• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Odd problem with RichFaces and Servlet Filter

 
Ranch Hand
Posts: 327
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have noticed that may filter which is supposed to stop people accessing pages without a valid login is breaking skinning; but only on the login page. FireFox is reportingI am also seeing this exception in the server logsAfter login, it all seems to be OK. I am completely stumped as to what is wrong. My filter isn't very clever it's basically "If you did not request the login page and you do not appear to have a login - back to the login page you go"
Anyone any ideas?
 
Jason Irwin
Ranch Hand
Posts: 327
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Stepping through the code, it looks like the filter is picking up a lot of other requests (a4j stuff) and redirecting them to login.jsf as well; which would explain my problem I guess.

So how do I modify the filter so that is only fires for URIs the user has entered into their browser and not everything else? If someone going to "/application/x.jsf" without having a proper login, I want to force them back to "/application/login.jsf". I could change the initial "if" test tobut that does not feel right to me somehow.
 
Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
One way of not filtering the a4j requests could be to place your custom filter entry above the richfaces filter entry in your web.xml.
 
Jason Irwin
Ranch Hand
Posts: 327
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Kavita, but it was already before the RichFaces filter. I tried moving to after just to see, but that had no effect either. The section from my web.xml looks like this Just a shame that there is no "<exclude-pattern/>", that would be perfect! When I decided to use a filter to stop people directly accessing pages without a login, I didn't consider that a4j would be making subsequent requests. Listing every page apart from login is ugly and brittle, but would work I guess.
Or I need to find another way to stop people accessing pages when they shouldn't.
 
Greenhorn
Posts: 28
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Jason,

I am working on an application and where i exactly face the same issue as yours. We are getting some Syntax error javascript dialog whenever we reach our login page and the other pages are working fine. The below given is the code snippets for our application.
web.xml

TimeoutFilter.java


sessionTimeout.jsp

login.jsp

We have recently upgraded to JSF 1.2 and from that onwards we are getting this error.
We are using JBoss EAP 4.3/RichFaces 3.3.1/JDK 1.5/Spring/Hibernate

kindly let me know, how you solved your issue - also help us out from this issue.

Thanks
Saikiran
 
Jason Irwin
Ranch Hand
Posts: 327
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I fixed in what is rathr an ugly way IMHO. I just check to see what was being requested.

I am no expert with Faces, there's probably a much more elegant way to do it. For session timeout etc, I just used a HttpSessionListener.
 
Saikiran Madhavan
Greenhorn
Posts: 28
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Jason,

Thanks for your reply. We too have solved the issue of us.
reply
    Bookmark Topic Watch Topic
  • New Topic