当前位置：文江博客话题详情

如何将注销的用户重定向到 Java EE/JSF 中的主页？

发布于 2025-01-02 19:08:17 字数 137 浏览 5 评论 0原文

我需要只允许登录用户访问我的应用程序的大部分页面。我正在使用 JSF 2 开发 Java 企业应用程序。有谁知道我该怎么做？也许有一个配置文件？

我在主页中有一个登录组件，我希望用户在单击页面上除少数项目之外的任何其他项目时被重定向到主页。

原文

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

怪我闹别瞎闹 2025-01-09 19:08:17

有不同的方法可以做到这一点。首先，您可以使用过滤器来控制页面访问，也可以使用侦听 jsf Phases 的阶段侦听器。

我想给你们举两个例子；

  public class SecurityFilter implements Filter{
      FilterConfig fc;

   public void init(FilterConfig filterConfig)throws ServletException {
      fc = filterConfig;
   }
   public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
   throws IOException, ServletException{
      HttpServletRequest req = (HttpServletRequest)request;
      HttpServletResponse resp = (HttpServletResponse) response;
      HttpSession session = req.getSession(true);

      String pageRequested = req.getRequestURI().toString();
      if(session.getAttribute("user") == null && !pageRequested.contains("login.xhtml")){
         resp.sendRedirect("login.xhtml");
      }else{
        chain.doFilter(request, response);
      }
   }
   public void destroy(){

   }

}

你应该将此过滤器添加到 web.xml 中；

<filter>
    <filter-name>SecurityFilter</filter-name>
    <filter-class>com.webapp.SecurityFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>SecurityFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

阶段监听器示例；

public class SecurityFilter implements PhaseListener {


    public void beforePhase(PhaseEvent event) {
    }

    public void afterPhase(PhaseEvent event) {
      FacesContext fc = event.getFacesContext();

      boolean loginPage =
      fc.getViewRoot().getViewId().lastIndexOf("login") > -1 ? true : false;
        if (!loginPage && !isUserLogged()) {
             navigate(event,"logout");
        }
    }

    private boolean isUserLogged() {
        //looks session for user 
    }
    private void navigate(PhaseEvent event, String page) {
       FacesContext fc = event.getFacesContext();
       NavigationHandler nh = fc.getApplication().getNavigationHandler();
       nh.handleNavigation(fc, null, page);
    }
    public PhaseId getPhaseId() {
        return PhaseId.RESTORE_VIEW;
    }

}

因此，如果您想使用侦听器，您应该将其添加到您的 faces-config.xml 中；
注意：“注销”是在 faces-config 中定义的导航规则

<lifecycle>
 <phase-listener>com.myapp.SecurityFilter</phase>
</lifecycle>

编辑：
导航规则；

<navigation-rule>
        <from-view-id>/*</from-view-id>
        <navigation-case>
            <from-outcome>logout</from-outcome>
            <to-view-id>/login.xhtml</to-view-id>
            <redirect/>
        </navigation-case>
    </navigation-rule>

您可以像这样将用户置于登录方法中的会话中；

FacesContext context = FacesContext.getCurrentInstance(); 
HttpSession session = 
(HttpSession)context.getExternalContext().getSession(true); 

session.setAttribute("user", loggedUser);

There are different ways to do that . Firstly you can use filters to control page access or you can use phase listeners that listens jsf phases .

I wanna give you two examples for them ;

  public class SecurityFilter implements Filter{
      FilterConfig fc;

   public void init(FilterConfig filterConfig)throws ServletException {
      fc = filterConfig;
   }
   public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
   throws IOException, ServletException{
      HttpServletRequest req = (HttpServletRequest)request;
      HttpServletResponse resp = (HttpServletResponse) response;
      HttpSession session = req.getSession(true);

      String pageRequested = req.getRequestURI().toString();
      if(session.getAttribute("user") == null && !pageRequested.contains("login.xhtml")){
         resp.sendRedirect("login.xhtml");
      }else{
        chain.doFilter(request, response);
      }
   }
   public void destroy(){

   }

}

And you should add this filter to web.xml;

<filter>
    <filter-name>SecurityFilter</filter-name>
    <filter-class>com.webapp.SecurityFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>SecurityFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

Phase Listener example ;

public class SecurityFilter implements PhaseListener {


    public void beforePhase(PhaseEvent event) {
    }

    public void afterPhase(PhaseEvent event) {
      FacesContext fc = event.getFacesContext();

      boolean loginPage =
      fc.getViewRoot().getViewId().lastIndexOf("login") > -1 ? true : false;
        if (!loginPage && !isUserLogged()) {
             navigate(event,"logout");
        }
    }

    private boolean isUserLogged() {
        //looks session for user 
    }
    private void navigate(PhaseEvent event, String page) {
       FacesContext fc = event.getFacesContext();
       NavigationHandler nh = fc.getApplication().getNavigationHandler();
       nh.handleNavigation(fc, null, page);
    }
    public PhaseId getPhaseId() {
        return PhaseId.RESTORE_VIEW;
    }

}

So if you want to use listener you should add this to your faces-config.xml ;
Note : "logout" is a navigation rule which is defined in faces-config

<lifecycle>
 <phase-listener>com.myapp.SecurityFilter</phase>
</lifecycle>

Edit :
The navigation rule ;

<navigation-rule>
        <from-view-id>/*</from-view-id>
        <navigation-case>
            <from-outcome>logout</from-outcome>
            <to-view-id>/login.xhtml</to-view-id>
            <redirect/>
        </navigation-case>
    </navigation-rule>

You can put your user to session in login method like that ;

FacesContext context = FacesContext.getCurrentInstance(); 
HttpSession session = 
(HttpSession)context.getExternalContext().getSession(true); 

session.setAttribute("user", loggedUser);

回复收藏 0 原文