13 Replies Latest reply on Feb 26, 2009 12:47 PM by Nick Belaevski

    Filter Session Login and not work css

    baris bicer Newbie

      hello everbody
      i have problem about user session control that make it with filter
      when i login program ok make control but not work css file and js file
      how can i solve a problem pls help me

      
      import java.io.IOException;
      import javax.servlet.Filter;
      import javax.servlet.FilterChain;
      import javax.servlet.FilterConfig;
      import javax.servlet.ServletException;
      import javax.servlet.ServletRequest;
      import javax.servlet.ServletResponse;
      import javax.servlet.http.HttpServletRequest;
      import javax.servlet.http.HttpServletResponse;
      import javax.servlet.http.HttpSession;
      
      
      /**
       *
       * @author Baris Bicer
       */
      public class SecurityCheckFilter implements Filter {
      
       @SuppressWarnings("unused")
       private final static String FILTER_APPLIED = "Security_filter_applied";
      
       public SecurityCheckFilter() { }
      
       public void init(FilterConfig conf) throws ServletException {
       }
      
       public void destroy() {
       }
      
       /**Creates a new instance of SecurityCheckFilter */
       public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException
       {
       HttpServletRequest hreq = (HttpServletRequest)request;
       HttpServletResponse hres = (HttpServletResponse)response;
       HttpSession session = hreq.getSession();
      
       String url = hreq.getRequestURI();
       System.out.println("URL:........."+url);
      
       boolean notLoginPage =url.endsWith("login.jsf") == false;
       boolean isJsp =url.endsWith(".jsf");
      
       /**login.jsp filtre edilmez because otherwise an endless loop.
       * & only filter .jsf.
       */
      
       if (notLoginPage && isJsp)
       {
       /* There is no User attribute so redirect to login page */
       if(session.getAttribute("username") == null)
       {
       /* Set a message so that login page can pick it up and display it */
       session.setAttribute("ATTR_MSG", "Your session has timed out, please login again");
       hres.sendRedirect("/CurrencyWEB/Login/login.jsf");
       return;
       }
       }
       /* deliver request to next filter */
       chain.doFilter(request, response);
       }
       }
      


        • 1. Re: Filter Session Login and not work css
          Nick Belaevski Master

          Probably you are redirecting resource requests to login page. You shouldn't do that. This method: org.ajax4jsf.webapp.WebXml#getFacesResourceKey(HttpServletRequest) will return null for non-resource requests.

          • 2. Re: Filter Session Login and not work css
            baris bicer Newbie

            thank you so much reply me

            yes redirecting request to login page .
            can you alitle give exaple how can i make

            • 3. Re: Filter Session Login and not work css
              baris bicer Newbie

              i use eclipse Ganymede and wasce 2.1

              • 4. Re: Filter Session Login and not work css
                baris bicer Newbie

                i do like this but i get error message
                pls help

                
                package guvFilter;
                
                
                import java.io.IOException;
                import javax.servlet.Filter;
                import javax.servlet.FilterChain;
                import javax.servlet.FilterConfig;
                import javax.servlet.ServletException;
                import javax.servlet.ServletRequest;
                import javax.servlet.ServletResponse;
                import javax.servlet.http.HttpServletRequest;
                import javax.servlet.http.HttpServletResponse;
                import javax.servlet.http.HttpSession;
                import org.ajax4jsf.webapp.WebXml;
                
                
                
                /**
                 *
                 * @author Baris Bicer
                 */
                public class SecurityCheckFilter implements Filter {
                
                 @SuppressWarnings("unused")
                 private final static String FILTER_APPLIED = "Security_filter_applied";
                
                 public SecurityCheckFilter() { }
                
                 public void init(FilterConfig conf) throws ServletException {
                 }
                
                 public void destroy() {
                 }
                
                 /**Creates a new instance of SecurityCheckFilter */
                 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException
                 {
                
                
                 try{
                
                 WebXml a = new WebXml();
                 HttpServletRequest hreq = (HttpServletRequest)request;
                 HttpServletResponse hres = (HttpServletResponse)response;
                 HttpSession session = hreq.getSession();
                 a.getFacesResourceKey(hreq);
                 System.out.println("Sonuc:"+a);
                
                 // String url = hreq.getRequestURI();
                 // System.out.println("URL:........."+url);
                
                 // boolean notLoginPage =url.endsWith("login.jsf") == false;
                 // boolean isJsp =url.endsWith(".jsf");
                
