Fatal编程技术网
  • jsf/
  • Jsf 为什么';t servlet筛选器重定向到/home,如果请求/登录&;伊斯洛格丁是真的

Jsf 为什么';t servlet筛选器重定向到/home,如果请求/登录&;伊斯洛格丁是真的

jsf redirect login

Jsf 为什么';t servlet筛选器重定向到/home,如果请求/登录&;伊斯洛格丁是真的,jsf,redirect,login,servlet-filters,Jsf,Redirect,Login,Servlet Filters,我有两个JSF页面、一些托管bean和一个过滤器 所有内容和过滤器均正常工作 -用户必须登录。 -因此,用户要么直接转到login.xhtml,要么在寻找另一个页面时重定向到该页面(hom.xhtml) -一旦用户登录,他就可以浏览页面 问题将在以下代码后解释 login.xhtml: <h:form> <h:panelGrid columns="2"> <h:outputLabel value="name:"/> <h:inpu

我有两个JSF页面、一些托管bean和一个过滤器

所有内容和过滤器均正常工作
-用户必须登录。
-因此,用户要么直接转到
login.xhtml
,要么在寻找另一个页面时重定向到该页面(
hom.xhtml
) -一旦用户登录,他就可以浏览页面

问题将在以下代码后解释

login.xhtml:

  <h:form>
     <h:panelGrid columns="2">
     <h:outputLabel value="name:"/> <h:inputText value="#{user.name}"/>
     <h:outputLabel value="password:"/> <h:inputSecret value="#{user.password}"/>
     </h:panelGrid>
     <h:commandButton id="btn"  value="login" action="#{user.login()}"/>
  </h:form>
身份验证:

@ManagedBean
@SessionScoped
public class Authentication implements Serializable
{
   private boolean authenticated; //Getter & Setter
}
过滤器:

@WebFilter(value = "/faces/*")
public class LoginFilter implements Filter
{

   @Override
   public void init(FilterConfig filterConfig) throws ServletException
   {
      //throw new UnsupportedOperationException("Not supported yet.");
   }

   @Override
   public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException
   {
      HttpServletRequest req = (HttpServletRequest) request;
      Authentication auth = (Authentication) req.getSession().getAttribute("auth");

      if ((auth != null && auth.isLoggedIn()) || (req.getRequestURI().equals("/LoginFilter_Simple/faces/login.xhtml")))
      {
         chain.doFilter(request, response);
      } else
      {
         HttpServletResponse res = (HttpServletResponse) response;
         res.sendRedirect(req.getContextPath() + "/faces/login.xhtml");
      }
   }

   @Override
   public void destroy()
   {
      //throw new UnsupportedOperationException("Not supported yet.");
   }
}
我试图将此功能添加到我的筛选器:
-用户登录后,可以浏览除登录.xhtml以外的所有页面 -如果他键入地址栏
login.xhtml
,他将被重定向到
home.xhtml

我将简单代码添加到doFilter方法中,使其成为:

   @Override
   public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException
   {
      HttpServletRequest req = (HttpServletRequest) request;
      Authentication auth = (Authentication) req.getSession().getAttribute("auth");

      if ((auth != null && auth.isLoggedIn()) || (req.getRequestURI().equals("/LoginFilter_Simple/faces/login.xhtml")))
      {
         if (auth.isLoggedIn() && req.getRequestURI().equals("/LoginFilter_Simple/faces/login.xhtml"))
         {
            HttpServletResponse res = (HttpServletResponse) response;
            res.sendRedirect(req.getContextPath() + "/faces/home.xhtml");
         } else
         {
            chain.doFilter(request, response);
         }
      } else
      {
         HttpServletResponse res = (HttpServletResponse) response;
         res.sendRedirect(req.getContextPath() + "/faces/login.xhtml");
      }
   }
即使是代码逻辑也是直观且简单的
它提供->
HTTP状态500

更新

HTTP Status 500出现问题是由于在嵌套的
if
中调用
auth.isLoggedIn()
,而
auth
null

更新了
doFilter
以解决
null
问题:(但是
此网页有一个重定向循环
):

浏览器将以以下方式打开:

此网页具有重定向循环
该网页位于 
http://localhost:8080/LoginFilter_Simple/faces/login.xhtml
导致重定向过多。正在清除此网站的Cookie或 允许第三方cookie可以解决此问题。如果不是,就是这样 可能是服务器配置问题,而不是您的 电脑

问题在于你的逻辑。如果用户已经登录,您的第一个
if
将导致循环。以下几点应该行得通

boolean isLoggedIn = (auth != null && auth.isLoggedIn());

