Menu
I am implementing web filter through refering this link
My code is
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
id="WebApp_ID" version="2.5">
<display-name>project_name</display-name>
<welcome-file-list>
<welcome-file>/project_name/faces/jsp/HomePage.jsp</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<context-param>
<description>State saving method: 'client' or 'server' (=default). See JSF Specification 2.5.2</description>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>client</param-value>
</context-param>
<context-param>
<param-name>javax.servlet.jsp.jstl.fmt.localizationContext</param-name>
<param-value>resources.application</param-value>
</context-param>
<context-param>
<param-name>org.richfaces.CONTROL_SKINNING</param-name>
<param-value>enable</param-value>
</context-param>
<context-param>
<param-name>org.richfaces.LoadScriptStrategy</param-name>
<param-value>ALL</param-value>
</context-param>
<context-param>
<param-name>org.richfaces.LoadStyleStrategy</param-name>
<param-value>ALL</param-value>
</context-param>
<context-param>
<param-name>org.ajax4jsf.DEFAULT_EXPIRE</param-name>
<param-value>2764800</param-value>
</context-param>
<context-param>
<param-name>org.apache.myfaces.ERROR_HANDLING</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>org.ajax4jsf.handleViewExpiredOnClient</param-name>
<param-value>true</param-value>
</context-param>
<filter>
<display-name>RichFaces Filter</display-name>
<filter-name>richfaces</filter-name>
<filter-class>org.ajax4jsf.Filter</filter-class>
<init-param>
<param-name>createTempFiles</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>maxRequestSize</param-name>
<param-value>20000000</param-value>
</init-param>
<init-param>
<param-name>enable-cache</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter>
<filter-name>loginFilter</filter-name>
<filter-class>com.common.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>loginFilter</filter-name>
<url-pattern>/faces/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>richfaces</filter-name>
<servlet-name>Faces Servlet</servlet-name>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
</filter-mapping>
<listener>
<listener-class>com.sun.faces.config.ConfigureListener</listener-class>
</listener>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsf</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.faces</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>Resource Servlet</servlet-name>
<servlet-class>org.primefaces.resource.ResourceServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Resource Servlet</servlet-name>
<url-pattern>/primefaces_resource/*</url-pattern>
</servlet-mapping>
</web-app>
LoginFilter.class
public class LoginFilter implements Filter {
@Override
public void init(FilterConfig config) throws ServletException {
// If you have any <init-param> in web.xml, then you could get them
// here by config.getInitParameter("name") and assign it as field.
}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
System.out.println("Inside Login Filter");
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
HttpSession session = request.getSession(false);
System.out.println("session..."+ session);
if (session == null || session.getAttribute(IConstants.HAS_USER_ID) == null) {
response.sendRedirect(request.getContextPath() + "/faces/jsp/login.jsp"); // No logged-in user found, so redirect to login page.
} else {
chain.doFilter(req, res); // Logged-in user found, so just continue request.
}
}
@Override
public void destroy() {
// If you have assigned any expensive resources as field of
// this Filter class, then you could clean/close them here.
}
}
Setting the session variable after successful login
FacesContext.getCurrentInstance().getExternalContext()
.getSessionMap()
.put(IConstants.HAS_USER_ID, IConstants.HAS_USER_ID);
But the problem I am facing is I keep getting below log
Inside Login Filter
session...org.apache.catalina.session.StandardSessionFacade@1c134e1
in console and page is never redirected to next page or login page.
281
Filters in web.xml are used for filtering functionality of the Java web application. They manipulate the responses from the server and sent to the client. Filters are defined in web.xml, and they are a map to servlet or JSP.
Servlet and JSP Filters are Java classes that can be used in Servlet and JSP Programming for the following purposes − To intercept requests from a client before they access a resource at back end. To manipulate responses from server before they are sent back to the client. There are various types of filters suggested by the specifications −
@WebFilter reduces the other configuration in web.xml. @WebFilter annotation declares a filter. The servlet container processes a filter at deployment time and associates to the specified URL, servlet and dispatcher. It does not defines order.
Each parameter is specified by @WebInitParam annotation type. Specify name of the small icon of the filter. Specify name of the large icon of the filter. 3. Some @WebFilter Examples
It's because your filter also matches the request on the login page. It's basically running in an infinite loop redirecting to the login page. There are basically 2 options:
Make sure that the login URL is not covered by the filter mapping. Put the restricted pages in a folder like /secured/*, /app/*, etc and map the filter on exactly that URL pattern and put the login page there outside.
Check in the filter if the login URL is not currently been requested.
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
HttpSession session = request.getSession(false);
boolean loggedIn = (session != null) ? session.getAttribute(IConstants.HAS_USER_ID) != null : false;
String loginURL = request.getContextPath() + "/faces/jsp/login.jsp";
if (!loggedIn && !request.getRequestURI().equals(loginURL)) {
response.sendRedirect(loginURL);
} else {
chain.doFilter(request, response);
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
