0

每次调用“com.shadibandhan.Restricted”文件夹中的文件(图像和 xhtml)时,我都会调用这个 servlet 过滤器 servlet。

我正在使用 JSF,所以还有Faces Servlet

这是我的 web.xml

    <?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
    <context-param>
        <param-name>javax.faces.PROJECT_STAGE</param-name>
        <param-value>Production</param-value>
    </context-param>
    <servlet>
        <servlet-name>Faces Servlet</servlet-name>
        <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet>
        <servlet-name>SbServlet</servlet-name>
        <servlet-class>com.shadibandhan.ControllerLayer.SbServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>    
    <servlet-mapping>
        <servlet-name>Faces Servlet</servlet-name>
        <url-pattern>/faces/*</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
        <servlet-name>SbServlet</servlet-name>
        <url-pattern>/SbServlet</url-pattern>
    </servlet-mapping>
    <session-config>
        <session-timeout>
            30
        </session-timeout>
    </session-config>
    <welcome-file-list>
        <welcome-file>faces/index.xhtml</welcome-file>
    </welcome-file-list>
    <listener>
        <listener-class>com.sun.faces.config.ConfigureListener</listener-class>
    </listener>
    <filter>
        <filter-name>SessionFilter</filter-name>
        <filter-class>
            com.shadibandhan.ControllerLayer.SessionFilter
        </filter-class>
        <init-param>
            <param-name>avoid-urls</param-name>
            <param-value></param-value>
        </init-param>
    </filter>

    <filter-mapping>
        <filter-name>SessionFilter</filter-name>
        <url-pattern>/faces/com.shadibandhan.Restricted/*</url-pattern>
    </filter-mapping>

    <filter>
        <filter-name>PrimeFaces FileUpload Filter</filter-name>
        <filter-class>org.primefaces.webapp.filter.FileUploadFilter</filter-class>
        <init-param>
            <param-name>thresholdSize</param-name>
            <param-value>4096</param-value> <!-- 4 Mb -->
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>PrimeFaces FileUpload Filter</filter-name>
        <servlet-name>Faces Servlet</servlet-name>
    </filter-mapping>
</web-app>

这是我的名为 SessionFilter 的 Servlet 过滤器

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package com.shadibandhan.ControllerLayer;

import java.io.IOException;
import java.util.ArrayList;
import java.util.StringTokenizer;
import javax.servlet.*;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 *
 * @author MUDASSIR
 */
public class SessionFilter implements Filter {

    private ArrayList<String> urlList;

    @Override
    public void init(FilterConfig config) throws ServletException {

        System.out.println("****************************************");
        System.out.println("***Session Filter Servlet initialized***");
        System.out.println("****************************************");
        String urls = config.getInitParameter("avoid-urls");
        System.out.println("The urls to avoid are = " + urls);
        StringTokenizer token = new StringTokenizer(urls, ",");

        urlList = new ArrayList<String>();

        while (token.hasMoreTokens()) {
            urlList.add(token.nextToken());

        }
    }

    @Override
    public void doFilter(ServletRequest req, ServletResponse res,
            FilterChain chain) throws IOException, ServletException {

        System.out.println("This is the doFilter method");

        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;
        String servletPath = request.getRequestURI();
        String contextPath = request.getContextPath();
        String remoteHost = request.getRemoteHost();
        String url = contextPath + servletPath;
        System.out.println("-----------------> Servlet path is = " + servletPath);
        System.out.println("-----------------> Context path is " + contextPath);
        System.out.println("-----------------> URL is " + url);
        System.out.println("-----------------> Remote Host is " + remoteHost);
        boolean allowedRequest = false;

        if (urlList.contains(servletPath)) {
            allowedRequest = true;
        }

        if (!allowedRequest) {
            HttpSession session = request.getSession(false);
            if (null == session) {

                System.out.println("Session is not present");
                response.sendRedirect(contextPath);
                return;

            } if (null != session) {
                //String loggedIn = (String) session.getAttribute("sb_logged_in");
                System.out.println("Session is present");
                System.out.println("\nSession no. is = " + session.getId());

                if (session.getAttribute("logged-in") == "true") {
                    System.out.println("Session logged-in attribute is true, " + session.getAttribute("sessionUsername") + " is logged in.");

                    //ServletContext context = request.getServletContext();

                    RequestDispatcher dispatcher = request.getRequestDispatcher(servletPath);
                    dispatcher.forward(request, response);
                } else {
                    System.out.println("Session logged-in attribute is not true");
                    response.sendRedirect(contextPath);
                    return;
                }
            }
        }

        chain.doFilter(req, res);
    }

    @Override
    public void destroy() {
    }
}

之前,我使用 request.getServletPath()。现在,我正在使用 request.getRequestURI() 来获取用户想要去的路径。

但它没有打开页面。当我尝试访问受限制的页面时,会调用 sessionfilter,它会给我这个错误。

type Status report

message /ShadiBandhan/ShadiBandhan/faces/com.shadibandhan.Restricted/home.xhtml

description The requested resource (/ShadiBandhan/ShadiBandhan/faces/com.shadibandhan.Restricted/home.xhtml) is not available.

我之前问过这个问题,但标题不同,这使得它不清楚。 登录时索引页面上的 JSF ServletFilter 限制

注意这是两次添加上下文。我不知道为什么。任何人都可以帮助我。谢谢

4

1 回答 1

1

已经包含上下文路径,这getRequestURI()就是您在最终 URL 中看到它两次的原因。要获取没有上下文路径的请求 URI,请将其子串如下:

String contextRelativeURI = request.getRequestURI().substring(request.getContextPath().length());

顺便说一句,在那次通话return之后有一个缺失的陈述。forward()

于 2012-06-30T14:46:28.420 回答