JSF 2.2 and Primefaces 6.0
I am trying to use a filter class to control an authentication session. But the filter class works 21 times, and the browser error message is ERR_TOO_MANY_REDIRECTS.
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<display-name>maintenancemonitoring</display-name>
<context-param>
<param-name>javax.faces.DEFAULT_SUFFIX</param-name>
<param-value>.xhtml</param-value>
</context-param>
<context-param>
<description>State saving method: 'client' or 'server' (=default). See JSF Specification 2.5.2</description>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>client</param-value>
</context-param>
<context-param>
<param-name>javax.servlet.jsp.jstl.fmt.localizationContext</param-name>
<param-value>resources.application</param-value>
</context-param>
<listener>
<listener-class>com.sun.faces.config.ConfigureListener</listener-class>
</listener>
<filter>
<filter-name>authFilter</filter-name>
<filter-class>view.filters.AuthenticationFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>authFilter</filter-name>
<url-pattern>*.xhtml</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
<context-param>
<param-name>primefaces.THEME</param-name>
<param-value>cupertino</param-value>
</context-param>
<welcome-file-list>
<welcome-file>index.xhtml</welcome-file>
</welcome-file-list>
</web-app>
Filter class:
public void
doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException,
ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
request.setCharacterEncoding("UTF-8");
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpSession session = request.getSession();
System.out.println("aaaaa");
String currentLoginId = null;
if(session.getAttribute("currentLoginId")!=null){
currentLoginId = (String) session.getAttribute("currentLoginId");
}
if(currentLoginId != null){
setResponseHeaders(response);
filterChain.doFilter(request, response);
} else {
response.sendRedirect(request.getContextPath() + "/faces/login.xhtml");
}
}
private void setResponseHeaders(HttpServletResponse httpResponse) {
httpResponse.addHeader("Pragma", "no-cache");
httpResponse.addHeader("Cache-Control", "no-cache");
httpResponse.addHeader("Cache-Control", "must-revalidate");
httpResponse.addHeader("Cache-Control", "post-check=0");
httpResponse.addHeader("Cache-Control", "pre-check=0");
httpResponse.addHeader("Cache-Control", "no-store");
httpResponse.addDateHeader("Expires", 0);
}
Login action in loginBean:
public String actionLogin(ActionEvent actionEvent) throws ServletException, IOException {
HttpServletRequest request = (HttpServletRequest) getExternalContext().getRequest();
HttpServletResponse response = (HttpServletResponse) getExternalContext().getResponse();
AuthUser user = getValidUser();
request.setAttribute("user", user);
if (user == null) {
addMessage("Kullanıcı adı ya da şifre hatalı");
return null;
}
return handleUserLogin(user, request, response);
}
Create a session in the loginHandler class:
private String createNewSessionAndRedirect(HttpServletRequest request, HttpServletResponse response, AuthUser user) {
HttpSession session = getSessionForRequest(request);
session.setAttribute("currentLoginId", user.getUserName());
if (request.isRequestedSessionIdValid() && session != null && session.getAttribute("currentLoginId") != null) {
try {
response.sendRedirect(request.getContextPath() + "/faces/welcome.xhtml");
} catch (IOException e) {
e.printStackTrace();
}
}
return "/welcome.xhtml";
}