JSF:会话作用域托管bean的属性变为null
我正在玩JavaEE7,并试图用一个简单的登录机制编写一个webapp 有一个名为JSF:会话作用域托管bean的属性变为null,jsf,null,managed-bean,java-ee-7,session-scope,Jsf,Null,Managed Bean,Java Ee 7,Session Scope,我正在玩JavaEE7,并试图用一个简单的登录机制编写一个webapp 有一个名为User的EJB实体类与JPA一起持久化,它保存着关于用户的数据。在WAR中,一个名为UserManagedBean的会话范围的托管bean负责跟踪当前用户,因此它有一个user类型的属性,当有人成功登录时设置该属性。筛选器正在监视此属性的值,并在必要时重定向到登录页。当然,User和UserManagedBean都是可序列化的(实现接口并且不包含任何不可序列化的内容) 我的问题是,在成功登录后,刷新页面会使我返回
User
的EJB实体类与JPA一起持久化,它保存着关于用户的数据。在WAR中,一个名为UserManagedBean
的会话范围的托管bean负责跟踪当前用户,因此它有一个user
类型的属性,当有人成功登录时设置该属性。筛选器正在监视此属性的值,并在必要时重定向到登录页。当然,User
和UserManagedBean
都是可序列化的(实现接口并且不包含任何不可序列化的内容)
我的问题是,在成功登录后,刷新页面会使我返回登录页面,而我以前设置的user
属性现在为空(实际上这就是过滤器触发重定向的原因)
以下是我尝试过的:
- 逻辑和数据分离:UserManagedBean现在只有这一个属性和几个助手方法,没有EJB,与JavaMagic没有任何关系
- 尝试将web.xml中的
context参数同时设置为服务器和客户端,未发生任何更改javax.faces.STATE\u SAVING\u方法
- 已验证会话范围的托管bean是否保持不变:只创建了其中一个,但不知何故,在从登录页面导航后,user的值为null
- 根据NetBeans调试器,除了将
字段设置为登录用户外,不会访问该字段用户
- 指定自定义序列化方法表明UserManagedBean在实验期间未序列化或反序列化
- Chrome中的调试表明会话ID保存在cookie中,并且在
的值丢失时不会更改user
- 未检测到任何异常
用户
类别:
@Entity(name = "USERS")
public class User implements Serializable {
private static final long serialVersionUID = 1L;
@Id
private String username;
private boolean administrator;
private byte[] salt;
private byte[] passwordHash;
public String getUsername() {
return username;
}
public void setUsername(String userName) {
this.username = userName;
}
public boolean isAdministrator() {
return administrator;
}
public void setAdministrator(boolean administrator) {
this.administrator = administrator;
}
public byte[] getSalt() {
return salt;
}
public void setSalt(byte[] salt) {
this.salt = salt;
}
public byte[] getPasswordHash() {
return passwordHash;
}
public void setPasswordHash(byte[] passwordHash) {
this.passwordHash = passwordHash;
}
@Override
public int hashCode() {
int hash = 0;
hash += (username != null ? username.hashCode() : 0);
return hash;
}
@Override
public boolean equals(Object object) {
// TODO: Warning - this method won't work in the case the id fields are not set
if (!(object instanceof User)) {
return false;
}
User other = (User) object;
if ((this.username == null && other.username != null) || (this.username != null && !this.username.equals(other.username))) {
return false;
}
return true;
}
@Override
public String toString() {
return "hu.bme.aut.mv.testbay.ejb.entities.User[ id=" + username + " ]";
}
}
@ManagedBean(name = "userManagedBean")
@SessionScoped
public class UserManagedBean implements Serializable {
private static final long serialVersionUID = 1L;
private User currentUser;
public User getCurrentUser() {
return currentUser;
}
public void setCurrentUser(User user) {
this.currentUser = user;
}
public boolean isLoggedIn() {
return currentUser != null;
}
public boolean isAdmin() {
return currentUser != null && currentUser.isAdministrator();
}
public String logout() {
currentUser = null;
return "/faces/index.xhtml";
}
/**
* Creates a new instance of UserManagedBean
*/
public UserManagedBean() {
System.out.println("UserManagedBean constructed!");
}
}
@ManagedBean
@RequestScoped
public class LoginManagedBean implements Serializable {
@EJB
private AuthenticationSessionBeanLocal authBean;
@ManagedProperty("#{userManagedBean}")
private UserManagedBean userManagedBean;
@PostConstruct
public void Dummy() {
User user = userManagedBean.getCurrentUser();
}
public UserManagedBean getUserManagedBean() {
return userManagedBean;
}
public void setUserManagedBean(UserManagedBean userManagedBean) {
this.userManagedBean = userManagedBean;
}
private String username;
private String password;
//Some getters and setters...
