当前位置: 文江博客 话题详情

阻止 RichFaces 的 Web 过滤器

发布于 2024-12-13 16:07:17 字数 3764 浏览 4 评论 0 原文

我创建了一个过滤器,它工作正常,但我的 richfaces 不再正常工作,这是我的 web.xml:

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
    id="WebApp_ID" version="3.0">
    <display-name>SuaParte</display-name>
    <welcome-file-list>
        <welcome-file>index.xhtml</welcome-file>
    </welcome-file-list>

    <context-param>
        <param-name>javax.faces.PROJECT_STAGE</param-name>
        <param-value>Development</param-value>
    </context-param>

    <context-param>
        <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
        <param-value>server</param-value>
    </context-param>

    <context-param>
        <param-name>org.richfaces.SKIN</param-name>
        <param-value>blueSky</param-value>
    </context-param>

    <context-param>
        <param-name>org.richfaces.CONTROL_SKINNING</param-name>
        <param-value>enable</param-value>
    </context-param>

    <filter>
        <display-name>RichFaces Filter</display-name>
        <filter-name>richfaces</filter-name>
        <filter-class>org.ajax4jsf.Filter</filter-class>
    </filter> 

    <filter-mapping> 
       <filter-name>richfaces</filter-name> 
       <servlet-name>Faces Servlet</servlet-name>
       <dispatcher>REQUEST</dispatcher>
       <dispatcher>FORWARD</dispatcher>
       <dispatcher>INCLUDE</dispatcher>
    </filter-mapping>

    <context-param>
        <param-name>com.sun.faces.disableVersionTracking</param-name>
        <param-value>true</param-value>
    </context-param>

    <context-param>
        <param-name>javax.faces.INTERPRET_EMPTY_STRING_SUBMITTED_VALUES_AS_NULL</param-name>
        <param-value>true</param-value>
    </context-param>


    <servlet>
        <servlet-name>Faces Servlet</servlet-name>
        <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>Faces Servlet</servlet-name>
        <url-pattern>*.xhtml</url-pattern>
    </servlet-mapping>

    <filter>
        <filter-name>LoginFilter</filter-name>
        <filter-class>filter.LoginFilter</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>LoginFilter</filter-name>
        <servlet-name>Faces Servlet</servlet-name>
    </filter-mapping>
</web-app>

我还尝试了 @BalusC 建议 此处,将 web.xml 更改为:

<filter>
    <filter-name>LoginFilter</filter-name>
    <filter-class>filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>LoginFilter</filter-name>
    <url-pattern>/secured/*</url-pattern>
</filter-mapping>

并将 *.xhtml 文件更改为secured 文件夹:

在此处输入图像描述

但是这样过滤器就不再起作用了。

如何使 Richfaces 与我的过滤器配合使用?

原文

I create a filter and it works fine but my richfaces doesn't work correctly anymore, here is my web.xml:

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
    id="WebApp_ID" version="3.0">
    <display-name>SuaParte</display-name>
    <welcome-file-list>
        <welcome-file>index.xhtml</welcome-file>
    </welcome-file-list>

    <context-param>
        <param-name>javax.faces.PROJECT_STAGE</param-name>
        <param-value>Development</param-value>
    </context-param>

    <context-param>
        <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
        <param-value>server</param-value>
    </context-param>

    <context-param>
        <param-name>org.richfaces.SKIN</param-name>
        <param-value>blueSky</param-value>
    </context-param>

    <context-param>
        <param-name>org.richfaces.CONTROL_SKINNING</param-name>
        <param-value>enable</param-value>
    </context-param>

    <filter>
        <display-name>RichFaces Filter</display-name>
        <filter-name>richfaces</filter-name>
        <filter-class>org.ajax4jsf.Filter</filter-class>
    </filter> 

    <filter-mapping> 
       <filter-name>richfaces</filter-name> 
       <servlet-name>Faces Servlet</servlet-name>
       <dispatcher>REQUEST</dispatcher>
       <dispatcher>FORWARD</dispatcher>
       <dispatcher>INCLUDE</dispatcher>
    </filter-mapping>

    <context-param>
        <param-name>com.sun.faces.disableVersionTracking</param-name>
        <param-value>true</param-value>
    </context-param>

    <context-param>
        <param-name>javax.faces.INTERPRET_EMPTY_STRING_SUBMITTED_VALUES_AS_NULL</param-name>
        <param-value>true</param-value>
    </context-param>


    <servlet>
        <servlet-name>Faces Servlet</servlet-name>
        <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>Faces Servlet</servlet-name>
        <url-pattern>*.xhtml</url-pattern>
    </servlet-mapping>

    <filter>
        <filter-name>LoginFilter</filter-name>
        <filter-class>filter.LoginFilter</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>LoginFilter</filter-name>
        <servlet-name>Faces Servlet</servlet-name>
    </filter-mapping>
</web-app>

I also try the @BalusC suggestion here, changing the web.xml to:

<filter>
    <filter-name>LoginFilter</filter-name>
    <filter-class>filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>LoginFilter</filter-name>
    <url-pattern>/secured/*</url-pattern>
</filter-mapping>

And change the *.xhtml files to a secured folder :

enter image description here

But this way the filter doesn't work anymore.

How can I make the richfaces work with my filter ?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

脸赞 2024-12-20 16:07:17

RichFaces 资源也通过 FacesServlet 传递,因此也通过安全过滤器传递。您需要添加额外的 if 检查来绕过资源请求(阅读:由 等,在标记中显式声明或由 JSF/RichFaces 隐式添加)。

String uri = ((HttpServletRequest) request).getRequestURI();

// Ignore JSF2/RF4 resources (which are also mapped on FacesServlet).
if (uri.startsWith(ResourceHandler.RESOURCE_IDENTIFIER) || uri.startsWith(ResourceHandlerImpl.RICHFACES_RESOURCE_IDENTIFIER)) {
    chain.doFilter(request, response);
    return;
}

// ...

至于

import javax.faces.application.ResourceHandler;
import org.richfaces.resource.ResourceHandlerImpl;

为什么您的 /secured/* 映射不起作用,是因为您的文件夹结构中有一个额外的 /pages 路径。然后,过滤器应映射到 /pages/secured/* 上。

RichFaces resources are also passed through the FacesServlet and thus also through your security filter. You need to add an extra if check to bypass resource requests (read: CSS/JS/image requests done by <h:outputStylesheet>, <h:outputScript>, <h:graphicImage>, etc, either explicitly declared in markup or implicitly added by JSF/RichFaces).

String uri = ((HttpServletRequest) request).getRequestURI();

// Ignore JSF2/RF4 resources (which are also mapped on FacesServlet).
if (uri.startsWith(ResourceHandler.RESOURCE_IDENTIFIER) || uri.startsWith(ResourceHandlerImpl.RICHFACES_RESOURCE_IDENTIFIER)) {
    chain.doFilter(request, response);
    return;
}

// ...

with

import javax.faces.application.ResourceHandler;
import org.richfaces.resource.ResourceHandlerImpl;

As to why your /secured/* mapping doesn't work is because you've one extra /pages path there in your folder structure. The filter should then be mapped on /pages/secured/*.

回复 原文
~没有更多了~

关于作者

七婞

暂无简介

文章
评论
27 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

十二

文章 0 评论 0

飞烟轻若梦

文章 0 评论 0

OPleyuhuo

文章 0 评论 0

wxb0109

文章 0 评论 0

旧城空念

文章 0 评论 0

-小熊_

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文