0

以下は私のweb.xmlです

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
    id="WebApp_ID" version="3.0">

    <display-name>Portal</display-name>

    <context-param>
        <param-name>javax.faces.PROJECT_STAGE</param-name>
        <param-value>Development</param-value>
    </context-param>

    <context-param>
        <param-name>primefaces.THEME</param-name>
        <param-value>cupertino</param-value>
    </context-param> 

    <servlet>
        <servlet-name>Faces Servlet</servlet-name>
        <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>

    <welcome-file-list>
        <welcome-file>/faces/index.xhtml</welcome-file>
    </welcome-file-list>

    <!-- Map these files with JSF -->
    <servlet-mapping>
        <servlet-name>Faces Servlet</servlet-name>
        <url-pattern>/faces/*</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
        <servlet-name>Faces Servlet</servlet-name>
        <url-pattern>*.xhtml</url-pattern>
    </servlet-mapping>

    <session-config>
        <session-timeout>
            30
        </session-timeout>
    </session-config>

    <error-page>
        <exception-type>javax.faces.application.ViewExpiredException</exception-type>
        <location>/faces/index.xhtml</location>
    </error-page>

</web-app>

顔-config.xml-

<?xml version="1.0" encoding="UTF-8"?>

<faces-config xmlns="http://java.sun.com/xml/ns/javaee"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-facesconfig_2_0.xsd"
    version="2.0">
    <managed-bean>
        <managed-bean-name>user</managed-bean-name>
        <managed-bean-class>com.ravij.User</managed-bean-class>
        <managed-bean-scope>session</managed-bean-scope>
    </managed-bean>
    <managed-bean>
        <managed-bean-name>menu</managed-bean-name>
        <managed-bean-class>com.ravij.Menu</managed-bean-class>
        <managed-bean-scope>request</managed-bean-scope>
    </managed-bean>
    <managed-bean>
        <managed-bean-name>item</managed-bean-name>
        <managed-bean-class>com.ravij.Item</managed-bean-class>
        <managed-bean-scope>request</managed-bean-scope>
    </managed-bean>

    <navigation-rule>
        <from-view-id>/faces/*</from-view-id>
        <navigation-case>
            <from-outcome>LOGIN_PAGE</from-outcome>
            <to-view-id>/faces/index.xhtml</to-view-id>
        </navigation-case>
    </navigation-rule>
    <navigation-rule>
        <from-view-id>/faces/*</from-view-id>
        <navigation-case>
            <from-outcome>LOGOUT</from-outcome>
            <to-view-id>/faces/index.xhtml?faces-redirect=true</to-view-id>
        </navigation-case>
    </navigation-rule>
    <navigation-rule>
        <from-view-id>/faces/index.xhtml</from-view-id>
        <navigation-case>
            <from-outcome>INVALID_USER</from-outcome>
            <to-view-id>/faces/index.xhtml</to-view-id>
        </navigation-case>
    </navigation-rule>
    <navigation-rule>
        <from-view-id>/faces/index.xhtml</from-view-id>
        <navigation-case>
            <from-outcome>NORMAL_USER</from-outcome>
            <to-view-id>/faces/home.xhtml</to-view-id>
        </navigation-case>
    </navigation-rule>
    <navigation-rule>
        <from-view-id>/faces/index.xhtml</from-view-id>
        <navigation-case>
            <from-outcome>ADMIN_USER</from-outcome>
            <to-view-id>/faces/admin.xhtml</to-view-id>
        </navigation-case>
    </navigation-rule>

    <lifecycle>
        <phase-listener>com.ravij.security.AuthorizationListener</phase-listener>
    </lifecycle>

</faces-config>

Phase listener AuthorizationListener以下です-

package com.ravij.security;

import javax.faces.application.NavigationHandler;
import javax.faces.context.FacesContext;
import javax.faces.event.PhaseEvent;
import javax.faces.event.PhaseId;
import javax.faces.event.PhaseListener;
import javax.servlet.http.HttpSession;

public class AuthorizationListener implements PhaseListener {

    /**
     * 
     */
    private static final long serialVersionUID = 1L;

