Jsf 为什么';t servlet筛选器重定向到/home,如果请求/登录&;伊斯洛格丁是真的
我有两个JSF页面、一些托管bean和一个过滤器 所有内容和过滤器均正常工作Jsf 为什么';t servlet筛选器重定向到/home,如果请求/登录&;伊斯洛格丁是真的,jsf,redirect,login,servlet-filters,Jsf,Redirect,Login,Servlet Filters,我有两个JSF页面、一些托管bean和一个过滤器 所有内容和过滤器均正常工作 -用户必须登录。 -因此,用户要么直接转到login.xhtml,要么在寻找另一个页面时重定向到该页面(hom.xhtml) -一旦用户登录,他就可以浏览页面 问题将在以下代码后解释 login.xhtml: <h:form> <h:panelGrid columns="2"> <h:outputLabel value="name:"/> <h:inpu
-用户必须登录。
-因此,用户要么直接转到
login.xhtml
,要么在寻找另一个页面时重定向到该页面(hom.xhtml
)
-一旦用户登录,他就可以浏览页面
问题将在以下代码后解释
login.xhtml:
<h:form>
<h:panelGrid columns="2">
<h:outputLabel value="name:"/> <h:inputText value="#{user.name}"/>
<h:outputLabel value="password:"/> <h:inputSecret value="#{user.password}"/>
</h:panelGrid>
<h:commandButton id="btn" value="login" action="#{user.login()}"/>
</h:form>
身份验证:
@ManagedBean
@SessionScoped
public class Authentication implements Serializable
{
private boolean authenticated; //Getter & Setter
}
过滤器:
@WebFilter(value = "/faces/*")
public class LoginFilter implements Filter
{
@Override
public void init(FilterConfig filterConfig) throws ServletException
{
//throw new UnsupportedOperationException("Not supported yet.");
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException
{
HttpServletRequest req = (HttpServletRequest) request;
Authentication auth = (Authentication) req.getSession().getAttribute("auth");
if ((auth != null && auth.isLoggedIn()) || (req.getRequestURI().equals("/LoginFilter_Simple/faces/login.xhtml")))
{
chain.doFilter(request, response);
} else
{
HttpServletResponse res = (HttpServletResponse) response;
res.sendRedirect(req.getContextPath() + "/faces/login.xhtml");
}
}
@Override
public void destroy()
{
//throw new UnsupportedOperationException("Not supported yet.");
}
}
我试图将此功能添加到我的筛选器:
-用户登录后,可以浏览除登录.xhtml以外的所有页面 -如果他键入地址栏
login.xhtml
,他将被重定向到home.xhtml
我将简单代码添加到doFilter方法中,使其成为:
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException
{
HttpServletRequest req = (HttpServletRequest) request;
Authentication auth = (Authentication) req.getSession().getAttribute("auth");
if ((auth != null && auth.isLoggedIn()) || (req.getRequestURI().equals("/LoginFilter_Simple/faces/login.xhtml")))
{
if (auth.isLoggedIn() && req.getRequestURI().equals("/LoginFilter_Simple/faces/login.xhtml"))
{
HttpServletResponse res = (HttpServletResponse) response;
res.sendRedirect(req.getContextPath() + "/faces/home.xhtml");
} else
{
chain.doFilter(request, response);
}
} else
{
HttpServletResponse res = (HttpServletResponse) response;
res.sendRedirect(req.getContextPath() + "/faces/login.xhtml");
}
}
即使是代码逻辑也是直观且简单的它提供->
HTTP状态500
更新: HTTP Status 500出现问题是由于在嵌套的
if
中调用auth.isLoggedIn()
,而auth
为null
更新了doFilter
以解决null
问题:(但是此网页有一个重定向循环
):
浏览器将以以下方式打开:
此网页具有重定向循环该网页位于
http://localhost:8080/LoginFilter_Simple/faces/login.xhtml
导致重定向过多。正在清除此网站的Cookie或
允许第三方cookie可以解决此问题。如果不是,就是这样
可能是服务器配置问题,而不是您的
电脑
问题在于你的逻辑。如果用户已经登录,您的第一个
if
将导致循环。以下几点应该行得通
boolean isLoggedIn = (auth != null && auth.isLoggedIn());
// Check if the user is accessing "login.xhtml"
if (req.getRequestURI().equals("/LoginFilter_Simple/faces/login.xhtml")) {
if (isLoggedIn) {
// Redirect to "home.xhtml"
HttpServletResponse res = (HttpServletResponse) response;
