logging doFilter nece da radi??!!???

[ miksi @ 15.02.2012. 08:47 ] @

Posto sam pregledala sve na forumu i sve sta se moze naci na netu, jos uvek ne mogu da skuzim zasto mi ne radi flter kod logovanja. Filter za upload radi OK. Evo web.xml-a
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>20</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>faces/index.xhtml</welcome-file>
</welcome-file-list>
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>

<filter>
<filter-name>Authentication</filter-name>
<filter-class>com.corejsf.Authentication</filter-class>
</filter>
<filter-mapping>
<filter-name>Authentication</filter-name>
<url-pattern>/administrator/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>Authentication</filter-name>
<url-pattern>/korisnici/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>

<filter>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<filter-class>org.primefaces.webapp.filter.FileUploadFilter</filter-class>
<init-param>
<param-name>uploadDirectory</param-name>
<param-value>E:\webRecepti\slike</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>

a evo i filtra. Pri cemu se kod svakog logovanja kreira session promenljiva AUTH_KEY, a kod svakog logout-a uklanja sa ses.removeAttribute(AUTH_KEY);

public void doFilter(ServletRequest req, ServletResponse resp,FilterChain chain) throws IOException, ServletException {
Roles rol=null;
HttpServletRequest reqv = (HttpServletRequest) req;
rol=(Roles)reqv.getSession().getAttribute("AUTH_KEY");

if (rol == null)
{
((HttpServletResponse)resp).sendRedirect("loginError.xhtml");
return;
}

chain.doFilter(req, resp);

Problem je sto nakon logout-a ponovo mogu da direktnim URL-om dodjem do stranica korisnika, tj. nikada ne dobijem navedeni "loginError.xhtml". Zahvalila bih za bilo koju sugestiju.

[ FooLControL @ 15.02.2012. 09:10 ] @

Probaj kod logout-a da umesto removeAtribute(String parm) metode pozoves invalidate() metodu.

[ miksi @ 15.02.2012. 09:22 ] @

@FooLControL hvala na brzom odogovoru. Ceo kod za logout je
public String loginOut() {
HttpSession ses = (HttpSession) FacesContext.getCurrentInstance().getExternalContext().getSession(false);
ses.removeAttribute(AUTH_KEY);
ses.invalidate();
name=null;
loggedIn=isLoggedIn(); //boolean promenljiva kojom se upravlja prikazom panela
return "login";

}

Mora da mi je neka glupa logicka greska ili ja ne kapiram kako radi filter...

[ miksi @ 15.02.2012. 10:29 ] @

hmm.... nekad je dobro da se covek glasno zapita pa da i sam nadje odgovor... sors je OK, u web.xml-u treba dopuniti pattern putokaz, barem kod mene, a ostali treba da dobro provere strukturu svoje aplikacije pre nego ovde ispisu relativne adrese :)

<filter-mapping>
<filter-name>Authentication</filter-name>
<url-pattern>/faces/administrator/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>Authentication</filter-name>
<url-pattern>/faces/korisnici/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>

i banalna stvar - zasto nikako da dobijem loginError.xhtml ??? pa zato sto se zove loginError.html. Obracala sam paznju sta vracam u returnima binova, ali ovde nisam :( Naravoucenije, izbegavacu da mesam tipove strana koliko je to god moguce ili ih bar proveravati... Btw, struktura filtra je standardna skoro pa za copy-paste ...