13 Replies Latest reply on Feb 26, 2009 12:47 PM by nbelaevski

Filter Session Login and not work css

barisbicer Feb 25, 2009 6:48 AM

hello everbody
i have problem about user session control that make it with filter
when i login program ok make control but not work css file and js file
how can i solve a problem pls help me


import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;


/**
 *
 * @author Baris Bicer
 */
public class SecurityCheckFilter implements Filter {

 @SuppressWarnings("unused")
 private final static String FILTER_APPLIED = "Security_filter_applied";

 public SecurityCheckFilter() { }

 public void init(FilterConfig conf) throws ServletException {
 }

 public void destroy() {
 }

 /**Creates a new instance of SecurityCheckFilter */
 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException
 {
 HttpServletRequest hreq = (HttpServletRequest)request;
 HttpServletResponse hres = (HttpServletResponse)response;
 HttpSession session = hreq.getSession();

 String url = hreq.getRequestURI();
 System.out.println("URL:........."+url);

 boolean notLoginPage =url.endsWith("login.jsf") == false;
 boolean isJsp =url.endsWith(".jsf");

 /**login.jsp filtre edilmez because otherwise an endless loop.
 * & only filter .jsf.
 */

 if (notLoginPage && isJsp)
 {
 /* There is no User attribute so redirect to login page */
 if(session.getAttribute("username") == null)
 {
 /* Set a message so that login page can pick it up and display it */
 session.setAttribute("ATTR_MSG", "Your session has timed out, please login again");
 hres.sendRedirect("/CurrencyWEB/Login/login.jsf");
 return;
 }
 }
 /* deliver request to next filter */
 chain.doFilter(request, response);
 }
 }

1. Re: Filter Session Login and not work css

nbelaevski Feb 25, 2009 7:15 AM (in response to barisbicer)

Probably you are redirecting resource requests to login page. You shouldn't do that. This method: org.ajax4jsf.webapp.WebXml#getFacesResourceKey(HttpServletRequest) will return null for non-resource requests.
Actions
2. Re: Filter Session Login and not work css

barisbicer Feb 25, 2009 8:01 AM (in response to barisbicer)

thank you so much reply me

yes redirecting request to login page .
can you alitle give exaple how can i make
Actions
3. Re: Filter Session Login and not work css

barisbicer Feb 25, 2009 8:14 AM (in response to barisbicer)

i use eclipse Ganymede and wasce 2.1
Actions

4. Re: Filter Session Login and not work css

barisbicer Feb 25, 2009 9:34 AM (in response to barisbicer)

i do like this but i get error message
pls help


package guvFilter;


import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.ajax4jsf.webapp.WebXml;



/**
 *
 * @author Baris Bicer
 */
public class SecurityCheckFilter implements Filter {

 @SuppressWarnings("unused")
 private final static String FILTER_APPLIED = "Security_filter_applied";

 public SecurityCheckFilter() { }

 public void init(FilterConfig conf) throws ServletException {
 }

 public void destroy() {
 }

 /**Creates a new instance of SecurityCheckFilter */
 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException
 {


 try{

 WebXml a = new WebXml();
 HttpServletRequest hreq = (HttpServletRequest)request;
 HttpServletResponse hres = (HttpServletResponse)response;
 HttpSession session = hreq.getSession();
 a.getFacesResourceKey(hreq);
 System.out.println("Sonuc:"+a);

 // String url = hreq.getRequestURI();
 // System.out.println("URL:........."+url);

 // boolean notLoginPage =url.endsWith("login.jsf") == false;
 // boolean isJsp =url.endsWith(".jsf");

 /**login.jsp filtre edilmez because otherwise an endless loop.
 * & only filter .jsf.
 */

 // if (notLoginPage && isJsp)
 if (a != null)
 {
 /* There is no User attribute so redirect to login page */
 if(session.getAttribute("username") == null)
 {
 /* Set a message so that login page can pick it up and display it */
 session.setAttribute("ATTR_MSG", "Your session has timed out, please login again");
 hres.sendRedirect("/CurrencyWEB/Login/login.jsf");
 return;
 }
 }
 /* deliver request to next filter */
 chain.doFilter(request, response);
 }catch (Exception exp)
 {
 System.out.println("Hata:"+exp);
 }


 }
 }

5. Re: Filter Session Login and not work css

barisbicer Feb 25, 2009 10:10 AM (in response to barisbicer)

erorr message like this

java.lang.NullPointerException
java.lang.String.startsWith(String.java:1252)
java.lang.String.startsWith(String.java:1281)
org.ajax4jsf.webapp.WebXml.getFacesResourceKey(WebXml.java:189)
org.ajax4jsf.webapp.WebXml.getFacesResourceKey(WebXml.java:222)
Actions
6. Re: Filter Session Login and not work css

nbelaevski Feb 25, 2009 10:52 AM (in response to barisbicer)

