我的项目使用 JSF 2.1、RichFaces 4.1 和 GlassFish 3.1.2。我在 web.xml 中注册了一个过滤器。
问题:如何过滤自动包含在项目中的 JSF 和 RichFaces(例如 javax.faces.resource/richfaces-queue.js.xhtml)的资源?
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<!-- configuration of the session -->
<session-config>
<session-timeout>15</session-timeout>
<cookie-config>
<http-only>true</http-only>
</cookie-config>
</session-config>
<welcome-file-list>
<welcome-file>index.xhtml</welcome-file>
</welcome-file-list>
<context-param>
<param-name>org.richfaces.skin</param-name>
<param-value>myskin</param-value>
</context-param>
<!-- The runtime must interpret each entry with Facelet tag library-->
<context-param>
<param-name>facelets.LIBRARIES</param-name>
<param-value>/WEB-INF/tags/taglib.xml</param-value>
</context-param>
<!-- Alternate suffix for JSF pages -->
<context-param>
<param-name>javax.faces.DEFAULT_SUFFIX</param-name>
<param-value>.xhtml</param-value>
</context-param>
<!-- XML comments in the Facelets source page are not delivered to the client -->
<context-param>
<param-name>javax.faces.FACELETS_SKIP_COMMENTS</param-name>
<param-value>true</param-value>
</context-param>
<!-- Project Stage for JSF (Production | Development | UnitTest | SystemTes | Extension) -->
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
<filter>
<filter-name>AuthenticationFilter</filter-name>
<filter-class>ru.axetta.utils.web.JSFAuthenticationFilter</filter-class>
<init-param>
<param-name>includes</param-name>
<param-value>/index.xhtml, /login.xhtml</param-value>
</init-param>
<init-param>
<!--
Relational to context root, must start from "/".
Example to be excludes: /javax.faces.resource/jquery.position.js.xhtml, /resource/images/logo.png, /rfRes/toolbar.ecss.xhtml
-->
<param-name>excludes</param-name>
<param-value>^(/rfRes/)(.+)(\u002E[a-zA-Z]+)(\u002Exhtml)$,
^(/javax.faces.resource/)(.+)(\u002E[a-zA-Z]+)(\u002Exhtml)$,
^(/resources/)([a-zA-Z]+/)(\w+)(\u002E)([a-zA-Z]+)$, /services, /cryptopro/applet
</param-value>
</init-param>
<init-param>
<param-name>loginPage</param-name>
<param-value>/login.xhtml</param-value>
</init-param>
<init-param>
<param-name>loginPageReplacement</param-name>
<param-value>/index.xhtml</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>AuthenticationFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Faces Servlet -->
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- Faces Servlet Mapping -->
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<!-- Page for errors -->
<error-page>
<error-code>404</error-code>
<location>/include/error/ErrorPage.xhtml</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/include/error/ErrorPage.xhtml</location>
</error-page>
<error-page>
<error-code>503</error-code>
<location>/include/error/ErrorPage.xhtml</location>
</error-page>
<error-page>
<exception-type>java.lang.Throwable</exception-type>
<location>/include/error/ErrorPage.xhtml</location>
</error-page>
</web-app>
JSFAuthenticationFilter
public class JSFAuthenticationFilter implements Filter {
// ... variables
@Override //initialize
public void init(FilterConfig filterConfig) throws ServletException {
// ... do something
}
@Override //filtering URI
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpSession httpSession = httpRequest.getSession(true);
HttpServletResponse httpResponse = (HttpServletResponse) response;
String servletPath = httpRequest.getServletPath();
//excluded data for the filtration (/javax.faces.resource/richfaces-queue.js.xhtml and other)
if (isURLExcluded(servletPath)) {
chain.doFilter(request, response);
return;
}
//processed data to filter (/login.xhtml and /index.html)
if (isURLIncluded(servletPath)) {
// ... do something
} else { //for errors page
httpResponse.sendError(HttpServletResponse.SC_NOT_FOUND, MessageFormat.format("Error message: page:{0} not found", servletPath));//404
chain.doFilter(request, response);
return;//redirect -> errorPage.xhtml
}
}
@Override
public void destroy() {
// nothing to do here
}
}
问题#1:如果浏览器地址栏输入路径 http:///myapp/javax.faces.resource/richfaces-queue.js.xhtml 窗口会打印包含资源的所有文本
问题#2:为了检查排除的资源,我使用正则表达式。如果输入有效地址,例如http:///myapp/javax.faces.resource/richfaces2-queue.js.xhtml 窗口将打印:
解析 XML 时出错:找不到元素地址:http:///myapp/javax.faces.resource/richfaces2-queue.js.xhtml 第 1 行,字符 1:
不重定向到页面ErrorPage.xhtml并且 GlassFish 日志中没有信息。请告诉我,让我过滤资源并切换到错误页面?
PS:类似的问题(https://forums.oracle.com/forums/thread.jspa?threadID=1717040)