执行JSF导航时，不会调用映射在前向调度程序上的过滤器 [英] Filter mapped on forward dispatcher isn't invoked when JSF navigation is performed

查看：106 发布时间：2019/1/8 13:13:36 java jsf servlet-filters

本文介绍了执行JSF导航时，不会调用映射在前向调度程序上的过滤器的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我正在尝试使用Tomcat 7使用登录系统编写一个简单的JSF Web应用程序。

I'm trying to code a simple JSF web application with a login system using Tomcat 7.

我有两个页面：index.xhtml和/ restricted / welcome.xhtml。

I have got two pages: index.xhtml and /restricted/welcome.xhtml.

以下/ restricted / *页面只能由登录的用户访问。

Pages below "/restricted/*" shall be only accessible to users logged in.

直接浏览welcome.xhtml会导致我的过滤器被执行，从index.xhtml转发到welcome.xhtml会绕过过滤器。我无法想象为什么不执行过滤器。

Surfing directly to the welcome.xhtml causes my filter to be executed, forwarding from index.xhtml to welcome.xhtml bypasses the filter. I can't imagine why the filter is not executed.

RestrictedAreaFilter.java：

RestrictedAreaFilter.java:

@WebFilter(value = { "/restricted/*" }, dispatcherTypes = { DispatcherType.FORWARD, DispatcherType.REQUEST, DispatcherType.ASYNC, DispatcherType.ERROR, DispatcherType.INCLUDE })
public class RestrictedAreaFilter implements Filter {

@Override
public void destroy() {

}

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
    HttpServletRequest httpReq = (HttpServletRequest) request;
    User user = (User) httpReq.getSession().getAttribute("user");

    if (user != null && user.isLoggedIn()) {
        chain.doFilter(request, response);
    } else {
        httpReq.getRequestDispatcher("/access_denied.xhtml").forward(request, response);
    }
}

@Override
public void init(FilterConfig arg0) throws ServletException {

}

}

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html">
<head>
<title>Login</title>
</head>
<body>
<h:form id="form">
    <h:panelGrid id="grid" columns="2">
        <h:outputLabel value="Benutzername" for="username" />
        <h:inputText id="username" value="#{login.username}" />
        <h:outputLabel value="Passwort:" for="password" />
        <h:inputSecret id="password" value="#{login.password}">
            <f:validateLength minimum="4" maximum="16" />
        </h:inputSecret>
        <h:message style="color: red" for="password" />

    </h:panelGrid>
    <h:commandButton id="login" value="Login" action="#{login.proceed}" />
</h:form>
</body>
</html>

@ManagedBean(name = "login")
@RequestScoped
public class LoginBean {

@ManagedProperty(value = "#{user}")
private User user;

private String username;
private String password;

public void setUser(User user) {
    this.user = user;
}

public String getUsername() {
    return username;
}

public void setUsername(String username) {
    this.username = username;
}

public String getPassword() {
    return password;
}

public void setPassword(String password) {
    this.password = password;
}

public String proceed() {
    user.setLoggedIn(true);

    return "restricted/welcome.xhtml";
}
}

推荐答案

FORWARD 仅在 RequestDispatcher＃forward（） 已在webapp的某处调用码。标准的JSF导航处理程序不会这样做。它只是调用 ViewHandler #createView（） 并将其设置为当前视图 FacesContext＃setViewRoot（） 。

The FORWARD dispatcher is only triggered when RequestDispatcher#forward() is been invoked somewhere in the webapp's code. The standard JSF navigation handler doesn't do that. It just invokes ViewHandler#createView() and sets it as current view by FacesContext#setViewRoot().

发送重定向：

public String proceed() {
    user.setLoggedIn(true);

    return "restricted/welcome.xhtml?faces-redirect=true";
}

这也是建议的做法。现在它是一个可收藏的页面（URL更改现在反映在浏览器的地址栏中），刷新/ F5页面不会导致POST被不必要地重新执行，按下后退按钮不会导致意外。

This is by the way also the recommended practice. Now it's a bookmarkable page (the URL change is now reflected in browser's address bar) and refreshing/F5'ing the page won't result in the POST unnecessarily being re-executed and pressing back button won't result in surprises.

如果你真的坚持使用JSF调用 FORWARD 调度程序，你可以随时使用 ExternalContext #dissatch（） 方法，但不推荐方式。

If you really insist in invoking the FORWARD dispatcher using JSF, you can always use ExternalContext#dispatch() method, but this is not the recommended way.

public void proceed() throws IOException {
    user.setLoggedIn(true);

    FacesContext.getCurrentInstance().getExternalContext().dispatch("restricted/welcome.xhtml")
}

这篇关于执行JSF导航时，不会调用映射在前向调度程序上的过滤器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！

查看全文

执行JSF导航时，不会调用映射在前向调度程序上的过滤器 [英] Filter mapped on forward dispatcher isn't invoked when JSF navigation is performed

问题描述

推荐答案

相关文章

Java开发最新文章

热门教程

热门工具

登录关闭

执行JSF导航时，不会调用映射在前向调度程序上的过滤器 [英] Filter mapped on forward dispatcher isn&#39;t invoked when JSF navigation is performed

问题描述

推荐答案

相关文章

Java开发最新文章

热门教程

热门工具

登录 关闭

执行JSF导航时，不会调用映射在前向调度程序上的过滤器 [英] Filter mapped on forward dispatcher isn't invoked when JSF navigation is performed

登录关闭