Can you please post web.xml file?
Actions

7. Re: Filter Session Login and not work css

barisbicer Feb 25, 2009 10:56 AM (in response to barisbicer)

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xmlns="http://java.sun.com/xml/ns/javaee"
 xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
 xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
 http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
 id="WebApp_ID" version="2.5">

 <display-name>CurrencyWEB</display-name>


 <welcome-file-list>
 <welcome-file>index.jsp</welcome-file>
 </welcome-file-list>

 <context-param>
 <param-name>org.ajax4jsf.handleViewExpiredOnClient</param-name>
 <param-value>true</param-value>
</context-param>


 <!-- Filter definitions -->
 <filter>
 <filter-name>Security Page Filter</filter-name>
 <filter-class>guvFilter.SecurityCheckFilter</filter-class>
 </filter>
 <filter-mapping>
 <filter-name>Security Page Filter</filter-name>
 <url-pattern>*.jsf</url-pattern>
 </filter-mapping>

 <session-config>
 <session-timeout>30</session-timeout>
 </session-config>


 <resource-ref>
 <res-ref-name>jdbc/MyDataSource</res-ref-name>
 <res-type>javax.sql.DataSource</res-type>
 <res-auth>Container</res-auth>
 <res-sharing-scope>Shareable</res-sharing-scope>
 </resource-ref>

 <resource-ref>
 <res-ref-name>jdbc/AccountDS</res-ref-name>
 <res-type>javax.sql.DataSource</res-type>
 <res-auth>Container</res-auth>
 <res-sharing-scope>Shareable</res-sharing-scope>
 </resource-ref>


 <ejb-local-ref>
 <ejb-ref-name>ejb/GuvOnbilgiInterface</ejb-ref-name>
 <ejb-ref-type>Session</ejb-ref-type>
 <local>guvenlik.jpa.GuvOnbilgiInterface</local>
 <ejb-link>GuvOnbilgiBean</ejb-link>
 </ejb-local-ref>

 <servlet>
 <servlet-name>Faces Servlet</servlet-name>
 <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
 <load-on-startup>1</load-on-startup>
 </servlet>

 <servlet-mapping>
 <servlet-name>Faces Servlet</servlet-name>
 <url-pattern>*.jsf</url-pattern>
 </servlet-mapping>

 <!-- richfaces -->

 <context-param>
 <param-name>org.richfaces.SKIN</param-name>
 <param-value>deepMarine</param-value>
 </context-param>

 <context-param>
 <param-name>org.richfaces.CONTROL_SKINNING</param-name>
 <param-value>enable</param-value>
 </context-param>

 <context-param>
 <param-name>org.richfaces.LoadScriptStrategy</param-name>
 <param-value>ALL</param-value>
 </context-param>

 <context-param>
 <param-name>org.richfaces.LoadStyleStrategy</param-name>
 <param-value>ALL</param-value>
 </context-param>



 <filter>
 <display-name>RichFaces Filter</display-name>
 <filter-name>richfaces</filter-name>
 <filter-class>org.ajax4jsf.Filter</filter-class>
 </filter>

 <filter-mapping>
 <filter-name>richfaces</filter-name>
 <servlet-name>Faces Servlet</servlet-name>
 <dispatcher>REQUEST</dispatcher>
 <dispatcher>FORWARD</dispatcher>
 <dispatcher>INCLUDE</dispatcher>
 </filter-mapping>

 <!-- richfaces -->


 <!-- Trinidad -->

 <filter>
 <filter-name>trinidad</filter-name>
 <filter-class>org.apache.myfaces.trinidad.webapp.TrinidadFilter</filter-class>
 </filter>

 <filter-mapping>
 <filter-name>trinidad</filter-name>
 <servlet-name>Faces Servlet</servlet-name>
 </filter-mapping>

 <!-- resource loader servlet -->
 <servlet>
 <servlet-name>resources</servlet-name>
 <servlet-class>org.apache.myfaces.trinidad.webapp.ResourceServlet</servlet-class>
 </servlet>

 <servlet-mapping>
 <servlet-name>resources</servlet-name>
 <url-pattern>/adf/*</url-pattern>
 </servlet-mapping>

 <!-- Trinidad -->


 </web-app>

8. Re: Filter Session Login and not work css

barisbicer Feb 25, 2009 11:08 AM (in response to barisbicer)

this my filter thank you so much

package guvFilter;


import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.ajax4jsf.webapp.WebXml;



