• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

JSF Filter prevent direct access certain page

 
Hoe Chin
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I want the user to access Page2 and Page3 from Page1, and if the user typing the url /page2.jsf or /page3.jsf will redirect they to page1.jsf. These page doesn't required the user to login. I have try out using filter, first time run the Page2 it will redirect me to Page1 but once again i type the url /Page3.jsf it will redirect me to Page3.jsf but i don't want it to happened anyone can help me?
 
Kavita Tipnis
Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If you post a code snippet of your filter, we would be able to understand better
 
Hoe Chin
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, thanks for replied below is my filter class.



Actually this 3 page doesnt required the user to login, but i have bind the value using Managed Bean to get the user details from page1 den process to page2 and so on. At first i run Page2 it will redirect me to Page1 but on Page1 i type the URL /Page2.faces it will link me to Page2.faces,

 
Kavita Tipnis
Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Line 11 of your code


I think this will always create a new HttpSession always because you have passed in the parameter 'true', if you pass in 'false'(which is also the default)
an HttpSession will be created only once when the page is requested and no new sessions will be created and your filter can capture the correct user information.

It would be good if somebody else can also verify this and correct me if I am wrong.


 
Hoe Chin
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hmm if i try to set it to false when i run the page got error

java.lang.NullPointerException
it3119.action.RestrictPageFilter.doFilter(RestrictPageFilter.java:29)

 
Kavita Tipnis
Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ok,

If I understand it right, if your user is not authenticated(logged in ) then you want to redirect him to page 1

So First, check if a user session exists or not
Second, if the user session exists , then check the incoming request, if it is not from page1 then redirect to page1
If user session does not exists , then redirect user to page1


Hope this helps
 
Hoe Chin
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I try run my page, but it loop infinite? And The page actually didnt required the user to login because is the resetpassword page Page one required user enter username and proceed to page 2 enter more details. So, in this case i wish to prevent user typing in url to access page2. So, do i still need to check the session?
 
Kavita Tipnis
Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I think I understood it wrong and the solution will always keep looping!! sorry I was not thinking right
 
Kavita Tipnis
Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Kavita Tipnis wrote:Ok,

If I understand it right, if your user is not authenticated(logged in ) then you want to redirect him to page 1

So First, check if a user session exists or not
Second, if the user session exists , then check the incoming request, if it is not from page1 then redirect to page1
If user session does not exists , then redirect user to page1


Hope this helps


I modified the code assuming you enter the attribute 'user' in the session after the user enters the username on Page1
 
Hoe Chin
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hmmm, sorry but the page still loop infinite.
 
Kavita Tipnis
Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Kavita Tipnis wrote:
Kavita Tipnis wrote:Ok,

If I understand it right, if your user is not authenticated(logged in ) then you want to redirect him to page 1

So First, check if a user session exists or not
Second, if the user session exists , then check the incoming request, if it is not from page1 then redirect to page1
If user session does not exists , then redirect user to page1


Hope this helps


I modified the code assuming you enter the attribute 'user' in the session after the user enters the username on Page1


Just a one line check to see if the "user" attribute is in session, if yes continue to page2 else redirect to page1

Check how your adding the attribute "user" in the session
 
Hoe Chin
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This is my page one


This is my faces-config



This is my web-xml



This is my Filter



I have try alot of way even i try else if only check the session. the page still loop infinite.
 
Kavita Tipnis
Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Can you post your pc_Page1.doButton1Action method
 
Hoe Chin
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator


It actually link to page2

 
Kavita Tipnis
Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hoe chin,

You have to add the "user" to the session in your action method if you want to recover it on Page2

Modify your action method to add the user value to the session attributes.



Let me know if I you already do this at some other point in your code
 
Hoe Chin
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for your helps, I can make it link to Page1 when i run Page2 or Page 3. From Page2 i can get the value of what the user key in in page1. But if i didnt key in anything in Page1 to start the session i try key in the url Page2 it still link me to Page2. Sorry i am beginner. I realised that Even if i nvr key in anything in Page1
The S.O.P. will give me this bean.User@d0d12e
 
Kavita Tipnis
Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ok ,
In your filter Check if an HttpSession exists - If yes , then no problem,
if No then create one



 
Hoe Chin
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks, it wont loop right now. But can i prevent if the user never enter username on page1 the user wont able to reach page two by typing url /page2.faces.
 
Kavita Tipnis
Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
yes you add the 'username' to the session on action of your submit button
and this condition should take care of that
 
Hoe Chin
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Kavita Tipnis really really a big thanks to you !
 
Kavita Tipnis
Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
No Problem.. Does it work now as per your requirements/expectations?
Make a practice to read the API for more information!
 
Hoe Chin
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
yes it works now, really thanks you very much i have tried out this few days already.
 
Hoe Chin
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
-
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic