1. 首页
  2. 问答
  3. 过滤器映射在web.xml中不起作用

过滤器映射在web.xml中不起作用

2014-10-29 195 views
1

我在应用程序中创建了一个过滤器来处理登录/注销场景。过滤器映射不起作用。在我的web.xml,如果我把<url-pattern>/LoginServlet/*</url-pattern>,过滤器映射的作品,但如果我把一个名称的jsp,那么它不起作用<url-pattern>/LoginServlet/list.jsp</url-pattern>。我不想为所有jsps调用过滤器。过滤器映射在web.xml中不起作用

这是我的过滤器。

public class LoginFilter implements Filter{ 

    public void destroy() { 
     // TODO Auto-generated method stub 

    } 

    public void doFilter(ServletRequest req, ServletResponse res, 
      FilterChain chain) throws IOException, ServletException { 
     System.out.println("LoginFilter : doFilter : Start"); 
     HttpServletRequest request = (HttpServletRequest) req; 
     HttpServletResponse response = (HttpServletResponse) res; 
     response.setHeader("Pragma", "no-cache"); 
     response.setHeader("Cache-Control", "no-cache"); 
     response.setDateHeader("Expires", 0); 

     System.out.println("LoginFilter : doFilter : 111111"); 


     HttpSession session = request.getSession(false); 

     if (session == null || session.getAttribute("user") == null) { 
      System.out.println("LoginFilter : doFilter : 222222"); 
      response.sendRedirect("login.jsp"); 
      //response.sendRedirect(request.getContextPath() + "/login.jsp"); 
      //response.sendRedirect("login.jsp"); 
      //response.sendRedirect("http://localhost:8080/PROJECT_ELMS/login.jsp"); 
     }else { 
      System.out.println("LoginFilter : doFilter : 33333333"); 
      chain.doFilter(request, response); 
     } 

    } 

    public void init(FilterConfig arg0) throws ServletException { 
     // TODO Auto-generated method stub 

    } 

}

这是我的web.xml

<welcome-file-list> 
    <welcome-file>login.jsp</welcome-file> 
</welcome-file-list> 
<listener> 
    <listener-class>edu.umd.enpm613.helper.StartupListner</listener-class> 
</listener> 
<filter> 
    <filter-name>loginFilter</filter-name> 
    <filter-class>edu.umd.enpm613.servlet.LoginFilter</filter-class> 
</filter> 
<filter-mapping> 
    <filter-name>loginFilter</filter-name> 
    <url-pattern>/*</url-pattern> 
</filter-mapping> 
<servlet> 
    <description></description> 
    <display-name>LoginServlet</display-name> 
    <servlet-name>LoginServlet</servlet-name> 
    <servlet-class>edu.umd.enpm613.servlet.LoginServlet</servlet-class> 
</servlet> 
<servlet-mapping> 
    <servlet-name>LoginServlet</servlet-name> 
    <url-pattern>/LoginServlet/*</url-pattern> 
</servlet-mapping> 
<servlet> 
    <description></description> 
    <display-name>StudentServlet</display-name> 
    <servlet-name>StudentServlet</servlet-name> 
    <servlet-class>edu.umd.enpm613.servlet.StudentServlet</servlet-class> 
</servlet>

LoginServlet是:

public class LoginServlet extends HttpServlet { 
    private static final long serialVersionUID = 1L; 

    /** 
    * Default constructor. 
    */ 
    public LoginServlet() { 
     // TODO Auto-generated constructor stub 
    } 

    /** 
    * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) 
    */ 
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { 
     // TODO Auto-generated method stub 
    } 

    /** 
    * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) 
    */ 
    @SuppressWarnings("null") 
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { 
     System.out.println("LoginServlet : doPost : Start"); 
     LoginDTO returnedDTO = null; 
     String userEmailId = request.getParameter("userid"); 
     try { 
      request.getSession(true).setAttribute("user", userEmailId); 
      String userPassword = request.getParameter("password"); 

      LoginDTO loginDto = new LoginDTO(); 
      loginDto.setUserEmailId(userEmailId); 
      loginDto.setUserPassword(userPassword); 

      returnedDTO = LoginImpl.getUserCategory(loginDto); 

      String category = returnedDTO.getUserCategory(); 

      if (category.equals(ELMSConstants.CATEGORY_STUDENT)) { 
       //request.getRequestDispatcher("student_home.jsp").forward(request,response); 
       System.out.println("LoginServlet : doPost : Start" +request.getContextPath()); 
       System.out.println("LoginServlet : doPost : Start" +request.getRequestURI()); 
       System.out.println("LoginServlet : doPost : Start" + request.getRequestURL()); 
       request.getRequestDispatcher("list.jsp").forward(request,response); 
      } 
      if (category.equals(ELMSConstants.CATEGORY_TEACHER)) { 
       System.out.println("LoginServlet : doPost : 22222222222"); 
       request.getRequestDispatcher("professor_home.jsp").forward(request,response); 
      } 