/**
 *
 * @author Baris Bicer
 */
public class SecurityCheckFilter implements Filter {

 @SuppressWarnings("unused")
 private final static String FILTER_APPLIED = "Security_filter_applied";

 public SecurityCheckFilter() { }

 public void init(FilterConfig conf) throws ServletException {
 }

 public void destroy() {
 }

 /**Creates a new instance of SecurityCheckFilter */

 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException
 {

 WebXml a = new WebXml();
 HttpServletRequest hreq = (HttpServletRequest)request;
 HttpServletResponse hres = (HttpServletResponse)response;
 HttpSession session = hreq.getSession();


 /**login.jsp filtre edilmez because otherwise an endless loop.
 * & only filter .jsf.
 */
 try{
 if (a.getFacesResourceKey(hreq)==null)
 {
 /* There is no User attribute so redirect to login page */
 if(session.getAttribute("username") == null)
 {
 /* Set a message so that login page can pick it up and display it */
 session.setAttribute("ATTR_MSG", "Your session has timed out, please login again");
 hres.sendRedirect("/CurrencyWEB/Login/login.jsf");
 return;
 }
 }
 }catch(Exception ex){
 System.out.println("Hata:"+ex);
 }
 /* deliver request to next filter */
 chain.doFilter(request, response);

 }
 }

9. Re: Filter Session Login and not work css

barisbicer Feb 25, 2009 11:10 AM (in response to barisbicer)

it do nothing only get erorr message like this
error:java.lang.NullPointerException
Actions
10. Re: ClassNotFoundException in Ajax4jsf using JSeam2.1.1GA

zzuli Feb 25, 2009 11:37 AM (in response to barisbicer)

To nbelaevski:
I have tried:
- richfaces-api.jar - to EAR\lib
- richfaces-ui.jar & richfaces.impl.jar - to WAR\WEb-INF\lib
Find that richfaces-api.jar is also needed in WAR\WEb-INF\lib or there would be ClassNotFoundException.
The Exception is the same : org.ajax4jsf.resource.ResourceNotFoundException: Resource not registered : org/richfaces/renderkit/html/scripts/skinning.js.seam.

But when deploying,no exception. that excption come out when pages are requested.

Maybe my configuration files is wrong or some jars are indeed ommitted.
the faces-config.xml:
<faces-config version="1.2" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-facesconfig_1_2.xsd">

</faces-config>

the components.xml:
<components xmlns="http://jboss.com/products/seam/components"
xmlns:core="http://jboss.com/products/seam/core"
xmlns:xsi="http://www.w3.org/200>
<res-ref-name>jdbc/AccountDS</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
<res-sharing-scope>Shareable</res-sharing-scope>
</resource-ref>

<ejb-local-ref>
<ejb-ref-name>ejb/GuvOnbilgiInterface</ejb-ref-name>
<ejb-ref-type>Session</ejb-ref-type>
guvenlik.jpa.GuvOnbilgiInterface
<ejb-link>GuvOnbilgiBean</ejb-link>
</ejb-local-ref>

<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>

<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsf</url-pattern>
</servlet-mapping>



<context-param>
<param-name>org.richfaces.SKIN</param-name>
<param-value>deepMarine</param-value>
</context-param>

<context-param>
<param-name>org.richfaces.CONTROL_SKINNING</param-name>
<param-value>enable</param-value>
</context-param>

<context-param>
<param-name>org.richfaces.LoadScriptStrategy</param-name>
<param-value>ALL</param-value>
</context-param>

<context-param>
<param-name>org.richfaces.LoadStyleStrategy</param-name>
<param-value>ALL</param-value>
</context-param>

<display-name>RichFaces Filter</display-name>
<filter-name>richfaces</filter-name>
<filter-class>org.ajax4jsf.Filter</filter-class>

<filter-mapping>
<filter-name>richfaces</filter-name>
<servlet-name>Faces Servlet</servlet-name>
REQUEST
FORWARD
INCLUDE
</filter-mapping>





<filter-name>trinidad</filter-name>
<filter-class>org.apache.myfaces.trinidad.webapp.TrinidadFilter</filter-class>

<filter-mapping>
<filter-name>trinidad</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>



<servlet-name>resources</servlet-name>
<servlet-class>org.apache.myfaces.trinidad.webapp.ResourceServlet</servlet-class>

<servlet-mapping>
<servlet-name>resources</servlet-name>
<url-pattern>/adf/*</url-pattern>
</servlet-mapping>