                 /**login.jsp filtre edilmez because otherwise an endless loop.
                 * & only filter .jsf.
                 */
                
                 // if (notLoginPage && isJsp)
                 if (a != null)
                 {
                 /* There is no User attribute so redirect to login page */
                 if(session.getAttribute("username") == null)
                 {
                 /* Set a message so that login page can pick it up and display it */
                 session.setAttribute("ATTR_MSG", "Your session has timed out, please login again");
                 hres.sendRedirect("/CurrencyWEB/Login/login.jsf");
                 return;
                 }
                 }
                 /* deliver request to next filter */
                 chain.doFilter(request, response);
                 }catch (Exception exp)
                 {
                 System.out.println("Hata:"+exp);
                 }
                
                
                 }
                 }
                
                
                
                
                


                • 5. Re: Filter Session Login and not work css
                  baris bicer Newbie

                  erorr message like this

                  java.lang.NullPointerException
                  java.lang.String.startsWith(String.java:1252)
                  java.lang.String.startsWith(String.java:1281)
                  org.ajax4jsf.webapp.WebXml.getFacesResourceKey(WebXml.java:189)
                  org.ajax4jsf.webapp.WebXml.getFacesResourceKey(WebXml.java:222)

                  • 6. Re: Filter Session Login and not work css
                    Nick Belaevski Master

                    Can you please post web.xml file?

                    • 7. Re: Filter Session Login and not work css
                      baris bicer Newbie





                      <?xml version="1.0" encoding="UTF-8"?>
                      <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                       xmlns="http://java.sun.com/xml/ns/javaee"
                       xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
                       xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
                       http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
                       id="WebApp_ID" version="2.5">
                      
                       <display-name>CurrencyWEB</display-name>
                      
                      
                       <welcome-file-list>
                       <welcome-file>index.jsp</welcome-file>
                       </welcome-file-list>
                      
                       <context-param>
                       <param-name>org.ajax4jsf.handleViewExpiredOnClient</param-name>
                       <param-value>true</param-value>
                      </context-param>
                      
                      
                       <!-- Filter definitions -->
                       <filter>
                       <filter-name>Security Page Filter</filter-name>
                       <filter-class>guvFilter.SecurityCheckFilter</filter-class>
                       </filter>
                       <filter-mapping>
                       <filter-name>Security Page Filter</filter-name>
                       <url-pattern>*.jsf</url-pattern>
                       </filter-mapping>
                      
                       <session-config>
                       <session-timeout>30</session-timeout>
                       </session-config>
                      
                      
                       <resource-ref>
                       <res-ref-name>jdbc/MyDataSource</res-ref-name>
                       <res-type>javax.sql.DataSource</res-type>
                       <res-auth>Container</res-auth>
                       <res-sharing-scope>Shareable</res-sharing-scope>
                       </resource-ref>
                      
                       <resource-ref>
                       <res-ref-name>jdbc/AccountDS</res-ref-name>
                       <res-type>javax.sql.DataSource</res-type>
                       <res-auth>Container</res-auth>
                       <res-sharing-scope>Shareable</res-sharing-scope>
                       </resource-ref>
                      
                      
                       <ejb-local-ref>
                       <ejb-ref-name>ejb/GuvOnbilgiInterface</ejb-ref-name>
                       <ejb-ref-type>Session</ejb-ref-type>
                       <local>guvenlik.jpa.GuvOnbilgiInterface</local>
                       <ejb-link>GuvOnbilgiBean</ejb-link>
                       </ejb-local-ref>
                      
                       <servlet>
                       <servlet-name>Faces Servlet</servlet-name>
                       <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
                       <load-on-startup>1</load-on-startup>
                       </servlet>
                      
                       <servlet-mapping>
                       <servlet-name>Faces Servlet</servlet-name>
                       <url-pattern>*.jsf</url-pattern>
                       </servlet-mapping>
                      
                       <!-- richfaces -->
                      
                       <context-param>
                       <param-name>org.richfaces.SKIN</param-name>
                       <param-value>deepMarine</param-value>
                       </context-param>
                      
                       <context-param>
                       <param-name>org.richfaces.CONTROL_SKINNING</param-name>
                       <param-value>enable</param-value>
                       </context-param>
                      
                       <context-param>
                       <param-name>org.richfaces.LoadScriptStrategy</param-name>
                       <param-value>ALL</param-value>
                       </context-param>
                      
                       <context-param>
                       <param-name>org.richfaces.LoadStyleStrategy</param-name>
                       <param-value>ALL</param-value>
                       </context-param>
                      
