Session JSF2.0中用户会话检查的过滤器
这就是我解决问题的方法。:) 我要保护的页面位于cPanel文件夹中。这是我的登录名Session JSF2.0中用户会话检查的过滤器,session,jsf-2,servlet-filters,Session,Jsf 2,Servlet Filters,这就是我解决问题的方法。:) 我要保护的页面位于cPanel文件夹中。这是我的登录名 @ManagedBean(name = "loginAdmin") @SessionScoped public class LoginAdmin implements Serializable { private static final long serialVersionUID = 1L; private String username; private String passwor
@ManagedBean(name = "loginAdmin")
@SessionScoped
public class LoginAdmin implements Serializable {
private static final long serialVersionUID = 1L;
private String username;
private String password;
boolean loggedIn;
public boolean isLoggedIn() {
return loggedIn;
}
public void setLoggedIn(boolean loggedIn) {
this.loggedIn = loggedIn;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public void login(ActionEvent actionEvent) {
FacesMessage msg = null;
if (username.equals("Administrator") && password.equals("store1")) {
try {
msg = new FacesMessage(FacesMessage.SEVERITY_INFO, "Welcome",
username);
FacesContext.getCurrentInstance().getExternalContext()
.redirect("/eHUB/cPanel/index.xhtml");
loggedIn = true;
} catch (IOException e) {
e.printStackTrace();
}
} else {
msg = new FacesMessage(FacesMessage.SEVERITY_WARN, "Login Error",
"Invalid User Name or Password");
loggedIn = false;
}
FacesContext.getCurrentInstance().addMessage(null, msg);
}
public void logout(ActionEvent actionEvent) throws IOException {
((HttpSession) FacesContext.getCurrentInstance().getExternalContext()
.getSession(false)).invalidate();
loggedIn = false;
FacesContext.getCurrentInstance().getExternalContext().redirect("login.xhtml");
}
}
这是我的过滤代码:
@WebFilter("/cPanel/*")
public class RestrictFilter implements Filter {
private FilterConfig fc;
public RestrictFilter() {
}
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
LoginAdmin loginAdmin = (LoginAdmin) request.getSession().getAttribute("loginAdmin");
String loginURL = request.getContextPath() + "/login.xhtml";
if(loginAdmin != null && loginAdmin.isLoggedIn()){
chain.doFilter(req, res);
}
else{
response.sendRedirect(loginURL);
}
}
public void init(FilterConfig fConfig) throws ServletException {
this.fc = fConfig;
}
}
这是完美的工作。请投反对票。再次感谢你。:) 我也有同样的问题,但我刚刚解决了。这是我的解决方案: 首先,您必须在WebContent中创建一个名为“pages”的文件夹,例如,将所有受保护的xhtml页面(在您的示例中为index.xhtml)放在其中,并将login.xhtml放在WebContent文件夹中。您必须将web.xml中的过滤器更改为
<filter>
<filter-name>RestrictFilter</filter-name>
<filter-class>com.kicsit.ehub.filters.RestrictFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>RestrictFilter</filter-name>
<url-pattern>/pages/*</url-pattern>
限流滤波器
com.kicsit.ehub.filters.RestrictFilter
限流滤波器
/页数/*
welcome.jsp
在welcome.jsp中放入以下行:
然后重定向将正常工作。web.xml:-
![MainPanel is Secure][1]
<filter>
<filter-name>loginFilter</filter-name>
<filter-class>aksa.sc.util.AccessFilter</filter-class>
<init-param>
<param-name>test-param</param-name>
<param-value>This parameter is for testing.</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>loginFilter</filter-name>
<url-pattern>/secure/*</url-pattern>
</filter-mapping>
您忘了告诉我此代码的具体问题。我希望用户在查看index.xhtml页面之前必须输入其凭据。在当前情况下,用户可以查看index.xhtml页面,而无需登录页面。这是我的具体问题,我已经解决了。请看一看。
![MainPanel is Secure][1]
<filter>
<filter-name>loginFilter</filter-name>
<filter-class>aksa.sc.util.AccessFilter</filter-class>
<init-param>
<param-name>test-param</param-name>
<param-value>This parameter is for testing.</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>loginFilter</filter-name>
<url-pattern>/secure/*</url-pattern>
</filter-mapping>
public class AccessFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
String testParam = filterConfig.getInitParameter("test-param");
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
HttpSession session = httpServletRequest.getSession(true);
// Get the IP address of client machine.
String ipAddress = request.getRemoteAddr();
// Log the IP address and current timestamp.
// System.out.println("IP "+ipAddress + ", Time "+ new
// Date().toString());
if (httpServletRequest.getRequestURL().toString().contains("/scTheme/")) {
if (session == null || session.getAttribute("userName") == null) {
httpServletResponse.sendRedirect("/scTheme/login.xhtml");
}
}
chain.doFilter(request, response);
}
@Override
public void destroy() {
//
}
}