Menu
JSF 2.2 and Primefaces 6.0
I'm trying to use filter class for authentication session control. But filter class running 21 times and browser set error message ERR_TOO_MANY_REDIRECTS.
Web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<display-name>maintenancemonitoring</display-name>
<context-param>
<param-name>javax.faces.DEFAULT_SUFFIX</param-name>
<param-value>.xhtml</param-value>
</context-param>
<context-param>
<description>State saving method: 'client' or 'server' (=default). See JSF Specification 2.5.2</description>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>client</param-value>
</context-param>
<context-param>
<param-name>javax.servlet.jsp.jstl.fmt.localizationContext</param-name>
<param-value>resources.application</param-value>
</context-param>
<listener>
<listener-class>com.sun.faces.config.ConfigureListener</listener-class>
</listener>
<filter>
<filter-name>authFilter</filter-name>
<filter-class>view.filters.AuthenticationFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>authFilter</filter-name>
<url-pattern>*.xhtml</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
<context-param>
<param-name>primefaces.THEME</param-name>
<param-value>cupertino</param-value>
</context-param>
<welcome-file-list>
<welcome-file>index.xhtml</welcome-file>
</welcome-file-list>
</web-app>
Filter class :
public void
doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException,
ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
request.setCharacterEncoding("UTF-8");
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpSession session = request.getSession();
System.out.println("aaaaa");
String currentLoginId = null;
if(session.getAttribute("currentLoginId")!=null){
currentLoginId = (String) session.getAttribute("currentLoginId");
}
if(currentLoginId != null){
setResponseHeaders(response);
filterChain.doFilter(request, response);
} else {
response.sendRedirect(request.getContextPath() + "/faces/login.xhtml");
}
}
private void setResponseHeaders(HttpServletResponse httpResponse) {
httpResponse.addHeader("Pragma", "no-cache");
httpResponse.addHeader("Cache-Control", "no-cache");
httpResponse.addHeader("Cache-Control", "must-revalidate");
httpResponse.addHeader("Cache-Control", "post-check=0");
httpResponse.addHeader("Cache-Control", "pre-check=0");
httpResponse.addHeader("Cache-Control", "no-store");
httpResponse.addDateHeader("Expires", 0);
}
Login action in loginBean:
public String actionLogin(ActionEvent actionEvent) throws ServletException, IOException {
HttpServletRequest request = (HttpServletRequest) getExternalContext().getRequest();
HttpServletResponse response = (HttpServletResponse) getExternalContext().getResponse();
AuthUser user = getValidUser();
request.setAttribute("user", user);
if (user == null) {
addMessage("Kullanıcı adı ya da şifre hatalı");
return null;
}
return handleUserLogin(user, request, response);
}
Create session in loginHandler class:
private String createNewSessionAndRedirect(HttpServletRequest request, HttpServletResponse response, AuthUser user) {
HttpSession session = getSessionForRequest(request);
session.setAttribute("currentLoginId", user.getUserName());
if (request.isRequestedSessionIdValid() && session != null && session.getAttribute("currentLoginId") != null) {
try {
response.sendRedirect(request.getContextPath() + "/faces/welcome.xhtml");
} catch (IOException e) {
e.printStackTrace();
}
}
return "/welcome.xhtml";
}
354
The reason you see the “too many redirects” error is because your website has been set up in a way that keeps redirecting it between different web addresses. When your browser tries to load your site, it goes back and forth between those web addresses in a way that will never complete — a redirect loop.
Don't use more than 3 redirects in a redirect chain. Google Bot will not follow 301 redirects over multiple hubs. Using too many redirects in a chain is also bad user experience. The page speed will slow down with every redirect you use.
The reason I see for this error is a recursive call.
Since you are filtering every .xthml page and in the filter you are redirecting to
response.sendRedirect(request.getContextPath() + "/faces/login.xhtml");
You are filtrering this redirection itself. You should forward the request instead since you have set the filtrer to work on REQUEST but not on FORWARD.
<filter-mapping>
<filter-name>authFilter</filter-name>
<url-pattern>*.xhtml</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
The forward looks like this (not exactly, didn't remember the exact code in a filter...) :
ServletContext.getRequestDispatcher("/faces/welcome.xhtml").forward()
A forward will only be filter if you add <dispatcher>FORWARD</dispatcher> to the filter-mapping
128
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