                      
                      
                       <filter>
                       <display-name>RichFaces Filter</display-name>
                       <filter-name>richfaces</filter-name>
                       <filter-class>org.ajax4jsf.Filter</filter-class>
                       </filter>
                      
                       <filter-mapping>
                       <filter-name>richfaces</filter-name>
                       <servlet-name>Faces Servlet</servlet-name>
                       <dispatcher>REQUEST</dispatcher>
                       <dispatcher>FORWARD</dispatcher>
                       <dispatcher>INCLUDE</dispatcher>
                       </filter-mapping>
                      
                       <!-- richfaces -->
                      
                      
                       <!-- Trinidad -->
                      
                       <filter>
                       <filter-name>trinidad</filter-name>
                       <filter-class>org.apache.myfaces.trinidad.webapp.TrinidadFilter</filter-class>
                       </filter>
                      
                       <filter-mapping>
                       <filter-name>trinidad</filter-name>
                       <servlet-name>Faces Servlet</servlet-name>
                       </filter-mapping>
                      
                       <!-- resource loader servlet -->
                       <servlet>
                       <servlet-name>resources</servlet-name>
                       <servlet-class>org.apache.myfaces.trinidad.webapp.ResourceServlet</servlet-class>
                       </servlet>
                      
                       <servlet-mapping>
                       <servlet-name>resources</servlet-name>
                       <url-pattern>/adf/*</url-pattern>
                       </servlet-mapping>
                      
                       <!-- Trinidad -->
                      
                      
                       </web-app>
                      
                      


                      • 8. Re: Filter Session Login and not work css
                        baris bicer Newbie

                        this my filter thank you so much

                        package guvFilter;
                        
                        
                        import java.io.IOException;
                        import javax.servlet.Filter;
                        import javax.servlet.FilterChain;
                        import javax.servlet.FilterConfig;
                        import javax.servlet.ServletException;
                        import javax.servlet.ServletRequest;
                        import javax.servlet.ServletResponse;
                        import javax.servlet.http.HttpServletRequest;
                        import javax.servlet.http.HttpServletResponse;
                        import javax.servlet.http.HttpSession;
                        import org.ajax4jsf.webapp.WebXml;
                        
                        
                        
                        /**
                         *
                         * @author Baris Bicer
                         */
                        public class SecurityCheckFilter implements Filter {
                        
                         @SuppressWarnings("unused")
                         private final static String FILTER_APPLIED = "Security_filter_applied";
                        
                         public SecurityCheckFilter() { }
                        
                         public void init(FilterConfig conf) throws ServletException {
                         }
                        
                         public void destroy() {
                         }
                        
                         /**Creates a new instance of SecurityCheckFilter */
                        
                         public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException
                         {
                        
                         WebXml a = new WebXml();
                         HttpServletRequest hreq = (HttpServletRequest)request;
                         HttpServletResponse hres = (HttpServletResponse)response;
                         HttpSession session = hreq.getSession();
                        
                        
                         /**login.jsp filtre edilmez because otherwise an endless loop.
                         * & only filter .jsf.
                         */
                         try{
                         if (a.getFacesResourceKey(hreq)==null)
                         {
                         /* There is no User attribute so redirect to login page */
                         if(session.getAttribute("username") == null)
                         {
                         /* Set a message so that login page can pick it up and display it */
                         session.setAttribute("ATTR_MSG", "Your session has timed out, please login again");
                         hres.sendRedirect("/CurrencyWEB/Login/login.jsf");
                         return;
                         }
                         }
                         }catch(Exception ex){
                         System.out.println("Hata:"+ex);
                         }
                         /* deliver request to next filter */
                         chain.doFilter(request, response);
                        
                         }
                         }
                        
                        
                        
                        
                        


                        • 9. Re: Filter Session Login and not work css
                          baris bicer Newbie

                          it do nothing only get erorr message like this
                          error:java.lang.NullPointerException




                          • 10. Re: ClassNotFoundException  in Ajax4jsf using JSeam2.1.1GA
                            zwz mycoy Newbie

                            To nbelaevski:
                            I have tried:
                            - richfaces-api.jar - to EAR\lib
                            - richfaces-ui.jar & richfaces.impl.jar - to WAR\WEb-INF\lib
                            Find that richfaces-api.jar is also needed in WAR\WEb-INF\lib or there would be ClassNotFoundException.
                            The Exception is the same : org.ajax4jsf.resource.ResourceNotFoundException: Resource not registered : org/richfaces/renderkit/html/scripts/skinning.js.seam.

