3 Replies Latest reply on Apr 21, 2010 9:44 AM by Davide Cicuta

    RichFaces 3.2.2 and sendRedirect from Filter Servlet: no FacesContext

    Davide Cicuta Newbie

      Hello!
      I've developed a web application using JSF and RichFaces.
      Access to all pages is controlled by a Servlet Filter: The home page is the only one which can be accessed without being logged in and is the one which allows login (btw, it does not use any RichFaces components). If another page is requested without being logged in, the Filter redirects (using sendRedirect) the request to the home page.
      It's being used "in production" since at least one year without relevant problems, but now I need to add a "forgot password" feature. I thought about using RichFaces components (in particular inplaceInput), but what happens is that when the Filter is called and uses sendRedirect(), the RichFaces components are not shown properly (e.g. the inplaceInput is shown as a TextField with a label next to it), plus, if I click something on the page I get a ServletException stating that "View xxx.jsp could not be restored". Everything is fine if the Filter doesn't need to call sendRedirect.
      It seems like the Faces context is never created before displaying the page, but I can't find the real reason. Does anyone have any suggestion, please?
      I'm using Win XP Pro, Java 6, Jboss 4.2.3, RichFaces 3.2.2 GA

       

      If I didn't provide enough information, please ask me and I will see to it...
      Thank you in advance for your help!

        • 1. Re: RichFaces 3.2.2 and sendRedirect from Filter Servlet: no FacesContext
          Nick Belaevski Master

          Davide,

           

          Can you please post your web.xml file and filter code?

          • 2. Re: RichFaces 3.2.2 and sendRedirect from Filter Servlet: no FacesContext
            Davide Cicuta Newbie

            Hello!

            Thanks for the quick reply. The relevant parts of the web.xml follow (the index.html page uses a meta tag to redirect to the home page, a process which works properly if the LoginFilter is disabled)

             

            <filter>
              <filter-name>richfaces</filter-name>
              <filter-class>org.ajax4jsf.Filter</filter-class>
            </filter>
            <filter>
              <filter-name>LoginFilter</filter-name>
              <filter-class>it.units.htl.web.users.LoginFilter</filter-class>
              <init-param>
               <param-name>login_page</param-name>
               <param-value>/adir/index.jspf</param-value>
              </init-param>
            </filter>
            <filter>
              <filter-name>ViewerFilter</filter-name>
              <filter-class>package.Class</filter-class>
            </filter>
            <filter-mapping>
              <filter-name>LoginFilter</filter-name>
              <url-pattern>*.jspf</url-pattern>
            </filter-mapping>
            <filter-mapping>
              <filter-name>ViewerFilter</filter-name>
              <url-pattern>*.view</url-pattern>
            </filter-mapping>
            <filter-mapping>
              <filter-name>richfaces</filter-name>
              <servlet-name>Faces Servlet</servlet-name>
            </filter-mapping>
            <servlet>
              <servlet-name>Faces Servlet</servlet-name>
              <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
              <load-on-startup>1</load-on-startup>
            </servlet>
            <servlet-mapping>
              <servlet-name>Faces Servlet</servlet-name>
              <url-pattern>*.view</url-pattern>
            </servlet-mapping>
            <servlet-mapping>
              <servlet-name>Faces Servlet</servlet-name>
              <url-pattern>*.jspf</url-pattern>
            </servlet-mapping>
            <welcome-file-list>
              <welcome-file>index.html</welcome-file>
            </welcome-file-list>
            <security-constraint>
              <web-resource-collection>
               <web-resource-name>Faces Servlet</web-resource-name>
               <url-pattern>*.jspf</url-pattern>
              </web-resource-collection>
              <user-data-constraint>
               <transport-guarantee>NONE</transport-guarantee>
              </user-data-constraint>
            </security-constraint>
            <login-config>
              <auth-method>BASIC</auth-method>
            </login-config>

             

            The LoginFilter is as follows, except for the imports:

             

            public class LoginFilter implements Filter {
                private String loginPage;
                private List<String> areas;
                private Log log = LogFactory.getLog(LoginFilter.class);

             

               
                public LoginFilter() {

             