     }catch (ELMSException exp){ 
      exp.printStackTrace(); 
      System.out.println("LoginServlet : doPost : error message is" + exp.getMessage()); 

      if (exp.getMessage().equals(ELMSException.USER_NEED_TO_CHANGE_PASSWORD)) { 
       System.out.println("LoginServlet : doPost : 1111111111"); 
       request.setAttribute("errorMessage", exp.getMessage()); 
       request.setAttribute("userName", userEmailId); 
       request.getRequestDispatcher("changePassword.jsp").forward(request,response); 
      } 

      if (!exp.getMessage().equals(ELMSException.USER_NEED_TO_CHANGE_PASSWORD)) { 
       request.setAttribute("errorMessage", exp.getMessage()); 
       request.getRequestDispatcher("login.jsp").forward(request,response); 
      } 

     } 

    } 
}

来源

2014-10-29 gagan

+0

给出了正确的jsp路径吗? /LoginServlet/list.jsp可能不是正确的路径。 – Santo 2014-10-29 18:54:29

回答

0

过滤器应该跳过登录页,因为它不是一个安全限制,也它将允许您映射所有URL而不会无限循环。

public void doFilter(ServletRequest req, ServletResponse res, 
     FilterChain chain) throws IOException, ServletException { 
    System.out.println("LoginFilter : doFilter : Start"); 
    HttpServletRequest request = (HttpServletRequest) req; 
    HttpServletResponse response = (HttpServletResponse) res; 
    response.setHeader("Pragma", "no-cache"); 
    response.setHeader("Cache-Control", "no-cache"); 
    response.setDateHeader("Expires", 0); 

    System.out.println("LoginFilter : doFilter : 111111"); 


    HttpSession session = request.getSession(false); 

    //bypass the login page and login servlet 

    if (request.getRequestURI().indexof("login.jsp") >= 0 || 
     request.getRequestURI().indexof("/LoginServlet") >= 0){ 
     System.out.println("LoginFilter : bypass the login"); 
     chain.doFilter(request, response); 
    } else { 
     if (session == null || session.getAttribute("user") == null) { 
     System.out.println("LoginFilter : doFilter : 222222"); 
     response.sendRedirect("login.jsp"); 
     //response.sendRedirect(request.getContextPath() + "/login.jsp"); 
     //response.sendRedirect("login.jsp"); 
     //response.sendRedirect("http://localhost:8080/PROJECT_ELMS/login.jsp"); 
     } else { 
     System.out.println("LoginFilter : doFilter : 33333333"); 
     chain.doFilter(request, response); 
     } 
    } 
}

来源

2014-10-29 19:22:10

+0

谢谢。它在服务器启动时负责处理无限循环。问题是当我登录login.jsp时,它直接进入过滤器。我得到你放的痕迹,然后它又回到登录页面。它永远不会去LoginServlet。我的LoginServlet将请求转发给list.jsp,该流程现在不能工作。 – gagan 2014-10-29 19:35:21

+0

用'/ LoginServlet/*'映射一个servlet。 – 2014-10-29 19:52:43

+0

你是指过滤器?我就是这样绘制的。这是我的映射。\t <滤波器映射> \t \t loginFilter \t \t /LoginServlet/* \t gagan 2014-10-29 19:55:04

0

根据Java的Servlet Specification

在Web应用程序部署描述符,下面的语法是用来定义映射 :

•一个字符串以'/'字符开始,以a结尾/ *” 后缀被用于路径映射。

•以'*。'开头的字符串作为扩展名 映射。

•仅包含'/'字符的字符串表示应用程序的“默认” servlet。在这种情况下,servlet路径是 请求URI减去上下文路径,路径信息为空。

•所有其他字符串仅用于精确匹配。

因此,您不能直接映射servlet或过滤器,例如:/LoginServlet/list.jsp。可能的解决办法是把你的文件的List.jsp到单个文件夹一样/LoginServlet/Security/list.jsp 并将其映射:

<url-pattern>/LoginServlet/Security/*</url-pattern>

来源

2014-10-29 18:52:13 njjnex

+0

谢谢。我试过了。我已将所有符合/jsps/*的jsps移动。它仍然不起作用。如果我做/*,它再次工作。但我不希望我的login.jsp成为其中的一部分,因为它变成了无限循环。 – gagan 2014-10-29 19:07:23

相关问题

 相关问题