Cannot find FacesContext when redirect from inside SecurityFilter.doFilter
I am attempting to implement JAAS security into my web application created using Studio Creator 2 Update 1 and am running into a conflict between my Security filter and the FacesContext.
I've followed the steps in the JAASAuthentication sample and technical articles from the Studio Creator site. I am using the Sun App Server 8 that came bundled with Creator 2U1.
When I debug my application the filter kicks in properly and the doFilter method executes, but when the app tries to redirect to "login.jsp" I get the "Cannot find Faces Context" error.
How do I have my filter work in such a way that it does not interrupt the FacesContext?
My web.xml entries are as follows (created using the Creator GUI, so should be in correct order):
<filter>
<description>Handles redirection to login.jsp</description>
<filter-name>SecurityFilter</filter-name>
<filter-class>cdmweb.security.SecurityFilter</filter-class>
</filter>
...
<filter-mapping>
<filter-name>SecurityFilter</filter-name>
<url-pattern>/faces/*</url-pattern>
</filter-mapping>
(Note: when I set my url-pattern to "/faces/*.jsp" the filter does not kick in when the app starts up index.jsp.)
My doFilter method is as follows (standard based on the jaasauthentication sample):
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws java.io.IOException, ServletException{
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse res = (HttpServletResponse)response;
HttpSession session = req.getSession();
String requestedPage = req.getPathTranslated();
String user=null;
//We dont want to filter certain pages which include the Login.jsp/Register.jsp/Help.jsp
if(request.getAttribute(FILTER_APPLIED) == null) {
//check if the page requested is the login page or register page
if((!requestedPage.endsWith("Login.jsp")) && (!requestedPage.endsWith("Register.jsp")) && (!requestedPage.endsWith("Help.jsp"))){
//Requested page is not login.jsp or register.jsp therefore check for user logged in..
//set the FILTER_APPLIED attribute to true
request.setAttribute(FILTER_APPLIED, Boolean.TRUE);
//Check that the session bean is not null and get the session bean property username.
if(((cdmweb.SessionBean1)session.getAttribute("SessionBean1"))!=null) {
user = ((cdmweb.SessionBean1)session.getAttribute("SessionBean1")).getUserId();
}
if((user==null)||(user.equals(""))) {
res.sendRedirect("login.jsp");
return;
}
}
}
//deliver request to next filter
chain.doFilter(request, response);
}
Thanks, Rebecca
[2895 byte] By [
Rebecca_H] at [2007-11-26 8:55:18]
# 4
{Had to switch to using "System.err.println(ex)" to capture the exception in the filter class}.
I am posting 2 exceptions - 1st is from the app server used by Creator when I debug the application; 2nd is from my stand-alone instance of Sun App Server 8.2 that I have deployed my application to.
Exception occurs right after statement FacesContext.getCurrentInstance().getExternalContext().redirect("faces/login .jsp"); is executed.
Exception caught when debugging in Creator
[#|2006-08-02T16:23:05.937-0400|WARNING|sun-appserver-pe8.2|javax.enterprise.sy stem.stream.err|_ThreadID=22;|java.lang.NullPointerException
at cdmweb.security.SecurityFilter.doFilter(SecurityFilter.java:95)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFil terChain.java:210)
at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterCha in.java:55)
at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.ja va:161)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain .java:157)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java: 263)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextVal ve.java:225)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java: 173)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:13 2)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:933)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:189)
at com.sun.enterprise.web.connector.grizzly.ProcessorTask.doProcess(ProcessorTask. java:604)
at com.sun.enterprise.web.connector.grizzly.ProcessorTask.process(ProcessorTask.ja va:475)
at com.sun.enterprise.web.connector.grizzly.ReadTask.executeProcessorTask(ReadTask .java:371)
at com.sun.enterprise.web.connector.grizzly.ReadTask.doTask(ReadTask.java:264)
at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:281)
at com.sun.enterprise.web.connector.grizzly.WorkerThread.run(WorkerThread.java:83)
|#]
Exception caught when debugging deployed app on stand-alone Sun App Server 8.2
DetailsTimestamp: Aug 2, 2006 16:33:41.000
Log Level: WARNING
Logger: javax.enterprise.system.stream.err
Name-Value Pairs: _ThreadID=13;
Record Number: 1186
Message ID: java.lang.NullPointerException at cdmweb.security.SecurityFilter.doFilter(SecurityFilter.java
Complete Message
95)at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFil terChain.java:210)at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterCha in.java:55)at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.ja va:161)at java.security.AccessController.doPrivileged(Native Method)at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain .java:157)at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java: 263)at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextVal ve.java:225)at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java: 173)at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:13 2)at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:933)at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:189)at com.sun.enterprise.web.connector.grizzly.ProcessorTask.doProcess(ProcessorTask. java:604)at com.sun.enterprise.web.connector.grizzly.ProcessorTask.process(ProcessorTask.ja va:475)at com.sun.enterprise.web.connector.grizzly.ReadTask.executeProcessorTask(ReadTask .java:371)at com.sun.enterprise.web.connector.grizzly.ReadTask.doTask(ReadTask.java:264)at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:281)at com.sun.enterprise.web.connector.grizzly.WorkerThread.run(WorkerThread.java:83)
Diagnostic Causes
Diagnostic Checks
