Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Authorization filter,2 questions...

0 views
Skip to first unread message

gbattine

unread,
Oct 16, 2006, 7:15:45 AM10/16/06
to
Hi guys,
i need your help to solve my question..
i'm developing a jsf application and i've created an authorization
filter...
My filter must checking for each page access if a registered user is
stored in the session,if not redirect to login page. I've a bit
experience on servlet and filter and i've solved this question with
this filter.


import java.io.IOException;
import javax.servlet.*;
import javax.servlet.http.*;

public class AuthorizationFilter implements Filter {
/**
* @uml.property name="config"
* @uml.associationEnd
*/
FilterConfig config = null;

/**
* @uml.property name="servletContext"
* @uml.associationEnd
*/
ServletContext servletContext = null;

public AuthorizationFilter() {
}

public void init(FilterConfig filterConfig) throws ServletException {
config = filterConfig;
servletContext = config.getServletContext();
}

public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
Utils.log(servletContext, "Inside the filter");

HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
HttpSession session = httpRequest.getSession();

String requestPath = httpRequest.getPathInfo();
Visit visit = (Visit) session.getAttribute("visit");

if (visit == null) {
System.out.println("Visit Nullo");
session.setAttribute("originalTreeId", httpRequest
.getPathInfo());
Utils.log(servletContext, "redirecting to "
+ httpRequest.getContextPath() + "/faces/Login.jsp");
httpResponse.sendRedirect(httpRequest.getContextPath()
+ "/index.jsp");
}

else {

chain.doFilter(request, response);
}

Utils.log(servletContext, "Exiting the filter");
}

public void destroy() {
}
}


in my authentication bean,after user has logged in i've

loggedIn=true;

User newUser = new User(loginName, password,teamName, role);
Visit visit = new Visit();
visit.setUser(newUser);
visit.setAuthenticationBean(this);
visit.setLoggedIn(loggedIn);
setVisit(visit);
getApplication().createValueBinding("#{sessionScope.visit}").setValue(facesContext,visit);

to store values into visit object.


and this is my logout function

FacesContext facesContext = getFacesContext();
Utils.log(facesContext, "Executing AuthenticationBean.logout()");

HttpSession session = (HttpSession) facesContext.getExternalContext()
.getSession(false);
session.removeAttribute("sessionScope.visit");

if (session != null) {
session.invalidate();
}

My 2 questions are:

1) how can i redirect to login page a user that tries to log in with
the same data of a user stored in the session?
2) how can i handling browser closing?I need a listener?
Please help me,i'm trying to learn about it and i need your help.
Thanks

Manish Pandit

unread,
Oct 16, 2006, 12:07:22 PM10/16/06
to
Hi,

> 1) how can i redirect to login page a user that tries to log in with
> the same data of a user stored in the session?

Did not quite understand this - what do you mean when you say that a
user tries to log in with same data as user stored in the session?

> 2) how can i handling browser closing?I need a listener?

No. There is no server side callback to listen to a browser close. You
can do some javascript trick (like onunload, which works in IE) to fire
something on the server side - but out of the box, there is no
communication between the browser and the server for window events
(like maximise, minimise, resize, close..).

-cheers,
Manish

0 new messages