//...
public String login() throws NoSuchAlgorithmException {
if (authenticate(username, password)) {
if (userManagedBean.getCurrentUser().isAdministrator())
return "/faces/admin/welcome.xhtml?faces-redirect=true";
else
return "/faces/testing/welcome.xhtml?faces-redirect=true";
}
return null;
}
private boolean authenticate(String username, String password) throws NoSuchAlgorithmException {
userManagedBean.setCurrentUser(authBean.authenticate(username, password));
if (userManagedBean.getCurrentUser() == null)
return false;
return true;
}
//Constructor and methods...
//...
}
UserManagedBean
class:
@Entity(name = "USERS")
public class User implements Serializable {
private static final long serialVersionUID = 1L;
@Id
private String username;
private boolean administrator;
private byte[] salt;
private byte[] passwordHash;
public String getUsername() {
return username;
}
public void setUsername(String userName) {
this.username = userName;
}
public boolean isAdministrator() {
return administrator;
}
public void setAdministrator(boolean administrator) {
this.administrator = administrator;
}
public byte[] getSalt() {
return salt;
}
public void setSalt(byte[] salt) {
this.salt = salt;
}
public byte[] getPasswordHash() {
return passwordHash;
}
public void setPasswordHash(byte[] passwordHash) {
this.passwordHash = passwordHash;
}
@Override
public int hashCode() {
int hash = 0;
hash += (username != null ? username.hashCode() : 0);
return hash;
}
@Override
public boolean equals(Object object) {
// TODO: Warning - this method won't work in the case the id fields are not set
if (!(object instanceof User)) {
return false;
}
User other = (User) object;
if ((this.username == null && other.username != null) || (this.username != null && !this.username.equals(other.username))) {
return false;
}
return true;
}
@Override
public String toString() {
return "hu.bme.aut.mv.testbay.ejb.entities.User[ id=" + username + " ]";
}
}
@ManagedBean(name = "userManagedBean")
@SessionScoped
public class UserManagedBean implements Serializable {
private static final long serialVersionUID = 1L;
private User currentUser;
public User getCurrentUser() {
return currentUser;
}
public void setCurrentUser(User user) {
this.currentUser = user;
}
public boolean isLoggedIn() {
return currentUser != null;
}
public boolean isAdmin() {
return currentUser != null && currentUser.isAdministrator();
}
public String logout() {
currentUser = null;
return "/faces/index.xhtml";
}
/**
* Creates a new instance of UserManagedBean
*/
public UserManagedBean() {
System.out.println("UserManagedBean constructed!");
}
}
@ManagedBean
@RequestScoped
public class LoginManagedBean implements Serializable {
@EJB
private AuthenticationSessionBeanLocal authBean;
@ManagedProperty("#{userManagedBean}")
private UserManagedBean userManagedBean;
@PostConstruct
public void Dummy() {
User user = userManagedBean.getCurrentUser();
}
public UserManagedBean getUserManagedBean() {
return userManagedBean;
}
public void setUserManagedBean(UserManagedBean userManagedBean) {
this.userManagedBean = userManagedBean;
}
private String username;
private String password;
//Some getters and setters...
//...
public String login() throws NoSuchAlgorithmException {
if (authenticate(username, password)) {
if (userManagedBean.getCurrentUser().isAdministrator())
return "/faces/admin/welcome.xhtml?faces-redirect=true";
else
return "/faces/testing/welcome.xhtml?faces-redirect=true";
}
return null;
}
private boolean authenticate(String username, String password) throws NoSuchAlgorithmException {
userManagedBean.setCurrentUser(authBean.authenticate(username, password));
if (userManagedBean.getCurrentUser() == null)
return false;
return true;
}
//Constructor and methods...
//...
