My webapp has a FORM based validation, i can load the login.jsf to type the username and password and then validate the user, after this i got my main page without any problem, but when i try to click in any item on my panelNavigator in my webapp main page i'm being redirected to login.jsf again, what's wrong? All jsf pages are in the same directory. And sometimes i have popup windows that has the same problem.
I attached my web.xml and my filter (used as workaround).
Thanks for any answer,
Rog�rio
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd";>
<web-app >
<context-param>
<param-name>javax.faces.CONFIG_FILES</param-name>
<param-value>
/WEB-INF/faces-config.xml
</param-value>
<description>
Lista de arquivos separados por virgula do arquivos de configuracao do JSF.
(ex. /WEB-INF/my-config.xml)
Veja JSF 1.0 PRD2, 10.3.2
</description>
</context-param>
<context-param>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>server</param-value>
<description>
Modo de salvameno de estado:
"client" ou "server"
Veja a secao 2.5.2 da especificacao do JSF
</description>
</context-param>
<context-param>
<param-name>net.sourceforge.myfaces.ALLOW_JAVASCRIPT</param-name>
<param-value>true</param-value>
<description>
Esse parametro informa ao MyFaces se o codigo javascript e permitido na saida HTML resultante.
Se o codigo javascript e permitido, ancoras command_link terao codigo javascript que submeterao
para o formulario respectivo.
Se o javascript nao for permitido, as informacoes de salvamento de estado e parametros aninhados
serao adicionados a url como parametros.
Padrao: "true"
</description>
</context-param>
<context-param>
<param-name>net.sourceforge.myfaces.DETECT_JAVASCRIPT</param-name>
<param-value>false</param-value>
<description>
Esse parametro informa ao MyFaces se o codigo javascript e permitido na saida HTML resultante.
Se o codigo javascript e permitido, ancoras command_link terao codigo javascript que submeterao
para o formulario respectivo.
Se o javascript nao for permitido, as informacoes de salvamento de estado e parametros aninhados
serao adicionados a url como parametros.
Padrao: "true"
Ajustando este parametro para true voce podera combina-lo com STATE_SAVING_METHOD "server" para melhores
resultados.
Este e um recurso experimental. Voce tambem tera que habilitar o detector filter/filter no mapeamento
abaixo para fazer a deteccao de JavaScript funcionar.
</description>
</context-param>
<context-param>
<param-name>net.sourceforge.myfaces.PRETTY_HTML</param-name>
<param-value>true</param-value>
<description>
Se true, o codigo HTML resultante sera formatado, isso quer dizer "humanamente legivel".
ex. Sepadores de linha adicionais e espacos em branco serao escritos, o que nao influencia
o codigo HTML.
Padrao: "true"
</description>
</context-param>
<filter>
<filter-name>extensionsFilter</filter-name>
<filter-class>org.apache.myfaces.component.html.util.ExtensionsFilter</filter-class>
<init-param>
<param-name>uploadMaxFileSize</param-name>
<param-value>100m</param-value>
<description>Set the size limit for uploaded files.
Format: 10 - 10 bytes
10k - 10 KB
10m - 10 MB
1g - 1 GB
</description>
</init-param>
<init-param>
<param-name>uploadThresholdSize</param-name>
<param-value>100k</param-value>
<description>Set the threshold size - files
below this limit are stored in memory, files above
this limit are stored on disk.
Format: 10 - 10 bytes
10k - 10 KB
10m - 10 MB
1g - 1 GB
</description>
</init-param>
</filter>
<filter>
<filter-name>nexusFilter</filter-name>
<filter-class>nexus.filters.NexusFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>extensionsFilter</filter-name>
<url-pattern>*.jsf</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>extensionsFilter</filter-name>
<url-pattern>/faces/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>nexusFilter</filter-name>
<url-pattern>*.jsf</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
</filter-mapping>
<listener>
<listener-class>org.apache.myfaces.webapp.StartupServletContextListener</listener-class>
</listener>
<servlet>
<servlet-name>Acoplamentos</servlet-name>
<display-name>Nexus Acoplamentos WebService</display-name>
<servlet-class>nexus.servlets.Acoplamentos</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>Autorizacoes</servlet-name>
<display-name>Nexus Autorizacoes WebService</display-name>
<servlet-class>nexus.servlets.Autorizacoes</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>Firmwares</servlet-name>
<display-name>Nexus Firmwares WebService</display-name>
<servlet-class>nexus.servlets.Firmwares</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsf</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Acoplamentos</servlet-name>
<url-pattern>/Acoplamentos</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Autorizacoes</servlet-name>
<url-pattern>/Autorizacoes</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Firmwares</servlet-name>
<url-pattern>/Firmwares</url-pattern>
</servlet-mapping>
<!--
To specify mime mappings, create a file named mime-mappings.xml, put it in your project's mergedir.
Organize mime-mappings.xml following this DTD slice:
<!ELEMENT mime-mapping (extension, mime-type)>
-->
<welcome-file-list>
<welcome-file>/index.jsp</welcome-file>
</welcome-file-list>
<error-page>
<error-code>404</error-code>
<location>/erro.jsp</location>
</error-page>
<!--
To add taglibs by xml, create a file called taglibs.xml and place it
in your merge dir.
-->
<security-constraint>
<web-resource-collection>
<web-resource-name>Restricted</web-resource-name>
<description>Declarative security tests</description>
<url-pattern>*.jsf</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>administrador</role-name>
<role-name>contribuinte</role-name>
<role-name>homologador</role-name>
<role-name>fabricante</role-name>
<role-name>varredor</role-name>
</auth-constraint>
<user-data-constraint>
<description>no description</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>NexusAcesso</realm-name>
<form-login-config>
<form-login-page>/login.jsf</form-login-page>
<form-error-page>/erro-login.jsf</form-error-page>
</form-login-config>
</login-config>
</web-app>
package nexus.filters;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.jboss.security.SimplePrincipal;
import org.jboss.security.auth.callback.SecurityAssociationHandler;
/**
* @author rogerio
*
* Filtro utilizado na applica��o,
*
*/
public class NexusFilter implements Filter
{
public void init(FilterConfig conf) throws ServletException
{
}
public void destroy()
{
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
{
try
{
// executa a servlet
login((HttpServletRequest)request);
chain.doFilter(request, response);
logout((HttpServletRequest)request);
}
catch(Exception erro)
{
System.err.println("Nexus eAIDF (doFilter): " + erro.getMessage());
}
}
public static void login(HttpServletRequest request)
{
try
{
String usuario = (String) request.getSession().getAttribute("usuario");
String senha = (String) request.getSession().getAttribute("senha");
if(usuario == null && senha == null)
return;
SecurityAssociationHandler handler = new SecurityAssociationHandler();
SimplePrincipal user = new SimplePrincipal(usuario);
handler.setSecurityInfo(user, senha.toCharArray());
LoginContext loginContext = new LoginContext("NexusAcesso", (CallbackHandler) handler);
loginContext.login();
request.setAttribute("login-context", loginContext);
}
catch(Exception erro)
{
System.err.println("Nexus eAIDF (login): " + erro.getMessage());
}
}
public static void logout(HttpServletRequest request)
{
try
{
LoginContext loginContext = (LoginContext) request.getAttribute("login-context");
if(loginContext == null)
return;
loginContext.login();
}
catch(Exception erro)
{
System.err.println("Nexus eAIDF (logout): " + erro.getMessage());
}
}
}
