redirecting from a servlet filter to jsf returns the actual jsf code not rendered to html
14,278
Redirect to an URL that matches the FacesServlet
mapping. Apparently it is mapped on /faces/*
instead of *.xhtml
. Then redirect to faces/Login.xhtml
.
Here's a rewrite, which simplifies the logic:
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
HttpSession session = request.getSession(false);
User user = (session != null) ? (User) session.getAttribute("user") : null;
String loginURL = request.getContextPath() + "/faces/Login.xhtml";
if (user == null && !request.getRequestURI().equals(loginURL)) {
response.sendRedirect(loginURL);
} else {
chain.doFilter(request, response);
}
}
![Fayyaz Ali](https://i.stack.imgur.com/HIkCY.jpg?s=256&g=1)
Author by
Fayyaz Ali
IT Consultant, Architect, Information Security Professional, Software Engineer
Updated on June 04, 2022Comments
-
Fayyaz Ali about 2 years
below is my code;
/* * To change this template, choose Tools | Templates * and open the template in the editor. */ package racms; import java.io.IOException; import javax.faces.application.NavigationHandler; import javax.faces.context.FacesContext; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; @WebFilter("/faces/*") public class AuthenticationFilter implements Filter { @Override public void init(FilterConfig config) throws ServletException { // If you have any <init-param> in web.xml, then you could get them // here by config.getInitParameter("name") and assign it as field. } @Override public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) res; HttpSession session = request.getSession(false); String pageRequested = request.getRequestURI().toString(); //try{ //FacesContext fctx = FacesContext.getCurrentInstance(); //NavigationHandler myNav = fctx.getApplication().getNavigationHandler(); if(session==null){ session = request.getSession(true); // will create a new session response.sendRedirect("Login.xhtml"); //myNav.handleNavigation(fctx, null, "Login"); }else if(session==null && pageRequested.contains("Login.xhtml")){ // session.getAttribute("user"); chain.doFilter(request, response); // continue filtering }else if((session.getAttribute("user")== null) && (!pageRequested.contains("Login.xhtml"))){ response.sendRedirect("Login.xhtml"); //myNav.handleNavigation(fctx, null, "Login"); }else { chain.doFilter(request, response); } //}catch(Exception e){ // System.out.println("Error :"+ e); //} /*if ((((HttpServletRequest) req).getSession().getAttribute("user") == null)) { FacesContext fctx = FacesContext.getCurrentInstance(); NavigationHandler myNav = fctx.getApplication().getNavigationHandler(); myNav.handleNavigation(fctx, null, "Login"); //response.sendRedirect(request.getContextPath() + "/Login.xhtml"); // No logged-in user found, so redirect to login page. } else { chain.doFilter(req, res); // Logged-in user found, so just continue request. }*/ } @Override public void destroy() { // If you have assigned any expensive resources as field of // this Filter class, then you could clean/close them here. } }
If i use FacesContext.getCurrentInstance(), java.lang.Nullpointer Exception occurs; If i use response.sendRedirect("Login.xhtml"); it shows a blank page, if i do view source, i can see the source of Login.xhtml in jsf. it is not rendered to html..
what i want to do is: if the user is not logged in and accessing any page then send him to Login.xhtml, if the user is on Login.xhtml then show him the page to login.
please help..
-
Fayyaz Ali about 12 yearsThanks BalusC, it worked, can you please help me understand; whats the difference between "/faces/*" and "*.xhtml"
-
BalusC about 12 yearsIt's the URL pattern on which the
FacesServlet
should be invoked. If it's/faces/*
, then it's only invoked on URLs matching/faces/*
. If it's*.xhtml
, then it's only invoked on URLs matching*.xhtml
. Using*.xhtml
doesn't result in an unnecessary extra path and you also don't need to fiddle with this virtual path everywhere. Makes just sense, I think?