res.sendRedirect(req.getContextPath() + "/faces/home.xhtml");
} else {
// Otherwise, nothing to do if he has not logged in
chain.doFilter(request, response);
}
} else {
// For all other pages,
if (isLoggedIn) {
// Nothing to do
chain.doFilter(request, response);
} else {
// Redirect to "login.xhtml" if he has not logged in
HttpServletResponse res = (HttpServletResponse) response;
res.sendRedirect(req.getContextPath() + "/faces/login.xhtml");
}
}
500表示已引发异常。只要在服务器日志中找到它(如果您的HTTP500错误页面不知何故没有显示它)并解释它。例外情况通常已经是全部答案。如果你无法解释它,只需更新你的问题以包含它。我们能够解释异常,并用外行的术语翻译它们,以便您最终理解原因。你知道,一旦你理解了问题的原因,那么解决方案就显而易见了。只要一个想法:如果
req.getRequestURI().equals(“/LoginFilter\u Simple/faces/login.xhtml”)
的计算结果为true,那么auth
仍然可能为null,这将在过滤器的下一个中抛出NullPonterException。@BalusC@w4rumy这是null
问题。我更新了doFilter
(如上)来修复它,但浏览器提供了此网页有一个重定向循环。有什么建议吗?谢谢,我在读你的之前也解决了。因此,我将把我的代码附加到您的答案中(如果您接受的话),以便其他读者看到这两个答案。它们已经相等了。@SalehFeek:如果它们完全相等:),也许你可以节省时间,保持这种方式,因为这样只会给答案增加冗余。对于未来的读者,最好是简洁明了。:)另一个例子可以在这里找到:
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException
{
HttpServletRequest req = (HttpServletRequest) request;
Authentication auth = (Authentication) req.getSession().getAttribute("auth");
if ((auth != null && auth.isLoggedIn()) || (req.getRequestURI().equals("/LoginFilter_Simple/faces/login.xhtml")))
{
if (auth.isLoggedIn() && req.getRequestURI().equals("/LoginFilter_Simple/faces/login.xhtml"))
{
HttpServletResponse res = (HttpServletResponse) response;
res.sendRedirect(req.getContextPath() + "/faces/home.xhtml");
} else
{
chain.doFilter(request, response);
}
} else
{
HttpServletResponse res = (HttpServletResponse) response;
res.sendRedirect(req.getContextPath() + "/faces/login.xhtml");
}
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException
{
HttpServletRequest req = (HttpServletRequest) request;
Authentication auth = (Authentication) req.getSession().getAttribute("auth");
if ((auth != null && auth.isLoggedIn()) || (req.getRequestURI().equals("/LoginFilter_Simple/faces/login.xhtml")))
{
if (auth != null)
{
if (auth.isLoggedIn() && req.getRequestURI().equals("/LoginFilter_Simple/faces/login.xhtml"))
{
HttpServletResponse res = (HttpServletResponse) response;
res.sendRedirect(req.getContextPath() + "/faces/home.xhtml");
} else
{
chain.doFilter(request, response);
}
} else
{
HttpServletResponse res = (HttpServletResponse) response;
res.sendRedirect(req.getContextPath() + "/faces/login.xhtml");
}
} else
{
HttpServletResponse res = (HttpServletResponse) response;
res.sendRedirect(req.getContextPath() + "/faces/login.xhtml");
}
}
boolean isLoggedIn = (auth != null && auth.isLoggedIn());
// Check if the user is accessing "login.xhtml"
if (req.getRequestURI().equals("/LoginFilter_Simple/faces/login.xhtml")) {
if (isLoggedIn) {
// Redirect to "home.xhtml"
HttpServletResponse res = (HttpServletResponse) response;
res.sendRedirect(req.getContextPath() + "/faces/home.xhtml");
} else {
// Otherwise, nothing to do if he has not logged in
chain.doFilter(request, response);
}
} else {
// For all other pages,
if (isLoggedIn) {
// Nothing to do
chain.doFilter(request, response);
} else {
// Redirect to "login.xhtml" if he has not logged in
HttpServletResponse res = (HttpServletResponse) response;
res.sendRedirect(req.getContextPath() + "/faces/login.xhtml");
}
}