使用过滤器类的重定向过多
Posted
技术标签:
【中文标题】使用过滤器类的重定向过多【英文标题】:too many redirects using filter class 【发布时间】:2017-07-02 08:37:03 【问题描述】:JSF 2.2 和 Primefaces 6.0
我正在尝试使用过滤器类进行身份验证会话控制。但是过滤器类运行了 21 次并且浏览器设置了错误消息 ERR_TOO_MANY_REDIRECTS。
Web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<display-name>maintenancemonitoring</display-name>
<context-param>
<param-name>javax.faces.DEFAULT_SUFFIX</param-name>
<param-value>.xhtml</param-value>
</context-param>
<context-param>
<description>State saving method: 'client' or 'server' (=default). See JSF Specification 2.5.2</description>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>client</param-value>
</context-param>
<context-param>
<param-name>javax.servlet.jsp.jstl.fmt.localizationContext</param-name>
<param-value>resources.application</param-value>
</context-param>
<listener>
<listener-class>com.sun.faces.config.ConfigureListener</listener-class>
</listener>
<filter>
<filter-name>authFilter</filter-name>
<filter-class>view.filters.AuthenticationFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>authFilter</filter-name>
<url-pattern>*.xhtml</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
<context-param>
<param-name>primefaces.THEME</param-name>
<param-value>cupertino</param-value>
</context-param>
<welcome-file-list>
<welcome-file>index.xhtml</welcome-file>
</welcome-file-list>
</web-app>
过滤器类:
public void
doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException,
ServletException
HttpServletRequest request = (HttpServletRequest) servletRequest;
request.setCharacterEncoding("UTF-8");
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpSession session = request.getSession();
System.out.println("aaaaa");
String currentLoginId = null;
if(session.getAttribute("currentLoginId")!=null)
currentLoginId = (String) session.getAttribute("currentLoginId");
if(currentLoginId != null)
setResponseHeaders(response);
filterChain.doFilter(request, response);
else
response.sendRedirect(request.getContextPath() + "/faces/login.xhtml");
private void setResponseHeaders(HttpServletResponse httpResponse)
httpResponse.addHeader("Pragma", "no-cache");
httpResponse.addHeader("Cache-Control", "no-cache");
httpResponse.addHeader("Cache-Control", "must-revalidate");
httpResponse.addHeader("Cache-Control", "post-check=0");
httpResponse.addHeader("Cache-Control", "pre-check=0");
httpResponse.addHeader("Cache-Control", "no-store");
httpResponse.addDateHeader("Expires", 0);
loginBean 中的登录操作:
public String actionLogin(ActionEvent actionEvent) throws ServletException, IOException
HttpServletRequest request = (HttpServletRequest) getExternalContext().getRequest();
HttpServletResponse response = (HttpServletResponse) getExternalContext().getResponse();
AuthUser user = getValidUser();
request.setAttribute("user", user);
if (user == null)
addMessage("Kullanıcı adı ya da şifre hatalı");
return null;
return handleUserLogin(user, request, response);
在 loginHandler 类中创建会话:
private String createNewSessionAndRedirect(HttpServletRequest request, HttpServletResponse response, AuthUser user)
HttpSession session = getSessionForRequest(request);
session.setAttribute("currentLoginId", user.getUserName());
if (request.isRequestedSessionIdValid() && session != null && session.getAttribute("currentLoginId") != null)
try
response.sendRedirect(request.getContextPath() + "/faces/welcome.xhtml");
catch (IOException e)
e.printStackTrace();
return "/welcome.xhtml";
【问题讨论】:
你应该检查重定向response.sendRedirect(request.getContextPath() + "/faces/login.xhtml");
是否匹配过滤器,如果这不是递归调用。
我更正了 ypur 问题中的标记。请下次标记更好
注意:当你得到一个异常时,你应该添加 Stacktrace
@AxelH 我检查了重定向 url 并且 url 是真的
@EmreArslan 我不明白你的最后一句话... url 是真的 ?
【参考方案1】:
我看到这个错误的原因是递归调用。
由于您正在过滤每个 .xthml
页面,并且在过滤器中您将重定向到
response.sendRedirect(request.getContextPath() + "/faces/login.xhtml");
您正在过滤此重定向本身。您应该转发请求,因为您已将过滤器设置为在 REQUEST
上工作,而不是在 FORWARD
上工作。
<filter-mapping>
<filter-name>authFilter</filter-name>
<url-pattern>*.xhtml</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
转发看起来像这样(不完全是,不记得过滤器中的确切代码......):
ServletContext.getRequestDispatcher("/faces/welcome.xhtml").forward()
仅当您将<dispatcher>FORWARD</dispatcher>
添加到过滤器映射时,转发才会被过滤
【讨论】:
还可以查看这篇文章,了解如何从重定向(过滤)中排除某些 url:***.com/questions/3125296/… @dognose 确实,没有足够的信息,我根本没有考虑更一般的排除。我相信这是一个不同的答案。以上是关于使用过滤器类的重定向过多的主要内容,如果未能解决你的问题,请参考以下文章