在jsf中使会话无效后,它仍在提供会话值
[英]After invalidate the session in jsf still it is giving session values
问题描述
while logout i did removed session object and invalidated session also as like below 
在注销时,我确实删除了会话对象并使会话无效,如下所示
public String logout() throws IOException {
logger.info("logout() : satarted----- ");
ExternalContext ec = FacesContext.getCurrentInstance().getExternalContext();
ec.getSessionMap().remove("visitorComponent");
System.out.println("*************_->"+ec.getSessionMap().remove("visitorComponent"));
ec.invalidateSession();
ec.redirect(ec.getRequestContextPath() + "/logout.xhtml");
return null;
// return "logout?faces-redirect=true";
}
But still in filter class its giving values, filter class code like below 但是仍然在过滤器类的给定值中,过滤器类代码如下
public class AuthorizationFilter implements Filter {
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpSession session = req.getSession();
HttpServletResponse httpResponse = (HttpServletResponse) response;
httpResponse.setHeader("Cache-Control", "no-cache,no-store,must-revalidate"); // HTTP 1.1
httpResponse.setHeader("Pragma", "no-cache"); // HTTP 1.0
httpResponse.setDateHeader("Expires", 0);
if (session.getAttribute("visitorComponent") != null) {
System.out.println("-sdf>"+((VisitorComponent) session.getAttribute("visitorComponent")).getAdmin());
}
System.out.println("->"+session.getAttribute("visitorComponent"));
System.out.println("=url>"+req.getRequestURI());
System.out.println("=>"+req.getRequestURI().endsWith("login.xhtml"));
if (session.getAttribute("visitorComponent") != null || req.getRequestURI().endsWith("index.xhtml")) {
chain.doFilter(request, httpResponse);
} else {
System.out.println("---in else--");
// HttpServletResponse res = (HttpServletResponse) response;
httpResponse.sendRedirect("index.xhtml");
return;
}
}
Could you please help any one, what I need to do? 您能帮我一个人吗?
2 个解决方案
解决方案1
0 2014-12-05 09:45:28
Finally I found solution but side effects are there. 终于我找到了解决方案,但有副作用。
My solution is, previously I was not kept login object manually because my login class in session scope. 我的解决方案是,以前我没有手动保留登录对象,因为我的登录类在会话范围内。 If i do in this way its not clear the object after invalidate also because while starting application login class instantiated. 如果我以这种方式这样做,则在无效后也不会清除对象,这也是因为在启动应用程序登录类时已实例化。
@ManagedBean(name = "visitorComponent")
@SessionScoped
public class VisitorComponent {
Admin admin = new Admin();
public String login() {
// some code to verify login details
this.admin = adminService.getAdminObject(adminId);
}
Now i did manually by get session object map and put my login object in session map. 现在,我通过获取会话对象映射手动进行了操作,并将登录对象放入会话映射中。
@ManagedBean(name = "visitorComponent")
@SessionScoped
public class VisitorComponent {
Admin admin = new Admin();
public String login() {
// some code to verify login details
this.admin = adminService.getAdminObject(adminId);
// Session object creating to get the session values
ExternalContext externalContext = FacesContext.getCurrentInstance()
.getExternalContext();
Map<String, Object> sessionMap = externalContext.getSessionMap();
sessionMap.put("abcadminBean", this.admin);
}
Now its working fine by invalidate but problem is in my login page i have 现在通过无效它可以正常工作,但是问题出在我的登录页面上
I have doubt in my filterclass, that is like below 我对我的过滤器类有疑问,如下所示
public class AuthorizationFilter implements Filter {
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpSession session = req.getSession();
if (session.getAttribute("abcadminBean") != null || req.getRequestURI().endsWith("index.xhtml")) {
chain.doFilter(request, response);
} else {
FacesContext fc = FacesContext.getCurrentInstance();
if (fc == null) {
// Create new Lifecycle.
LifecycleFactory lifecycleFactory = (LifecycleFactory)
FactoryFinder.getFactory(FactoryFinder.LIFECYCLE_FACTORY);
Lifecycle lifecycle = lifecycleFactory.getLifecycle(LifecycleFactory.DEFAULT_LIFECYCLE);
// Create new FacesContext.
FacesContextFactory contextFactory = (FacesContextFactory)
FactoryFinder.getFactory(FactoryFinder.FACES_CONTEXT_FACTORY);
fc = contextFactory.getFacesContext(
((HttpServletRequest) request).getSession().getServletContext(), request, response, lifecycle);
}
System.out.println("fc->"+fc);
ExternalContext ec = fc.getExternalContext();
ec.redirect(ec.getRequestContextPath() + "/index.xhtml");
// HttpServletResponse res = (HttpServletResponse) response;
// ((HttpServletResponse) response).sendRedirect("index.xhtml");
return;
}
}
Here I am redirecting my page, I thought it is the problem Could you please any one help me, What i need to do for my UI changes ? 在这里,我正在重定向页面,我认为这是问题所在,请任何人帮助我,我需要为UI更改做些什么?
解决方案2
0 已采纳 2014-12-12 08:03:59
Finally I caught solution. 终于我找到了解决方案。 Why because it is not loading all primefaces UI effects is, For every request our filter is checking so in Filter class we have to write condition to allow our CSS and JS file as like below 为什么因为不加载所有primefaces UI效果,为什么,对于每个请求,我们的过滤器都会进行检查,因此在Filter类中,我们必须编写条件以允许我们的CSS和JS文件,如下所示
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpSession session = req.getSession();
if (session.getAttribute("loginDetails") != null
|| session.getAttribute("empLoginDetails") != null
|| req.getRequestURI().endsWith("index.xhtml")
|| req.getRequestURI().endsWith("forgetpass.xhtml")
|| req.getRequestURI().endsWith("empLogin.xhtml")
|| req.getRequestURI().endsWith("logout.xhtml")
|| req.getRequestURI().endsWith("ajax-loader.gif.xhtml")
|| req.getRequestURI().contains(".js")
|| req.getRequestURI().contains(".css")) {
chain.doFilter(request, response);
} else {
FacesContext fc = FacesContext.getCurrentInstance();
if (fc == null) {
// Create new Lifecycle.
LifecycleFactory lifecycleFactory = (LifecycleFactory) FactoryFinder
.getFactory(FactoryFinder.LIFECYCLE_FACTORY);
Lifecycle lifecycle = lifecycleFactory
.getLifecycle(LifecycleFactory.DEFAULT_LIFECYCLE);
// Create new FacesContext.
FacesContextFactory contextFactory = (FacesContextFactory) FactoryFinder
.getFactory(FactoryFinder.FACES_CONTEXT_FACTORY);
fc = contextFactory.getFacesContext(
((HttpServletRequest) request).getSession()
.getServletContext(), request, response,
lifecycle);
}
RequestDispatcher dispatcher = request
.getRequestDispatcher("/index.xhtml");
dispatcher.forward(request, response);
return;
}
Now my application is working fine with filter class 现在我的应用程序在过滤器类上运行良好
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.