    @Override
    public void afterPhase(PhaseEvent event) {

        FacesContext facesContext = event.getFacesContext();
        String currentPage = facesContext.getViewRoot().getViewId();

        boolean isLoginPage = (currentPage.lastIndexOf("index.xhtml") > -1);
        HttpSession session = (HttpSession) facesContext.getExternalContext()
                .getSession(false);

        if (session == null) {
            NavigationHandler nh = facesContext.getApplication()
                    .getNavigationHandler();
            nh.handleNavigation(facesContext, null, "LOGIN_PAGE");
        }

        else {
            Object currentUser = session.getAttribute("username");

            if (!isLoginPage && (currentUser == null || currentUser == "")) {
                NavigationHandler nh = facesContext.getApplication()
                        .getNavigationHandler();
                nh.handleNavigation(facesContext, null, "LOGIN_PAGE");
            }
        }
    }

    @Override
    public void beforePhase(PhaseEvent event) {

    }

    @Override
    public PhaseId getPhaseId() {
        return PhaseId.RESTORE_VIEW;
    }
}

ユーザーBeanは以下のとおりです-

package com.ravij;

import java.io.Serializable;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

import javax.faces.application.FacesMessage;
import javax.faces.context.FacesContext;
import javax.faces.event.ActionEvent;

import org.hibernate.Session;
import org.hibernate.SessionFactory;

public class User implements Serializable {

    private static final long serialVersionUID = 1L;

    private String username;
    private String password;
    private String email;
    private String isAdmin;

    public String getEmail() {
        return email;
    }

    public void setEmail(String email) {
        this.email = email;
    }

    public String getIsAdmin() {
        return isAdmin;
    }

    public void setIsAdmin(String isAdmin) {
        this.isAdmin = isAdmin;
    }

    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }

    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }

    public String logout() {
        // FacesMessage msg = new FacesMessage(FacesMessage.SEVERITY_INFO,
        // "Thank you", "You are successfully Logged out!");
        // FacesContext.getCurrentInstance().addMessage(null, msg);
        // index.xhtml?faces-redirect=true
        FacesContext.getCurrentInstance().getExternalContext()
                .invalidateSession();
        return "LOGOUT";
    }

    private void resetAllFields() {
        setEmail("");
        setIsAdmin("");
        setPassword("");
        setUsername("");
    }

    public String login() {
    //userFromDB is fetched from DB. Hibernate is taking care of that.
        if (username != null && password != null && userFromDB != null
                && username.equals(userFromDB.getUsername())
                && hash.equals(userFromDB.getPassword())) {

            resetAllFields();

            FacesContext.getCurrentInstance().getExternalContext()
                    .getSessionMap().put("username", username);

            if (userFromDB.getIsAdmin().equals("true")) {
                return "ADMIN_USER";
            }
            return "NORMAL_USER";
        }

        FacesMessage msg = new FacesMessage(FacesMessage.SEVERITY_WARN,
                "Login Error", "Invalid credentials");
        FacesContext.getCurrentInstance().addMessage(null, msg);

        return "INVALID_USER";
    }

}
4

1 に答える 1

1

交換してみてください:

<navigation-rule>
    <from-view-id>/faces/index.xhtml</from-view-id>
    <navigation-case>
        <from-outcome>ADMIN_USER</from-outcome>
        <to-view-id>/faces/admin.xhtml</to-view-id>
    </navigation-case>
</navigation-rule>

<navigation-rule>
    <from-view-id>/index.xhtml</from-view-id>
    <navigation-case>
        <from-outcome>ADMIN_USER</from-outcome>
        <to-view-id>/admin.xhtml</to-view-id>
    </navigation-case>
</navigation-rule>

または、行を削除します

<from-view-id>/faces/index.xhtml</from-view-id>
于 2013-03-24T18:25:33.773 に答える