在JSF的映射中使用FORWARD时,Servlet筛选器将陷入无限循环 [英] Servlet Filter going in infinite loop when FORWARD used in mapping in JSF
问题描述
我在web.xml中定义了一个过滤器,如下所示:-
I have a filter defined in web.xml like following:-
<filter-mapping>
<filter-name>AuthenticationFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>ERROR</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
</filter-mapping>
<filter>
<display-name>AuthenticationFilter</display-name>
<filter-name>AuthenticationFilter</filter-name>
<filter-class>com.filters.AuthenticationFilter</filter-class>
</filter>
,在过滤器中,我有以下代码:-
and In the filter I have following code:-
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
// TODO Auto-generated method stub
// place your code here
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse hres = (HttpServletResponse) response;
String pathInfo = httpRequest.getRequestURI().trim();
System.out.println(pathInfo);
// Do not process any non-jsp files or LogIn.jsp ! pathInfo.endsWith("jsf") ||
if (pathInfo.endsWith("RegistrationForm.jsf") || pathInfo.endsWith("Login.jsf")) {
chain.doFilter(request, response);
return;
}
// pass the request along the filter chain
User user = (User) httpRequest.getSession().getAttribute("USER_IN_SESSION");
if(user==null)
hres.sendRedirect("Login.jsf");
else {
chain.doFilter(request, response);
}
}
问题在于,如果我使用Topic.jsp调用应用程序,它将像这样循环遍历:-
The problem is that if I invoke the app with Topic.jsp it loops over like this:-
Topic.jsp
LogIn.jsf
Login.jsp
Login.jsf
Login.jsp
...
我发现问题是映射中的FORWARD.如果删除该条目,它将起作用
I have found the problem is the FORWARD in mappings. and if remove this entry, it works
<dispatcher>FORWARD</dispatcher>
请帮助我解决无限循环交替出现 .jsp& .jsf :)
Please help me solve this puzzzle of infinite loop alternating .jsp & .jsf :)
推荐答案
首先,为什么还要挂接到forward/include/error调度上(默认)全局和全覆盖request?
First of all, why do you want to hook on forward/include/error dispatchings as well next to the (default) global and all-covering request?
摆脱过滤器映射中的所有这些<dispatcher>行.您不需要其中任何一个进行身份验证过滤器. HTTP请求是唯一重要的请求.内部转发/包含/错误分配只能在HTTP请求已到达(并已过滤)时进行.
Get rid of all those <dispatcher> lines in your filter mapping. You don't need any of them for an authentication filter. The HTTP requests are the only which counts. The internal forward/include/error dispatchings can only take place when the HTTP request has already been arrived (and filtered).
此外,除了对此请求URI进行检查之外,您还可以将过滤器映射到更具体的<url-pattern>上,例如/secured/*左右,然后将所有需要登录的页面放在该页面上,然后将注册和登录页面放在该页面上外面.
Also, instead of this check on the request URI, you can also map the filter on a more specific <url-pattern> like /secured/* or so and put all pages which require a login over there and put the register and login page outside.
这篇关于在JSF的映射中使用FORWARD时,Servlet筛选器将陷入无限循环的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