                            But when deploying,no exception. that excption come out when pages are requested.

                            Maybe my configuration files is wrong or some jars are indeed ommitted.
                            the faces-config.xml:
                            <faces-config version="1.2" xmlns="http://java.sun.com/xml/ns/javaee"
                            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                            xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-facesconfig_1_2.xsd">

                            </faces-config>

                            the components.xml:
                            <components xmlns="http://jboss.com/products/seam/components"
                            xmlns:core="http://jboss.com/products/seam/core"
                            xmlns:xsi="http://www.w3.org/200>
                            <res-ref-name>jdbc/AccountDS</res-ref-name>
                            <res-type>javax.sql.DataSource</res-type>
                            <res-auth>Container</res-auth>
                            <res-sharing-scope>Shareable</res-sharing-scope>
                            </resource-ref>


                            <ejb-local-ref>
                            <ejb-ref-name>ejb/GuvOnbilgiInterface</ejb-ref-name>
                            <ejb-ref-type>Session</ejb-ref-type>
                            guvenlik.jpa.GuvOnbilgiInterface
                            <ejb-link>GuvOnbilgiBean</ejb-link>
                            </ejb-local-ref>


                            <servlet-name>Faces Servlet</servlet-name>
                            <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
                            <load-on-startup>1</load-on-startup>


                            <servlet-mapping>
                            <servlet-name>Faces Servlet</servlet-name>
                            <url-pattern>*.jsf</url-pattern>
                            </servlet-mapping>

                            <!-- richfaces -->

                            <context-param>
                            <param-name>org.richfaces.SKIN</param-name>
                            <param-value>deepMarine</param-value>
                            </context-param>

                            <context-param>
                            <param-name>org.richfaces.CONTROL_SKINNING</param-name>
                            <param-value>enable</param-value>
                            </context-param>

                            <context-param>
                            <param-name>org.richfaces.LoadScriptStrategy</param-name>
                            <param-value>ALL</param-value>
                            </context-param>

                            <context-param>
                            <param-name>org.richfaces.LoadStyleStrategy</param-name>
                            <param-value>ALL</param-value>
                            </context-param>




                            <display-name>RichFaces Filter</display-name>
                            <filter-name>richfaces</filter-name>
                            <filter-class>org.ajax4jsf.Filter</filter-class>


                            <filter-mapping>
                            <filter-name>richfaces</filter-name>
                            <servlet-name>Faces Servlet</servlet-name>
                            REQUEST
                            FORWARD
                            INCLUDE
                            </filter-mapping>

                            <!-- richfaces -->


                            <!-- Trinidad -->


                            <filter-name>trinidad</filter-name>
                            <filter-class>org.apache.myfaces.trinidad.webapp.TrinidadFilter</filter-class>


                            <filter-mapping>
                            <filter-name>trinidad</filter-name>
                            <servlet-name>Faces Servlet</servlet-name>
                            </filter-mapping>

                            <!-- resource loader servlet -->

                            <servlet-name>resources</servlet-name>
                            <servlet-class>org.apache.myfaces.trinidad.webapp.ResourceServlet</servlet-class>


                            <servlet-mapping>
                            <servlet-name>resources</servlet-name>
                            <url-pattern>/adf/*</url-pattern>
                            </servlet-mapping>

                            <!-- Trinidad -->


                            </web-app>

                            • 11. Re: Filter Session Login and not work css
                              Nick Belaevski Master

                              web.xml and components.xml files got messed. Can you please repost?

                              • 12. Re: Filter Session Login and not work css
                                baris bicer Newbie

                                thank all you reply
                                can you give alternative login control session pls
                                how should i do

                                <?xml version="1.0" encoding="UTF-8"?>
                                <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                                 xmlns="http://java.sun.com/xml/ns/javaee"
                                 xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
                                 xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
                                 http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
                                 id="WebApp_ID" version="2.5">
                                
                                 <display-name>CurrencyWEB</display-name>
                                
                                
                                 <welcome-file-list>
                                 <welcome-file>index.jsp</welcome-file>
                                 </welcome-file-list>
                                
                                 <context-param>
                                 <param-name>org.ajax4jsf.handleViewExpiredOnClient</param-name>
                                 <param-value>true</param-value>
                                </context-param>
                                
