Jsf Servlet筛选器始终重定向到登录页面
我正在用JSF、CDI和Servlet过滤器实现我的系统安全性。每次我连接时,系统都会将我重定向到主页,但当我单击任何其他链接时,系统会再次重定向到登录页面 我怀疑某些CDIBean的范围可能是错误的,但我无法跟踪它 有人能帮我吗 Servlet过滤器Jsf Servlet筛选器始终重定向到登录页面,jsf,servlets,login,filter,cdi,Jsf,Servlets,Login,Filter,Cdi,我正在用JSF、CDI和Servlet过滤器实现我的系统安全性。每次我连接时,系统都会将我重定向到主页,但当我单击任何其他链接时,系统会再次重定向到登录页面 我怀疑某些CDIBean的范围可能是错误的,但我无法跟踪它 有人能帮我吗 Servlet过滤器 package com.br.pentagono.controler; import java.io.IOException; import javax.inject.Inject; import javax.servlet.Filter;
package com.br.pentagono.controler;
import java.io.IOException;
import javax.inject.Inject;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@WebFilter("/paginas/*")
public class AutorizacaoFilter implements Filter {
@Inject
LoginBean loginBean;
public AutorizacaoFilter() {
}
public void destroy() {
}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) res;
HttpServletRequest request = (HttpServletRequest) req;
if (loginBean.getIsLogado() == false && !request.getRequestURI().endsWith("/index.xhtml")
&& !request.getRequestURI().contains("/javax.faces.resource/")) {
response.sendRedirect(request.getContextPath() + "/index.xhtml");
System.out.println(request.getContextPath() + "/index.xhtml");
} else {
chain.doFilter(req, res);
}
}
public void init(FilterConfig fConfig) throws ServletException {
}
}
登录Bean
package com.br.pentagono.controler;
import java.io.Serializable;
import javax.enterprise.context.SessionScoped;
import javax.faces.context.FacesContext;
import javax.inject.Inject;
import javax.inject.Named;
import javax.persistence.NoResultException;
import org.apache.commons.lang3.StringUtils;
import com.br.pentagono.model.Usuario;
import com.br.pentagono.repository.Usuarios;
import com.br.pentagono.util.jsf.JSFUtil;
@Named(value = LoginBean.BEAN_NAME)
@SessionScoped
public class LoginBean implements Serializable {
private static final long serialVersionUID = 1L;
private static final String PAGINA_INICIAL = "paginas/home?faces-redirect=true";
protected static final String BEAN_NAME = "loginMB";
@Inject
private Usuarios usuarios;
private Usuario usuarioBanco = null;
private Usuario usurioLogado;
private String email;
private String senha;
private Boolean isLogado = false;
public String login() {
if (StringUtils.isBlank(email) && StringUtils.isBlank(senha)) {
JSFUtil.retornarMensagemErro("Erro no Login", "Preencha os campos E-Mail e Senha!", null);
this.setIsLogado(false);
}
try {
usuarioBanco = usuarios.lerPorEmail(this.email);
} catch (NoResultException e) {
JSFUtil.retornarMensagemErro("Erro no Login", "Usuário não existe.", null);
this.setIsLogado(false);
return null;
}
if (null == usuarioBanco) {
JSFUtil.retornarMensagemErro("Erro no Login", "Usuário ou Senha não encontrados", null);
this.setIsLogado(false);
return null;
}
if (!senha.equals(usuarioBanco.getSenha())) {
JSFUtil.retornarMensagemErro("Erro no Login", "Dados incorretos!", null);
this.setIsLogado(false);
return null;
}
this.setIsLogado(true);
this.setUsurioLogado(usuarioBanco);
return this.getHome();
}
public String logout() {
FacesContext.getCurrentInstance().getExternalContext().invalidateSession();
return "/index?faces-redirect=true";
}
public String getHome() {
return LoginBean.PAGINA_INICIAL;
}
public String getEmail() {
return email;
}
public String getSenha() {
return senha;
}
public void setEmail(String email) {
this.email = email;
}
public void setSenha(String senha) {
this.senha = senha;
}
public Usuario getUsurioLogado() {
return usurioLogado;
}
public void setUsurioLogado(Usuario usurioLogado) {
this.usurioLogado = usurioLogado;
}
public Boolean getIsLogado() {
return isLogado;
}
public void setIsLogado(Boolean isLogado) {
this.isLogado = isLogado;
}
}
Web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
id="WebApp_ID" version="3.1">
<display-name>Faturamento</display-name>
<welcome-file-list>
<welcome-file>index.xhtml</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<context-param>
<param-name>primefaces.THEME</param-name>
<param-value>omega</param-value>
</context-param>
<context-param>
<param-name>com.sun.faces.writeStateAtFormEnd</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>primefaces.SECRET</param-name>
<param-value>@</param-value>
</context-param>
<context-param>
<param-name>primefaces.SUBMIT</param-name>
<param-value>partial</param-value>
</context-param>
<context-param>
<param-name>javax.faces.FACELETS_SKIP_COMMENTS</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<description>State saving method: 'client' or 'server' (=default).
