我正在尝试设置网络过滤器并需要一些帮助。我的过滤器在初始登录时工作正常,但是当会话超时并且我单击任何链接时,它会触发我的重定向语句,但浏览器中的网页永远不会被重定向。任何人都可以帮助解决这个问题吗?非常感激。
筛选
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package src;
import java.io.IOException;
import javax.faces.application.NavigationHandler;
import javax.faces.context.FacesContext;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
*
* @author Bernard
*/
@WebFilter(filterName = "LoginFilter", urlPatterns = {"/*"})
public class LoginFilter implements Filter {
//FilterConfig fc;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
//fc = filterConfig;
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
HttpSession session = req.getSession(true);
String pageRequested = req.getRequestURL().toString();
Boolean authenticated = (Boolean) session.getAttribute("authenticated");
if (authenticated == null) {
authenticated = false;
}
if (!authenticated && !pageRequested.contains("login")) {
res.setStatus(301);
res.sendRedirect(req.getContextPath() + "/login/login.xhtml");
} else {
chain.doFilter(request, response);
}
}
@Override
public void destroy() {
//fc = null;
}
}
Faces-config.xml
<?xml version='1.0' encoding='UTF-8'?>
<!-- =========== FULL CONFIGURATION FILE ================================== -->
<faces-config version="2.1"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-facesconfig_2_1.xsd">
<navigation-rule>
<from-view-id>/*</from-view-id>
<navigation-case>
<from-outcome>success</from-outcome>
<to-view-id>/index.xhtml</to-view-id>
<redirect/>
</navigation-case>
<navigation-case>
<from-outcome>failure</from-outcome>
<to-view-id>/login/login.xhtml</to-view-id>
<redirect/>
</navigation-case>
</navigation-rule>
</faces-config>
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
<servlet>
<servlet-name>FacesServlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>FacesServlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>/index.xhtml</welcome-file>
</welcome-file-list>
<filter>
<filter-name>restrict</filter-name>
<filter-class>src.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>restrict</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
验证 Bean
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package src;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.SessionScoped;
import javax.faces.context.ExternalContext;
import javax.faces.context.FacesContext;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
/**
*
* @author Bernard
*/
@ManagedBean
@SessionScoped
public class Authenticator {
private String username;
private String password;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String authenticateUser(ServletRequest request) {
HttpServletRequest req = (HttpServletRequest) request;
HttpSession session = req.getSession(true);
session.setMaxInactiveInterval(30);
Boolean authenticated = (Boolean) session.getAttribute("authenticated");
Database pgDatabase = new Database();
Admin foundAdmin = null;
try {
foundAdmin = (Admin) pgDatabase.findAdminByUsername(username);
} catch (ClassNotFoundException ex) {
Logger.getLogger(Authenticator.class.getName()).log(Level.SEVERE, null, ex);
}
Admin currentAdmin = new Admin();
currentAdmin.userName = username;
currentAdmin.password = this.hashPassword((password));
if (authenticated != null && authenticated != true) {
if (foundAdmin != null) {
if (currentAdmin.equals(foundAdmin)) {
authenticated = true;
session.setAttribute("authenticated", true);
return "success";
} else {
authenticated = false;
session.setAttribute("authenticated", false);
return "failure";
}
} else {
authenticated = false;
session.setAttribute("authenticated", false);
return "failure";
}
} else {
session.setAttribute("authenticated", true);
authenticated = true;
return "success";
}
}
public String logOut() {
FacesContext ctx = FacesContext.getCurrentInstance();
ExternalContext extCtx = ctx.getExternalContext();
Map<String, Object> sessionMap = extCtx.getSessionMap();
sessionMap.put("authenticated", false);
return "failure";
}
public String hashPassword(String passwordToHash) {
String hashword = null;
try {
MessageDigest md5 = MessageDigest.getInstance("MD5");
md5.update(password.getBytes());
BigInteger hash = new BigInteger(1, md5.digest());
hashword = hash.toString(16);
} catch (NoSuchAlgorithmException nsae) {
}
return hashword;
}
}