This content has been marked as final.
Show 3 replies
-
1. Re: RichFaces 3.2.2 and sendRedirect from Filter Servlet: no FacesContext
nbelaevski Apr 21, 2010 5:52 AM (in response to davidec)Davide,
Can you please post your web.xml file and filter code?
-
2. Re: RichFaces 3.2.2 and sendRedirect from Filter Servlet: no FacesContext
davidec Apr 21, 2010 6:09 AM (in response to nbelaevski)Hello!
Thanks for the quick reply. The relevant parts of the web.xml follow (the index.html page uses a meta tag to redirect to the home page, a process which works properly if the LoginFilter is disabled)
<filter>
<filter-name>richfaces</filter-name>
<filter-class>org.ajax4jsf.Filter</filter-class>
</filter>
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>it.units.htl.web.users.LoginFilter</filter-class>
<init-param>
<param-name>login_page</param-name>
<param-value>/adir/index.jspf</param-value>
</init-param>
</filter>
<filter>
<filter-name>ViewerFilter</filter-name>
<filter-class>package.Class</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>*.jspf</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ViewerFilter</filter-name>
<url-pattern>*.view</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>richfaces</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.view</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jspf</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<security-constraint>
<web-resource-collection>
<web-resource-name>Faces Servlet</web-resource-name>
<url-pattern>*.jspf</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>The LoginFilter is as follows, except for the imports:
public class LoginFilter implements Filter {
private String loginPage;
private List<String> areas;
private Log log = LogFactory.getLog(LoginFilter.class);
public LoginFilter() {
@SuppressWarnings("unchecked")
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpSession session = ((HttpServletRequest) request).getSession(false);
String requestURI = ((HttpServletRequest) request).getRequestURI();
String[] url = requestURI.split("[/]");
ArrayList<String> patterns = (ArrayList<String>) session.getAttribute("secPolicies");
if(patterns == null){
log.error("Couldn't find policies configuration for this user");
((HttpServletResponse)response).sendRedirect(loginPage);
}
areas = Arrays.asList((String[])session.getAttribute("areas"));
if(areas == null){
log.error("Couldn't find policies configuration");
((HttpServletResponse)response).sendRedirect(loginPage);
}
boolean authorized = false;
if (areas.contains(url[url.length - 2])) {
for (String p : patterns) {
Pattern patToVerify = Pattern.compile(p);
Matcher matcher = patToVerify.matcher(url[url.length - 2]);
if (matcher.find()) {
authorized = true;
}
}
if (authorized || request.getAttribute("auth") != null) {
request.setAttribute("auth", true);
chain.doFilter(request, response);
} else {
((HttpServletResponse)response).sendRedirect(loginPage);
}
} else {
chain.doFilter(request, response);
}
}else if(checkIfViewer(session)){
areas = Arrays.asList((String[])session.getAttribute("vwAreas"));
if(areas == null){
((HttpServletResponse)response).sendRedirect(loginPage);
}
if(areas.contains(url[url.length - 2])){
if("studies".equals(url[url.length - 2])){
chain.doFilter(request, response);
}else{
((HttpServletResponse)response).sendRedirect(loginPage);
}
}else{
try{
chain.doFilter(request, response);
}catch (Exception e) {
((HttpServletResponse)response).sendRedirect(loginPage);
}
}
}else{
if(!requestURI.equals(loginPage)){
((HttpServletResponse)response).sendRedirect(loginPage);
}else{
try{
chain.doFilter(request, response);
}catch (Exception e) {
((HttpServletResponse)response).sendRedirect(loginPage);
}
}
}
}
private boolean checkIfViewer(HttpSession session) {
if(session != null){
if(session.getAttribute("isViewer") != null){
return true;
}else{
return false;
}
}
return false;
}
public static boolean checkLoginState(Object request) throws IOException,
ServletException {
boolean isLoggedIn = false;
HttpSession session = ((HttpServletRequest) request).getSession(false);
UserBean managedUserBean = null;
if (null != session && (null != (managedUserBean = (UserBean) session.getAttribute("userBean")))) {
if (managedUserBean.isIsLoggedIn()) {
isLoggedIn = true;
}
}
return isLoggedIn;
}
public void init(FilterConfig filterConfig) {
if (filterConfig != null) {
loginPage = filterConfig.getInitParameter("login_page");
}
}
}Message was edited by: Davide Cicuta to reformat XML
-
3. Re: RichFaces 3.2.2 and sendRedirect from Filter Servlet: no FacesContext
davidec Apr 21, 2010 9:44 AM (in response to davidec)Hello!
Just for posterity (and me, when I forget ):
The issue was that the LoginFilter never called the richfaces filter, so adding
<filter-mapping>
<filter-name>richfaces</filter-name>
<url-pattern>*.jspf</url-pattern>
</filter-mapping>before the LoginFilter mapping seems to do the job (the context is created before the Login verifications).