See JSF Specification 2.5.2</description>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>client</param-value>
</context-param>
<context-param>
<param-name>javax.servlet.jsp.jstl.fmt.localizationContext</param-name>
<param-value>resources.application</param-value>
</context-param>
<context-param>
<param-name>primefaces.FONT_AWESOME</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>primefaces.PRIVATE_CAPTCHA_KEY</param-name>
<param-value>6LZwoAAEhRyntK2v-GMRR</param-value>
</context-param>
<context-param>
<param-name>primefaces.PUBLIC_CAPTCHA_KEY</param-name>
<param-value>6L0P7IBu</param-value>
</context-param>
<mime-mapping>
<extension>xhtml</extension>
<mime-type>application/xml</mime-type>
</mime-mapping>
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
<context-param>
<param-name>javax.faces.FACELETS_REFRESH_PERIOD</param-name>
<param-value>2</param-value>
</context-param>
<listener>
<listener-class>com.sun.faces.config.ConfigureListener</listener-class>
</listener>
<error-page>
<error-code>403</error-code>
<location>/paginas/erro/403.xhtml</location>
</error-page>
<error-page>
<error-code>404</error-code>
<location>/paginas/erro/404.xhtml</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/paginas/erro/500.xhtml</location>
</error-page>
<listener>
<listener-class>org.jboss.weld.environment.servlet.Listener</listener-class>
</listener>
<resource-env-ref>
<resource-env-ref-name>BeanManager</resource-env-ref-name>
<resource-env-ref-type>javax.enterprise.inject.spi.BeanManager</resource-env-ref-type>
</resource-env-ref>
<filter>
<filter-name>AutorizacaoFilter</filter-name>
<filter-class>com.br.pentagono.controler.AutorizacaoFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>AutorizacaoFilter</filter-name>
<url-pattern>/paginas/*</url-pattern>
</filter-mapping>
<welcome-file-list>
<welcome-file>index.xhtml</welcome-file>
</welcome-file-list>
</web-app>
法图拉门托
index.xhtml
Facesservlet
javax.faces.webapp.FacesServlet
1.
Facesservlet
*.xhtml
主题
欧米茄
com.sun.faces.writestateformend
假的
秘密
@
提交
部分的
javax.faces.FACELETS\u跳过\u注释
真的
状态保存方法:“客户端”或“服务器”(=默认值)。
参见JSF规范2.5.2
javax.faces.STATE_保存方法
客户
javax.servlet.jsp.jstl.fmt.localizationContext
资源.应用
primefaces.FONT\u太棒了
真的
primefaces.PRIVATE\u验证码\u密钥
6LZwoAAEhRyntK2v GMRR
primefaces.PUBLIC\u验证码\u密钥
6L0P7IBu
xhtml
应用程序/xml
javax.faces.PROJECT_阶段
发展
javax.faces.FACELETS\u刷新\u周期
2.
com.sun.faces.config.ConfigureListener
403
/paginas/erro/403.xhtml
404
/paginas/erro/404.xhtml
500
/paginas/erro/500.xhtml
org.jboss.weld.environment.servlet.Listener
豆管员
javax.enterprise.inject.spi.BeanManager
自动调整滤波器
com.br.pentagono.controler.autorizao过滤器
自动调整滤波器
/帕吉纳斯/*
index.xhtml
我只是想检查一下,您能否确认在调用login()
方法之后,getIsLogado()
返回true?您在登录bean上的什么地方调用login方法?似乎是missingYes仅在登录时返回true。之后,返回false。我正在调用index.xhtml页面上的方法。我正在使用此页面作为登录页面。