G
gbattine
Hi guys,
i need your help to solve my question..
i'm developing a jsf application and i've created an authorization
filter...
My filter must checking for each page access if a registered user is
stored in the session,if not redirect to login page. I've a bit
experience on servlet and filter and i've solved this question with
this filter.
import java.io.IOException;
import javax.servlet.*;
import javax.servlet.http.*;
public class AuthorizationFilter implements Filter {
/**
* @uml.property name="config"
* @uml.associationEnd
*/
FilterConfig config = null;
/**
* @uml.property name="servletContext"
* @uml.associationEnd
*/
ServletContext servletContext = null;
public AuthorizationFilter() {
}
public void init(FilterConfig filterConfig) throws ServletException {
config = filterConfig;
servletContext = config.getServletContext();
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
Utils.log(servletContext, "Inside the filter");
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
HttpSession session = httpRequest.getSession();
String requestPath = httpRequest.getPathInfo();
Visit visit = (Visit) session.getAttribute("visit");
if (visit == null) {
System.out.println("Visit Nullo");
session.setAttribute("originalTreeId", httpRequest
.getPathInfo());
Utils.log(servletContext, "redirecting to "
+ httpRequest.getContextPath() + "/faces/Login.jsp");
httpResponse.sendRedirect(httpRequest.getContextPath()
+ "/index.jsp");
}
else {
chain.doFilter(request, response);
}
Utils.log(servletContext, "Exiting the filter");
}
public void destroy() {
}
}
in my authentication bean,after user has logged in i've
loggedIn=true;
User newUser = new User(loginName, password,teamName, role);
Visit visit = new Visit();
visit.setUser(newUser);
visit.setAuthenticationBean(this);
visit.setLoggedIn(loggedIn);
setVisit(visit);
getApplication().createValueBinding("#{sessionScope.visit}").setValue(facesContext,visit);
to store values into visit object.
and this is my logout function
FacesContext facesContext = getFacesContext();
Utils.log(facesContext, "Executing AuthenticationBean.logout()");
HttpSession session = (HttpSession) facesContext.getExternalContext()
.getSession(false);
session.removeAttribute("sessionScope.visit");
if (session != null) {
session.invalidate();
}
My 2 questions are:
1) how can i redirect to login page a user that tries to log in with
the same data of a user stored in the session?
2) how can i handling browser closing?I need a listener?
Please help me,i'm trying to learn about it and i need your help.
Thanks
i need your help to solve my question..
i'm developing a jsf application and i've created an authorization
filter...
My filter must checking for each page access if a registered user is
stored in the session,if not redirect to login page. I've a bit
experience on servlet and filter and i've solved this question with
this filter.
import java.io.IOException;
import javax.servlet.*;
import javax.servlet.http.*;
public class AuthorizationFilter implements Filter {
/**
* @uml.property name="config"
* @uml.associationEnd
*/
FilterConfig config = null;
/**
* @uml.property name="servletContext"
* @uml.associationEnd
*/
ServletContext servletContext = null;
public AuthorizationFilter() {
}
public void init(FilterConfig filterConfig) throws ServletException {
config = filterConfig;
servletContext = config.getServletContext();
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
Utils.log(servletContext, "Inside the filter");
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
HttpSession session = httpRequest.getSession();
String requestPath = httpRequest.getPathInfo();
Visit visit = (Visit) session.getAttribute("visit");
if (visit == null) {
System.out.println("Visit Nullo");
session.setAttribute("originalTreeId", httpRequest
.getPathInfo());
Utils.log(servletContext, "redirecting to "
+ httpRequest.getContextPath() + "/faces/Login.jsp");
httpResponse.sendRedirect(httpRequest.getContextPath()
+ "/index.jsp");
}
else {
chain.doFilter(request, response);
}
Utils.log(servletContext, "Exiting the filter");
}
public void destroy() {
}
}
in my authentication bean,after user has logged in i've
loggedIn=true;
User newUser = new User(loginName, password,teamName, role);
Visit visit = new Visit();
visit.setUser(newUser);
visit.setAuthenticationBean(this);
visit.setLoggedIn(loggedIn);
setVisit(visit);
getApplication().createValueBinding("#{sessionScope.visit}").setValue(facesContext,visit);
to store values into visit object.
and this is my logout function
FacesContext facesContext = getFacesContext();
Utils.log(facesContext, "Executing AuthenticationBean.logout()");
HttpSession session = (HttpSession) facesContext.getExternalContext()
.getSession(false);
session.removeAttribute("sessionScope.visit");
if (session != null) {
session.invalidate();
}
My 2 questions are:
1) how can i redirect to login page a user that tries to log in with
the same data of a user stored in the session?
2) how can i handling browser closing?I need a listener?
Please help me,i'm trying to learn about it and i need your help.
Thanks