在除索引之外的所有页面上使用 Servlet 过滤器 [英] Using Servlet filter on all the pages except the index
问题描述
我正在尝试使用 Filter 来强制我的用户在他们想要访问某些页面时登录.
I'm trying to use a Filter to force my users to login if they want to access some pages.
所以我的 Filter 必须在没有会话的情况下将它们重定向到错误页面.
So my Filter has to redirect them to an error page in there's no session.
但我不希望他们访问 index.html 时发生这种情况,因为他们可以在索引页面中登录.
But I don't want this to happen when they visit index.html, because they can login in the index page.
所以我需要一个 URL 模式来匹配除 / 和 index.xhtml 之外的所有页面.
So I need an URL Pattern that matches all the pages excluding / and index.xhtml.
我该怎么做?我可以在我的 web.xml 中使用正则表达式吗?
How can I do that? Can I use regex in my web.xml ?
阅读this
我认为我可以制作类似的东西:
I thought that I can make something like :
if (!req.getRequestURI().matches("((!?index)(.*)\\.xhtml)|((.*)\\.(png|gif|jpg|css|js(\\.xhtml)?))"))
在我的 doFilter() 方法中,但它仍然处理所有内容.
in my doFilter() method, but it still processes everything.
我确定正则表达式有效,因为我已经在线测试过它并且它匹配不需要过滤的文件,但是即使对于排除的文件也会执行 if 的内容!
I'm sure that the regex works because I've tested it online and it matches the files that doesn't need to be filtered, but the content of the if is executed even for the excluded files!
编辑 2:
我正在尝试一种新方法.
I'm trying a new way.
我已经在我的 web.xml 中将过滤器映射到 *.xhtml,所以我不需要用上面的正则表达式排除 css、图像和 javascript.
I've mapped the Filter to *.xhtml in my web.xml, so I don't need to exclude css, images and javascript with the regex above.
这是新代码(进入doFilter())
if (req.getRequestURI().contains("index")) {
chain.doFilter(request, response);
} else {
if (!userManager.isLogged()) {
request.getRequestDispatcher("error.xhtml").forward(request, response);
} else {
chain.doFilter(request, response);
}
}
但它仍然没有,因为它在每个页面上调用 chain.doFilter()(在外部 if).
but it still doesn't because it calls the chain.doFilter() (in the outer if) on every page.
如何将我的索引页排除在过滤之外?
How can I exclude my index page from being filtered?
推荐答案
web.xml URL 模式不支持正则表达式.它只支持通配符前缀(文件夹)和后缀(扩展名)匹配,如/faces/*和*.xhtml.
The web.xml URL pattern doesn't support regex. It only supports wildcard prefix (folder) and suffix (extension) matching like /faces/* and *.xhtml.
至于您的具体问题,您显然已将索引文件定义为 / 打开它.这样 request.getRequestURI() 将等于 /contextpath/,而不是 /contextpath/index.xhtml.调试 request.getRequestURI() 以了解过滤器实际检索的内容.
As to your concrete problem, you've apparently the index file defined as a <welcome-file> and are opening it by /. This way the request.getRequestURI() will equal to /contextpath/, not /contextpath/index.xhtml. Debug the request.getRequestURI() to learn what the filter actually retrieved.
我建议重写:
String path = request.getRequestURI().substring(request.getContextPath().length());
if (userManager.isLogged() || path.equals("/") || path.equals("/index.xhtml") || path.startsWith(ResourceHandler.RESOURCE_IDENTIFIER)) {
chain.doFilter(request, response);
} else {
request.getRequestDispatcher("/WEB-INF/error.xhtml").forward(request, response);
}
将此过滤器映射到 /*.请注意,我包含了 ResourceHandler.RESOURCE_IDENTIFIER 检查 JSF 资源,如
Map this filter on /*. Note that I included the ResourceHandler.RESOURCE_IDENTIFIER check so that JSF resources like <h:outputStylesheet>, <h:outputScript> and <h:graphicImage> will also be skipped, otherwise you end up with an index page without CSS/JS/images when the user is not logged in.
请注意,我假设 FacesServlet 映射到 *.xhtml 的 URL 模式上.否则,您需要相应地更改 /index.xhtml 对 path 的检查.
Note that I assume that the FacesServlet is mapped on an URL pattern of *.xhtml. Otherwise you need to alter the /index.xhtml check on path accordingly.
这篇关于在除索引之外的所有页面上使用 Servlet 过滤器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
