Session JSF2.0中用户会话检查的过滤器_Session_Jsf 2_Servlet Filters

Session JSF2.0中用户会话检查的过滤器

session jsf-2

Session JSF2.0中用户会话检查的过滤器,session,jsf-2,servlet-filters,Session,Jsf 2,Servlet Filters,这就是我解决问题的方法。：）我要保护的页面位于cPanel文件夹中。这是我的登录名 @ManagedBean(name = "loginAdmin") @SessionScoped public class LoginAdmin implements Serializable { private static final long serialVersionUID = 1L; private String username; private String passwor

这就是我解决问题的方法。：）我要保护的页面位于cPanel文件夹中。这是我的登录名

@ManagedBean(name = "loginAdmin")
@SessionScoped
public class LoginAdmin implements Serializable {
    private static final long serialVersionUID = 1L;
    private String username;
    private String password;
    boolean loggedIn;

    public boolean isLoggedIn() {
        return loggedIn;
    }
    public void setLoggedIn(boolean loggedIn) {
        this.loggedIn = loggedIn;
    }
    public String getUsername() {
        return username;
    }
    public void setUsername(String username) {
        this.username = username;
    }
    public String getPassword() {
        return password;
    }
    public void setPassword(String password) {
        this.password = password;
    }
    public void login(ActionEvent actionEvent) {
        FacesMessage msg = null;
        if (username.equals("Administrator") && password.equals("store1")) {
            try {
                msg = new FacesMessage(FacesMessage.SEVERITY_INFO, "Welcome",
                        username);
                FacesContext.getCurrentInstance().getExternalContext()
                        .redirect("/eHUB/cPanel/index.xhtml");
                loggedIn = true;
            } catch (IOException e) {
                e.printStackTrace();
            }
        } else {
            msg = new FacesMessage(FacesMessage.SEVERITY_WARN, "Login Error",
                    "Invalid User Name or Password");
            loggedIn = false;
        }
        FacesContext.getCurrentInstance().addMessage(null, msg);
    }
    public void logout(ActionEvent actionEvent) throws IOException {
        ((HttpSession) FacesContext.getCurrentInstance().getExternalContext()
             .getSession(false)).invalidate();
        loggedIn = false;
        FacesContext.getCurrentInstance().getExternalContext().redirect("login.xhtml");
    }
}

这是我的过滤代码：

@WebFilter("/cPanel/*")
public class RestrictFilter implements Filter {
    private FilterConfig fc;


    public RestrictFilter() {

    }


    public void destroy() {

    }


    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;
        LoginAdmin loginAdmin = (LoginAdmin) request.getSession().getAttribute("loginAdmin");
        String loginURL = request.getContextPath() + "/login.xhtml";
        if(loginAdmin != null && loginAdmin.isLoggedIn()){
            chain.doFilter(req, res);
        }
        else{
            response.sendRedirect(loginURL);
        }
    }


    public void init(FilterConfig fConfig) throws ServletException {
        this.fc = fConfig;
    }

}

这是完美的工作。请投反对票。再次感谢你。：）

我也有同样的问题，但我刚刚解决了。这是我的解决方案：首先，您必须在WebContent中创建一个名为“pages”的文件夹，例如，将所有受保护的xhtml页面（在您的示例中为index.xhtml）放在其中，并将login.xhtml放在WebContent文件夹中。您必须将web.xml中的过滤器更改为

<filter>
<filter-name>RestrictFilter</filter-name>
<filter-class>com.kicsit.ehub.filters.RestrictFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>RestrictFilter</filter-name>
<url-pattern>/pages/*</url-pattern>


限流滤波器
com.kicsit.ehub.filters.RestrictFilter
限流滤波器
/页数/*


welcome.jsp

在welcome.jsp中放入以下行：

然后重定向将正常工作。

web.xml:-

![MainPanel is Secure][1]

<filter>
        <filter-name>loginFilter</filter-name>
        <filter-class>aksa.sc.util.AccessFilter</filter-class>
        <init-param>
            <param-name>test-param</param-name>
            <param-value>This parameter is for testing.</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>loginFilter</filter-name>
        <url-pattern>/secure/*</url-pattern>
    </filter-mapping>

您忘了告诉我此代码的具体问题。我希望用户在查看index.xhtml页面之前必须输入其凭据。在当前情况下，用户可以查看index.xhtml页面，而无需登录页面。这是我的具体问题，我已经解决了。请看一看。

![MainPanel is Secure][1]

<filter>
        <filter-name>loginFilter</filter-name>
        <filter-class>aksa.sc.util.AccessFilter</filter-class>
        <init-param>
            <param-name>test-param</param-name>
            <param-value>This parameter is for testing.</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>loginFilter</filter-name>
        <url-pattern>/secure/*</url-pattern>
    </filter-mapping>

public class AccessFilter implements Filter {

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        String testParam = filterConfig.getInitParameter("test-param");
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
        HttpServletResponse httpServletResponse = (HttpServletResponse) response;
        HttpSession session = httpServletRequest.getSession(true);

        // Get the IP address of client machine.
        String ipAddress = request.getRemoteAddr();

        // Log the IP address and current timestamp.
        // System.out.println("IP "+ipAddress + ", Time "+ new
        // Date().toString());
        if (httpServletRequest.getRequestURL().toString().contains("/scTheme/")) {
            if (session == null || session.getAttribute("userName") == null) {
                httpServletResponse.sendRedirect("/scTheme/login.xhtml");
            }

        }
        chain.doFilter(request, response);
    }

    @Override
    public void destroy() {
        //

    }
}