                }
                @SuppressWarnings("unchecked")
                public void doFilter(ServletRequest request, ServletResponse response,
                        FilterChain chain) throws IOException, ServletException {
                    HttpSession session = ((HttpServletRequest) request).getSession(false);
                    String requestURI = ((HttpServletRequest) request).getRequestURI();
                    String[] url = requestURI.split("[/]");
                   

             

                    if (checkLoginState(request)) {   
                       
                        ArrayList<String> patterns = (ArrayList<String>) session.getAttribute("secPolicies");
                        if(patterns == null){
                            log.error("Couldn't find policies configuration for this user");
                            ((HttpServletResponse)response).sendRedirect(loginPage);
                        }
                       
                        areas = Arrays.asList((String[])session.getAttribute("areas"));
                        if(areas == null){
                            log.error("Couldn't find policies configuration");
                            ((HttpServletResponse)response).sendRedirect(loginPage);
                        }
                        boolean authorized = false;
                       
                        if (areas.contains(url[url.length - 2])) {
                            for (String p : patterns) {
                                Pattern patToVerify = Pattern.compile(p);
                                Matcher matcher = patToVerify.matcher(url[url.length - 2]);
                       
                                if (matcher.find()) {
                                    authorized = true;
                                }
                            }
                           
                            if (authorized || request.getAttribute("auth") != null) {
                                request.setAttribute("auth", true);
                                chain.doFilter(request, response);
                            } else {
                                ((HttpServletResponse)response).sendRedirect(loginPage);
                            }
                        } else {
                            chain.doFilter(request, response);
                        }
                    }else if(checkIfViewer(session)){
                        areas = Arrays.asList((String[])session.getAttribute("vwAreas"));
                        if(areas == null){
                            ((HttpServletResponse)response).sendRedirect(loginPage);
                        }
                        if(areas.contains(url[url.length - 2])){
                            if("studies".equals(url[url.length - 2])){
                                chain.doFilter(request, response);
                            }else{
                                ((HttpServletResponse)response).sendRedirect(loginPage);
                            }
                        }else{
                            try{
                                chain.doFilter(request, response);
                            }catch (Exception e) {
                                ((HttpServletResponse)response).sendRedirect(loginPage);
                            }
                        }
                    }else{
                        if(!requestURI.equals(loginPage)){
                            ((HttpServletResponse)response).sendRedirect(loginPage);
                        }else{
                            try{
                                chain.doFilter(request, response);
                            }catch (Exception e) {
                                ((HttpServletResponse)response).sendRedirect(loginPage);
                            }
                        }
                    }
                }

             

               
                private boolean checkIfViewer(HttpSession session) {
                   
                    if(session != null){
                        if(session.getAttribute("isViewer") != null){
                            return true;
                        }else{
                            return false;
                        }
                    }       
                    return false;
                }
                public static boolean checkLoginState(Object request) throws IOException,
                        ServletException {
                    boolean isLoggedIn = false;
                    HttpSession session = ((HttpServletRequest) request).getSession(false);
                    UserBean managedUserBean = null;
                    if (null != session    && (null != (managedUserBean = (UserBean) session.getAttribute("userBean")))) {
                        if (managedUserBean.isIsLoggedIn()) {
                            isLoggedIn = true;
                        }
                    }
                    return isLoggedIn;
                }

             

                public void destroy() {

             

                }

             

                /* Init method for this filter */
                public void init(FilterConfig filterConfig) {
                    if (filterConfig != null) {
                        loginPage = filterConfig.getInitParameter("login_page");
                    }
                }
            }

             

            Message was edited by: Davide Cicuta to reformat XML

            • 3. Re: RichFaces 3.2.2 and sendRedirect from Filter Servlet: no FacesContext
              Davide Cicuta Newbie

              Hello!

              Just for posterity (and me, when I forget ):

              The issue was that the LoginFilter never called the richfaces filter, so adding

               

              <filter-mapping>
                <filter-name>richfaces</filter-name>
                <url-pattern>*.jspf</url-pattern>
              </filter-mapping>

               

              before the LoginFilter mapping seems to do the job (the context is created before the Login verifications).