0

我已经在 J​​SF问题中使用这个基本安全性实现了授权过滤器,如下所示,它为应用程序的每个页面(每个页面)调用,以检查是否允许用户访问该页面。过滤器的 Grunt 代码如下

  public void doFilter(ServletRequest request, ServletResponse response,
                FilterChain chain) throws IOException, ServletException
 {

  HttpServletRequest httpRequest = (HttpServletRequest)request;
  HttpServletResponse httpResponse = (HttpServletResponse)response;
  HttpSession session = httpRequest.getSession();

  String requestPath = httpRequest.getPathInfo();
  String sevPath = httpRequest.getServletPath();



    if (sevPath.equals("/pages/login.jsf"))
    chain.doFilter(request, response);




     if (!sevPath.equals("/pages/login.jsf"))
     {
 if (((HttpServletRequest) request).getSession().getAttribute(
        AuthenticationBean.AUTH_USER) == null) 
  {
    ((HttpServletResponse) response).sendRedirect("/pages/login.jsf");
}
    else
{
    //..........................get user
        AuthenticationBean user = null;
        try
         {

        error: user = (AuthenticationBean) FacesContext.getCurrentInstance().
            getExternalContext().getSessionMap().get("authenticationBean");
         }
         catch (Exception ex)
         {
          ex.printStackTrace();
         }
         finally
         {

         }
    //...................................
        if (!user.getCurrentUser().getUserRole().equals("ADMIN"))
    {
        httpResponse.sendError(HttpServletResponse.SC_NOT_FOUND,"Restricted Access");
    }
        else
        {
            chain.doFilter(request, response);
        }

}
}


}

我在上面的代码中以错误为前缀的行得到 NullPointerException。我不能直接在过滤器中引用吗?或者还有什么可能是导致此错误的原因。提前致谢。

4

0 回答 0