                                
                                 <!-- Filter definitions -->
                                 <filter>
                                 <filter-name>Security Page Filter</filter-name>
                                 <filter-class>guvFilter.SecurityCheckFilter</filter-class>
                                 </filter>
                                 <filter-mapping>
                                 <filter-name>Security Page Filter</filter-name>
                                 <url-pattern>*.jsf</url-pattern>
                                 </filter-mapping>
                                
                                 <session-config>
                                 <session-timeout>30</session-timeout>
                                 </session-config>
                                
                                
                                 <resource-ref>
                                 <res-ref-name>jdbc/MyDataSource</res-ref-name>
                                 <res-type>javax.sql.DataSource</res-type>
                                 <res-auth>Container</res-auth>
                                 <res-sharing-scope>Shareable</res-sharing-scope>
                                 </resource-ref>
                                
                                 <resource-ref>
                                 <res-ref-name>jdbc/AccountDS</res-ref-name>
                                 <res-type>javax.sql.DataSource</res-type>
                                 <res-auth>Container</res-auth>
                                 <res-sharing-scope>Shareable</res-sharing-scope>
                                 </resource-ref>
                                
                                
                                 <ejb-local-ref>
                                 <ejb-ref-name>ejb/GuvOnbilgiInterface</ejb-ref-name>
                                 <ejb-ref-type>Session</ejb-ref-type>
                                 <local>guvenlik.jpa.GuvOnbilgiInterface</local>
                                 <ejb-link>GuvOnbilgiBean</ejb-link>
                                 </ejb-local-ref>
                                
                                 <servlet>
                                 <servlet-name>Faces Servlet</servlet-name>
                                 <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
                                 <load-on-startup>1</load-on-startup>
                                 </servlet>
                                
                                 <servlet-mapping>
                                 <servlet-name>Faces Servlet</servlet-name>
                                 <url-pattern>*.jsf</url-pattern>
                                 </servlet-mapping>
                                
                                 <!-- richfaces -->
                                
                                 <context-param>
                                 <param-name>org.richfaces.SKIN</param-name>
                                 <param-value>deepMarine</param-value>
                                 </context-param>
                                
                                 <context-param>
                                 <param-name>org.richfaces.CONTROL_SKINNING</param-name>
                                 <param-value>enable</param-value>
                                 </context-param>
                                
                                 <context-param>
                                 <param-name>org.richfaces.LoadScriptStrategy</param-name>
                                 <param-value>ALL</param-value>
                                 </context-param>
                                
                                 <context-param>
                                 <param-name>org.richfaces.LoadStyleStrategy</param-name>
                                 <param-value>ALL</param-value>
                                 </context-param>
                                
                                
                                
                                 <filter>
                                 <display-name>RichFaces Filter</display-name>
                                 <filter-name>richfaces</filter-name>
                                 <filter-class>org.ajax4jsf.Filter</filter-class>
                                 </filter>
                                
                                 <filter-mapping>
                                 <filter-name>richfaces</filter-name>
                                 <servlet-name>Faces Servlet</servlet-name>
                                 <dispatcher>REQUEST</dispatcher>
                                 <dispatcher>FORWARD</dispatcher>
                                 <dispatcher>INCLUDE</dispatcher>
                                 </filter-mapping>
                                
                                 <!-- richfaces -->
                                
                                
                                 <!-- Trinidad -->
                                
                                 <filter>
                                 <filter-name>trinidad</filter-name>
                                 <filter-class>org.apache.myfaces.trinidad.webapp.TrinidadFilter</filter-class>
                                 </filter>
                                
                                 <filter-mapping>
                                 <filter-name>trinidad</filter-name>
                                 <servlet-name>Faces Servlet</servlet-name>
                                 </filter-mapping>
                                
                                 <!-- resource loader servlet -->
                                 <servlet>
                                 <servlet-name>resources</servlet-name>
                                 <servlet-class>org.apache.myfaces.trinidad.webapp.ResourceServlet</servlet-class>
                                 </servlet>
                                
                                 <servlet-mapping>
                                 <servlet-name>resources</servlet-name>
                                 <url-pattern>/adf/*</url-pattern>
                                 </servlet-mapping>
                                
                                 <!-- Trinidad -->
                                
                                
                                 </web-app>
                                
                                
                                
                                


                                • 13. Re: Filter Session Login and not work css
                                  Nick Belaevski Master

                                  Thank you, I've tried to run your code. This exception happens because there's no FacesContext instance when filter is working. I suggest that you either hard-code resource prefixes in your application (this can be set in web.xml) or implement security check in phase listener.