}
过滤器(doBeforeProcessing
):
更新:
重要的是要注意,用户只需正确设置一次,就可以正常地过渡到欢迎屏幕。但是,nex请求发现用户属性为空
触发身份验证的代码位于请求范围LoginManagedBean
类中:
@Entity(name = "USERS")
public class User implements Serializable {
private static final long serialVersionUID = 1L;
@Id
private String username;
private boolean administrator;
private byte[] salt;
private byte[] passwordHash;
public String getUsername() {
return username;
}
public void setUsername(String userName) {
this.username = userName;
}
public boolean isAdministrator() {
return administrator;
}
public void setAdministrator(boolean administrator) {
this.administrator = administrator;
}
public byte[] getSalt() {
return salt;
}
public void setSalt(byte[] salt) {
this.salt = salt;
}
public byte[] getPasswordHash() {
return passwordHash;
}
public void setPasswordHash(byte[] passwordHash) {
this.passwordHash = passwordHash;
}
@Override
public int hashCode() {
int hash = 0;
hash += (username != null ? username.hashCode() : 0);
return hash;
}
@Override
public boolean equals(Object object) {
// TODO: Warning - this method won't work in the case the id fields are not set
if (!(object instanceof User)) {
return false;
}
User other = (User) object;
if ((this.username == null && other.username != null) || (this.username != null && !this.username.equals(other.username))) {
return false;
}
return true;
}
@Override
public String toString() {
return "hu.bme.aut.mv.testbay.ejb.entities.User[ id=" + username + " ]";
}
}
@ManagedBean(name = "userManagedBean")
@SessionScoped
public class UserManagedBean implements Serializable {
private static final long serialVersionUID = 1L;
private User currentUser;
public User getCurrentUser() {
return currentUser;
}
public void setCurrentUser(User user) {
this.currentUser = user;
}
public boolean isLoggedIn() {
return currentUser != null;
}
public boolean isAdmin() {
return currentUser != null && currentUser.isAdministrator();
}
public String logout() {
currentUser = null;
return "/faces/index.xhtml";
}
/**
* Creates a new instance of UserManagedBean
*/
public UserManagedBean() {
System.out.println("UserManagedBean constructed!");
}
}
@ManagedBean
@RequestScoped
public class LoginManagedBean implements Serializable {
@EJB
private AuthenticationSessionBeanLocal authBean;
@ManagedProperty("#{userManagedBean}")
private UserManagedBean userManagedBean;
@PostConstruct
public void Dummy() {
User user = userManagedBean.getCurrentUser();
}
public UserManagedBean getUserManagedBean() {
return userManagedBean;
}
public void setUserManagedBean(UserManagedBean userManagedBean) {
this.userManagedBean = userManagedBean;
}
private String username;
private String password;
//Some getters and setters...
//...
public String login() throws NoSuchAlgorithmException {
if (authenticate(username, password)) {
if (userManagedBean.getCurrentUser().isAdministrator())
return "/faces/admin/welcome.xhtml?faces-redirect=true";
else
return "/faces/testing/welcome.xhtml?faces-redirect=true";
}
return null;
}
private boolean authenticate(String username, String password) throws NoSuchAlgorithmException {
userManagedBean.setCurrentUser(authBean.authenticate(username, password));
if (userManagedBean.getCurrentUser() == null)
return false;
return true;
}
//Constructor and methods...
//...
}
这确实是一个愚蠢的错误 NetBeans断点没有发出信号,但该字段确实是由注销函数访问的,该函数在每次导航后调用。结果是我误用了PrimeFaces组件。我想将注销命令按钮的
output
属性设置为UserManagedBean
上的注销方法,但NetBeans autocomplete在方法名称后放了一对括号,我没有注意到。因此,EL评估了logout()
方法以将结果设置为登录页面的返回url,而不是得到一个错误,即output
属性的工作方式与action
不同,应该以字符串形式接收路径,但该方法也会以静默方式注销用户
我唯一想知道的是,NetBeans是如何在set方法和字段断点中都失败的,在访问字段时应该触发该断点。您可以将变量放入视图(即视图范围),然后使用getter和setter检索/修改它。
这还允许您通过模拟视图响应以更好的方式测试控制器。我不清楚您是如何使用过滤器的。通常,登录页面是一个请求范围的无用户页面,登录操作调用筛选代码来创建/检索用户实体并将其分配给会话范围的UserManagerBean。另一个请求范围的托管bean在EJB的帮助下进行身份验证并检索用户实体,在始终存在的UserManagedBean中设置它。当请求登录或注册表单以外的页面时,将激活筛选器,并检查UserManagedBean实例是否包含用户实体。注销会将此属性设置为null(显然,其他内容会无意中设置为null)。您如何从登录屏幕转换到您的主身份验证页面?@Leo,请查看我的更新。
session.getAttribute(“userManagedBean”)
。在获取属性之前,您在哪里设置了该属性?