Servlets 应用程序筛选器重定向循环
我是servlet过滤器的新手,在使用过滤器的项目中遇到了一个问题。 我有两个过滤器,AuthenticationFilter和AuthorizationFilter。它们适用于我的netbeans项目中的/user/*页面,我已经为每种类型的用户创建了一个索引页面。第一个过滤器进行检查,以便只有经过身份验证的用户才能访问用户页面。然后,第二个过滤器检查请求的ulr是否对该用户有效,并相应地重定向。您可以在下面找到每个过滤器的doFilter方法: 身份验证筛选器:Servlets 应用程序筛选器重定向循环,servlets,servlet-filters,Servlets,Servlet Filters,我是servlet过滤器的新手,在使用过滤器的项目中遇到了一个问题。 我有两个过滤器,AuthenticationFilter和AuthorizationFilter。它们适用于我的netbeans项目中的/user/*页面,我已经为每种类型的用户创建了一个索引页面。第一个过滤器进行检查,以便只有经过身份验证的用户才能访问用户页面。然后,第二个过滤器检查请求的ulr是否对该用户有效,并相应地重定向。您可以在下面找到每个过滤器的doFilter方法: 身份验证筛选器: public void do
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException
{
HttpServletRequest req = ( HttpServletRequest )request;
HttpServletResponse resp = ( HttpServletResponse ) response;
HttpSession ses = req.getSession( false );
User user = ( User )req.getSession().getAttribute( "user" );
//String url = req.getRequestURI();
if( user == null )
resp.sendRedirect( req.getContextPath()+ "/index.xhtml" );
else
chain.doFilter ( request, response );
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException
{
HttpServletRequest req = ( HttpServletRequest )request;
HttpServletResponse resp = ( HttpServletResponse ) response;
HttpSession ses = req.getSession( false );
User user = ( User )req.getSession().getAttribute( "user" );
String url = req.getRequestURI();
Role role = ( Role ) user.getRole();
if( role != null )
{
int roleId = role.getRoleId();
switch( roleId )
{
case 13:
{
resp.sendRedirect( req.getContextPath()+ "/user/studentIndex.xhtml" );
};break;
case 12:
{
resp.sendRedirect( req.getContextPath()+ "/user/instructorIndex.xhtml" );
};break;
case 11:
{
resp.sendRedirect( req.getContextPath()+ "/user/staffIndex.xhtml" );
};break;
}
}
else
chain.doFilter ( request, response );
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException
{
HttpServletRequest req = ( HttpServletRequest )request;
HttpServletResponse resp = ( HttpServletResponse ) response;
HttpSession ses = req.getSession( false );
User user = ( User )req.getSession().getAttribute( "user" );
//String url = req.getRequestURI();
if( user == null )
resp.sendRedirect( req.getContextPath()+ "/index.xhtml" );
else
chain.doFilter ( request, response );
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException
{
HttpServletRequest req = ( HttpServletRequest )request;
HttpServletResponse resp = ( HttpServletResponse ) response;
HttpSession ses = req.getSession( false );
User user = ( User )req.getSession().getAttribute( "user" );
String url = req.getRequestURI();
Role role = ( Role ) user.getRole();
if( role != null )
{
int roleId = role.getRoleId();
switch( roleId )
{
case 13:
{
resp.sendRedirect( req.getContextPath()+ "/user/studentIndex.xhtml" );
};break;
case 12:
{
resp.sendRedirect( req.getContextPath()+ "/user/instructorIndex.xhtml" );
};break;
case 11:
{
resp.sendRedirect( req.getContextPath()+ "/user/staffIndex.xhtml" );
};break;
}
}
else
chain.doFilter ( request, response );
}
提前感谢。为什么要从身份验证筛选器重定向?在bean中,我调用相应的dao来获取临时objectUser。如果没有用户,用户对象将为空,因此我重定向到用户可以登录的/index页面。@Tiny thnx对于回复,您可以在上面找到我的注释。此外,将它们组合到同一个过滤器仍然会导致问题,我刚刚尝试过。由于每个索引页都位于/user/目录中,并且筛选器应用于/user/*,因此重定向到相应的索引页将再次触发筛选器。@BalusC Thnx,我上面的评论。。这是另一方的问题。现在的问题不是关于这个问题。如果将筛选器映射到URL模式/user/*,则只要请求与模式匹配,就会调用该筛选器。将此筛选器与应用程序的其余部分分离,并将筛选器映射到另一个仅与身份验证/授权请求匹配的URL模式。或者,也可以使用Servlet,或者如果碰巧使用了JSF,那么也可以使用托管bean。