</web-app>
Actions
11. Re: Filter Session Login and not work css

nbelaevski Feb 25, 2009 1:45 PM (in response to barisbicer)

web.xml and components.xml files got messed. Can you please repost?
Actions

12. Re: Filter Session Login and not work css

barisbicer Feb 25, 2009 4:18 PM (in response to barisbicer)

thank all you reply
can you give alternative login control session pls
how should i do

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xmlns="http://java.sun.com/xml/ns/javaee"
 xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
 xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
 http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
 id="WebApp_ID" version="2.5">

 <display-name>CurrencyWEB</display-name>


 <welcome-file-list>
 <welcome-file>index.jsp</welcome-file>
 </welcome-file-list>

 <context-param>
 <param-name>org.ajax4jsf.handleViewExpiredOnClient</param-name>
 <param-value>true</param-value>
</context-param>


 <!-- Filter definitions -->
 <filter>
 <filter-name>Security Page Filter</filter-name>
 <filter-class>guvFilter.SecurityCheckFilter</filter-class>
 </filter>
 <filter-mapping>
 <filter-name>Security Page Filter</filter-name>
 <url-pattern>*.jsf</url-pattern>
 </filter-mapping>

 <session-config>
 <session-timeout>30</session-timeout>
 </session-config>


 <resource-ref>
 <res-ref-name>jdbc/MyDataSource</res-ref-name>
 <res-type>javax.sql.DataSource</res-type>
 <res-auth>Container</res-auth>
 <res-sharing-scope>Shareable</res-sharing-scope>
 </resource-ref>

 <resource-ref>
 <res-ref-name>jdbc/AccountDS</res-ref-name>
 <res-type>javax.sql.DataSource</res-type>
 <res-auth>Container</res-auth>
 <res-sharing-scope>Shareable</res-sharing-scope>
 </resource-ref>


 <ejb-local-ref>
 <ejb-ref-name>ejb/GuvOnbilgiInterface</ejb-ref-name>
 <ejb-ref-type>Session</ejb-ref-type>
 <local>guvenlik.jpa.GuvOnbilgiInterface</local>
 <ejb-link>GuvOnbilgiBean</ejb-link>
 </ejb-local-ref>

 <servlet>
 <servlet-name>Faces Servlet</servlet-name>
 <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
 <load-on-startup>1</load-on-startup>
 </servlet>

 <servlet-mapping>
 <servlet-name>Faces Servlet</servlet-name>
 <url-pattern>*.jsf</url-pattern>
 </servlet-mapping>

 <!-- richfaces -->

 <context-param>
 <param-name>org.richfaces.SKIN</param-name>
 <param-value>deepMarine</param-value>
 </context-param>

 <context-param>
 <param-name>org.richfaces.CONTROL_SKINNING</param-name>
 <param-value>enable</param-value>
 </context-param>

 <context-param>
 <param-name>org.richfaces.LoadScriptStrategy</param-name>
 <param-value>ALL</param-value>
 </context-param>

 <context-param>
 <param-name>org.richfaces.LoadStyleStrategy</param-name>
 <param-value>ALL</param-value>
 </context-param>



 <filter>
 <display-name>RichFaces Filter</display-name>
 <filter-name>richfaces</filter-name>
 <filter-class>org.ajax4jsf.Filter</filter-class>
 </filter>

 <filter-mapping>
 <filter-name>richfaces</filter-name>
 <servlet-name>Faces Servlet</servlet-name>
 <dispatcher>REQUEST</dispatcher>
 <dispatcher>FORWARD</dispatcher>
 <dispatcher>INCLUDE</dispatcher>
 </filter-mapping>

 <!-- richfaces -->


 <!-- Trinidad -->

 <filter>
 <filter-name>trinidad</filter-name>
 <filter-class>org.apache.myfaces.trinidad.webapp.TrinidadFilter</filter-class>
 </filter>

 <filter-mapping>
 <filter-name>trinidad</filter-name>
 <servlet-name>Faces Servlet</servlet-name>
 </filter-mapping>

 <!-- resource loader servlet -->
 <servlet>
 <servlet-name>resources</servlet-name>
 <servlet-class>org.apache.myfaces.trinidad.webapp.ResourceServlet</servlet-class>
 </servlet>

 <servlet-mapping>
 <servlet-name>resources</servlet-name>
 <url-pattern>/adf/*</url-pattern>
 </servlet-mapping>

 <!-- Trinidad -->


 </web-app>

13. Re: Filter Session Login and not work css

nbelaevski Feb 26, 2009 12:47 PM (in response to barisbicer)

Thank you, I've tried to run your code. This exception happens because there's no FacesContext instance when filter is working. I suggest that you either hard-code resource prefixes in your application (this can be set in web.xml) or implement security check in phase listener.
Actions

Go to original post