Jsf 授权筛选器中的NullPointerException
我使用这个问题实现了授权过滤器,如下所示,它对应用程序的每个页面(每个页面)进行调用,以检查是否允许用户访问该页面。过滤器的Grunt代码如下Jsf 授权筛选器中的NullPointerException,jsf,servlet-filters,Jsf,Servlet Filters,我使用这个问题实现了授权过滤器,如下所示,它对应用程序的每个页面(每个页面)进行调用,以检查是否允许用户访问该页面。过滤器的Grunt代码如下 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequ
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException
{
HttpServletRequest httpRequest = (HttpServletRequest)request;
HttpServletResponse httpResponse = (HttpServletResponse)response;
HttpSession session = httpRequest.getSession();
String requestPath = httpRequest.getPathInfo();
String sevPath = httpRequest.getServletPath();
if (sevPath.equals("/pages/login.jsf"))
chain.doFilter(request, response);
if (!sevPath.equals("/pages/login.jsf"))
{
if (((HttpServletRequest) request).getSession().getAttribute(
AuthenticationBean.AUTH_USER) == null)
{
((HttpServletResponse) response).sendRedirect("/pages/login.jsf");
}
else
{
//..........................get user
AuthenticationBean user = null;
try
{
error: user = (AuthenticationBean) FacesContext.getCurrentInstance().
getExternalContext().getSessionMap().get("authenticationBean");
}
catch (Exception ex)
{
ex.printStackTrace();
}
finally
{
}
//...................................
if (!user.getCurrentUser().getUserRole().equals("ADMIN"))
{
httpResponse.sendError(HttpServletResponse.SC_NOT_FOUND,"Restricted Access");
}
else
{
chain.doFilter(request, response);
}
}
}
}
提前感谢。重复的-无法从FacesContext检索会话您提到的重复问题消除了我的疑虑。“FacesContext在筛选器中无效”。我将在附近尝试一些工作。谢谢