " hours.");
if(diffHours<12)
{
if(profileActiveness<8){
profileActiveness++;
profileActivenessPercentage=(int) (profileActiveness*12.5);
this.user.setProfileActiveness(this.profileActiveness);
}
}
if(diffHours>71)
{
if(profileActiveness>2){
profileActiveness-=2;
profileActivenessPercentage=(int) (profileActiveness*12.5);
this.user.setProfileActiveness(this.profileActiveness);
}
else{
profileActiveness=0;
}
}
this.user.setLastLogin(this.getCurrentDate());
this.user.setLoginStatus(true);
status = this.server.updateObject(this.user);
return status;
}
// ...
}
@ManagedBean
@会议范围
公共类UserLoginManagedBean{
私有用户=null;
私有字符串username=null;
私有字符串密码=null;
私有ServiceProvider服务器=null;
HttpServletRequest请求=null;
HttpServletResponse=null;
HttpSession=null;
私人日期;
private int profileActiveness=0;
私有int profileActivenessPercentage=0;
公共用户LoginManagedBean(){
this.user=新用户();
this.server=ServiceProvider.getInstance();
}
公共字符串validateLogin(){
System.out.println(“内部验证登录”);
布尔值isUserValid=false;
System.out.println(this.username+“”+this.password);
isUserValid=this.authenticate(用户名、密码);
if(isUserValid){
//this.user=found;
System.out.println(“用户有效——重定向到messages.xhtml”);
返回“com.shadibandhan.Restricted/profile.xhtml?faces redirect=true”;
}否则{
//addGlobalErrorMessage(“未知登录,请重试”);
返回null;
}
}
公共布尔身份验证(字符串用户名、字符串密码){
布尔值isUserValid=false;
字符串状态=空;
//isUserValid=this.server.authenticateUser(this.username,this.password);
this.user=(user)this.server.getRecordByTwoColumns(user.class,“username”,this.username,“password”,this.password);
if(null!=此.user){
isUserValid=true;
}否则{
isUserValid=false;
}
if(isUserValid){
FacesContext context=FacesContext.getCurrentInstance();
this.request=(HttpServletRequest)context.getExternalContext().getRequest();
this.response=(HttpServletResponse)context.getExternalContext().getResponse();
this.session=request.getSession(true);
//如果没有会话,它将根据true标志创建一个新会话
状态=this.updateUserRecord();
如果(状态等于(“成功”)){
if(null!=此.session){
session.setAttribute(“sessionUsername”,this.user.getUsername());
session.setAttribute(“sessionProfileId”,this.user.getProfile().getProfileId());
session.setAttribute(“已登录”、“为真”);
System.out.println(“会话用户名为-->”+会话.getAttribute(“sessionUsername”);
}
}否则{
isUserValid=false;
FacesMessage msg=新的FacesMessage(“出错”);
FacesContext.getCurrentInstance().addMessage(null,msg);
}
}
返回isUserValid;
}
公共字符串注销(){
FacesContext context=FacesContext.getCurrentInstance();
System.out.println(“内部注销方法”);
this.request=(HttpServletRequest)context.getExternalContext().getRequest();
if(null!=此.request){
this.session=request.getSession(false);
session.invalidate();
System.out.println(“会话现在无效”);
返回“./index.xhtml?faces redirect=true”;
}否则{
System.out.println(“您已经注销”);
返回null;
}
}
私有字符串updateUserRecord(){
字符串状态=空;
Date lastLoginDate=this.user.getLastLogin();
日期currentDate=新日期();
this.profileActiveness=this.user.getProfileActiveness();
SimpleDataFormat格式=新的SimpleDataFormat(“yy-MM-dd HH:MM:ss”);
试一试{
lastLoginDate=format.parse(lastLoginDate.toString());
currentDate=format.parse(currentDate.toString());
}捕获(解析异常){
e、 printStackTrace();
}
//从每个中获取msec,然后减去。
long diff=currentDate.getTime()-lastLoginDate.getTime();
长diff秒=diff/1000;
长diff分钟=diff/(60*1000);
长diffHours=diff/(60*60*1000);
System.out.println(“时间:+diff+”);
System.out.println(“以秒为单位的时间:+diffSeconds+“秒”);
System.out.println(“以分钟为单位的时间:+diffMinutes+“minutes”);
System.out.println(“以小时为单位的时间:+diffHours+“小时”);
if(diffHours2){
轮廓活跃度-=2;
profileActiveness百分比=(int)(profileActiveness*12.5);
this.user.setProfileActiveness(this.profileActiveness);
}
否则{
profileActiveness=0;
}
}
this.user.setLastLogin(this.getCurrentDate());
this.user.setLoginStatus(true);
状态=this.server.updateObject(this.user);
返回状态;
}
// ...
}
另外,在另一个名为MessagesManagedBean的托管bean(请求范围)中,当我尝试在用户登录后获取概要文件id时,它就像一个符咒
现在,我有两个问题:
} else {
System.out.println("Session logged-in attribute is not true");
response.sendRedirect(contextPath);
return;
}