// Check if the user is accessing "login.xhtml"
if (req.getRequestURI().equals("/LoginFilter_Simple/faces/login.xhtml")) {
    if (isLoggedIn) {
        // Redirect to "home.xhtml"
        HttpServletResponse res = (HttpServletResponse) response;
        res.sendRedirect(req.getContextPath() + "/faces/home.xhtml");
    } else {
        // Otherwise, nothing to do if he has not logged in
        chain.doFilter(request, response);
    }

} else {
    // For all other pages,
    if (isLoggedIn) {
        // Nothing to do
        chain.doFilter(request, response);
    } else {
        // Redirect to "login.xhtml" if he has not logged in
        HttpServletResponse res = (HttpServletResponse) response;
        res.sendRedirect(req.getContextPath() + "/faces/login.xhtml");
    }
}
500表示已引发异常。只要在服务器日志中找到它(如果您的HTTP500错误页面不知何故没有显示它)并解释它。例外情况通常已经是全部答案。如果你无法解释它,只需更新你的问题以包含它。我们能够解释异常,并用外行的术语翻译它们,以便您最终理解原因。你知道,一旦你理解了问题的原因,那么解决方案就显而易见了。只要一个想法:如果
req.getRequestURI().equals(“/LoginFilter\u Simple/faces/login.xhtml”)
的计算结果为true,那么
auth
仍然可能为null,这将在过滤器的下一个
中抛出NullPonterException。@BalusC@w4rumy这是
null
问题。我更新了
doFilter
(如上)来修复它,但浏览器提供了
此网页有一个重定向循环。有什么建议吗?谢谢,我在读你的之前也解决了。因此,我将把我的代码附加到您的答案中(如果您接受的话),以便其他读者看到这两个答案。它们已经相等了。@SalehFeek:如果它们完全相等:),也许你可以节省时间,保持这种方式,因为这样只会给答案增加冗余。对于未来的读者,最好是简洁明了。:)另一个例子可以在这里找到:

   @Override
   public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException
   {
      HttpServletRequest req = (HttpServletRequest) request;
      Authentication auth = (Authentication) req.getSession().getAttribute("auth");

      if ((auth != null && auth.isLoggedIn()) || (req.getRequestURI().equals("/LoginFilter_Simple/faces/login.xhtml")))
      {
         if (auth.isLoggedIn() && req.getRequestURI().equals("/LoginFilter_Simple/faces/login.xhtml"))
         {
            HttpServletResponse res = (HttpServletResponse) response;
            res.sendRedirect(req.getContextPath() + "/faces/home.xhtml");
         } else
         {
            chain.doFilter(request, response);
         }
      } else
      {
         HttpServletResponse res = (HttpServletResponse) response;
         res.sendRedirect(req.getContextPath() + "/faces/login.xhtml");
      }
   }



   @Override
   public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException
   {
      HttpServletRequest req = (HttpServletRequest) request;
      Authentication auth = (Authentication) req.getSession().getAttribute("auth");

      if ((auth != null && auth.isLoggedIn()) || (req.getRequestURI().equals("/LoginFilter_Simple/faces/login.xhtml")))
      {
         if (auth != null)
         {
            if (auth.isLoggedIn() && req.getRequestURI().equals("/LoginFilter_Simple/faces/login.xhtml"))
            {
               HttpServletResponse res = (HttpServletResponse) response;
               res.sendRedirect(req.getContextPath() + "/faces/home.xhtml");
            } else
            {
               chain.doFilter(request, response);
            }
         } else
         {
            HttpServletResponse res = (HttpServletResponse) response;
            res.sendRedirect(req.getContextPath() + "/faces/login.xhtml");
         }
      } else
      {
         HttpServletResponse res = (HttpServletResponse) response;
         res.sendRedirect(req.getContextPath() + "/faces/login.xhtml");
      }
   }



boolean isLoggedIn = (auth != null && auth.isLoggedIn());

// Check if the user is accessing "login.xhtml"
if (req.getRequestURI().equals("/LoginFilter_Simple/faces/login.xhtml")) {
    if (isLoggedIn) {
        // Redirect to "home.xhtml"
        HttpServletResponse res = (HttpServletResponse) response;
        res.sendRedirect(req.getContextPath() + "/faces/home.xhtml");
    } else {
        // Otherwise, nothing to do if he has not logged in
        chain.doFilter(request, response);
    }

} else {
    // For all other pages,
    if (isLoggedIn) {
        // Nothing to do
        chain.doFilter(request, response);
    } else {
        // Redirect to "login.xhtml" if he has not logged in
        HttpServletResponse res = (HttpServletResponse) response;
        res.sendRedirect(req.getContextPath() + "/faces/login.xhtml");
    }
}