为了获得EAR部署,我们需要升级一个老的Web应用程序以使其在GlassFish 3而不是Tomcat下运行(选择了Glassfish,因为它是引用JEE 6的实现)。
不幸的是,很快就发现确保用户登录的机制无法正常工作,并且提示说getWriter()已经被调用(很可能是正确的),我无法弄清楚原因。
方法是在完整的JSP文件集上设置过滤器,以检查用户是否登录,如果没有,则使用filterChain.doFilter(servletRequest, servletResponse);
重定向到登录页面。用户状态(包括凭据)存储在 session 作用域中的所谓 Controller 对象中,该对象由登录验证Java代码设置。
来自Glassfish的堆栈跟踪:
java.lang.IllegalStateException: PWC3990: getWriter() has already been called for this response
at org.apache.catalina.connector.Response.getOutputStream(Response.java:676)
at org.apache.catalina.connector.ResponseFacade.getOutputStream(ResponseFacade.java:205)
at org.apache.myfaces.webapp.filter.ExtensionsFilter.doFilter(ExtensionsFilter.java:176)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
at com.XXX.LoggedInToXXXFilter.doFilter(LoggedInToXXXFilter.java:61)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:277)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:188)
....
web.xml代码段
<?xml version="1.0"?>
<web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<description>
XXX provides a web interface for a given user.
</description>
<display-name>
XXX
</display-name>
<context-param>
<param-name>javax.faces.CONFIG_FILES</param-name>
<param-value>/WEB-INF/online-faces-config.xml</param-value>
</context-param>
<context-param>
<param-name>org.apache.myfaces.ALLOW_JAVASCRIPT</param-name>
<param-value>true</param-value>
</context-param>
<listener>
<listener-class>
org.apache.myfaces.webapp.StartupServletContextListener
</listener-class>
</listener>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>
javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsf</url-pattern>
</servlet-mapping>
<session-config>
<!-- idle time in minutes before user is automatically logged out by the container -->
<session-timeout>30</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<filter>
<filter-name>MyFacesExtensionsFilter</filter-name>
<filter-class>
org.apache.myfaces.webapp.filter.ExtensionsFilter
</filter-class>
<init-param>
<param-name>maxFileSize</param-name>
<param-value>1m</param-value>
<!-- description>Set the size limit for uploaded files.
Format: 10 - 10 bytes
10k - 10 KB
10m - 10 MB
1g - 1 GB
</description-->
</init-param>
</filter>
<!-- extension mapping for adding <script/>, <link/>, and other resource tags to JSF-pages -->
<filter-mapping>
<filter-name>MyFacesExtensionsFilter</filter-name>
<!-- servlet-name must match the name of your javax.faces.webapp.FacesServlet entry -->
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>
<!-- extension mapping for serving page-independent resources (javascript, stylesheets, images, etc.) -->
<filter-mapping>
<filter-name>MyFacesExtensionsFilter</filter-name>
<url-pattern>/faces/myFacesExtensionResource/*</url-pattern>
</filter-mapping>
<filter>
<description>Ensure user is logged in</description>
<filter-name>LoggedInToXXXFilter</filter-name>
<filter-class>
com.XXX.servlet.filters.LoggedInToXXXFilter
</filter-class>
<init-param>
<param-name>signon_page</param-name>
<param-value>/login.jsf</param-value>
</init-param>
<init-param>
<param-name>autologout_page</param-name>
<param-value>/autologout.jsp</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>LoggedInToXXXFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- filter>
<filter-name>extensionsFilter</filter-name>
<filter-class>org.apache.myfaces.component.html.util.ExtensionsFilter</filter-class>
<init-param>
<param-name>uploadMaxFileSize</param-name>
<param-value>100m</param-value>
</init-param>
<init-param>
<param-name>uploadThresholdSize</param-name>
<param-value>100k</param-value>
</init-param>
</filter-->
<!-- filter-mapping>
<filter-name>extensionsFilter</filter-name>
<url-pattern>*.jsf</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>extensionsFilter</filter-name>
<url-pattern>/faces/*</url-pattern>
</filter-mapping-->
<!-- error-page>
<exception-type>java.lang.IllegalArgumentException</exception-type>
<location>/WEB-INF/jsp/IllegalArgumentException.jsp</location>
</error-page-->
<error-page>
<exception-type>java.lang.RuntimeException</exception-type>
<location>/WEB-INF/jsp/RuntimeException.jsp</location>
</error-page>
<!-- error-page>
<exception-type>com.transaxiom.axsWHSweb.struts.action.UserIsNotLoggedInException</exception-type>
<location>/WEB-INF/jsp/UserIsNotLoggedInException.jsp</location>
</error-page-->
<error-page>
<exception-type>
com.XXX.struts.action.SecurityViolationException
</exception-type>
<location>/WEB-INF/jsp/SecurityViolationException.jsp</location>
</error-page>
<error-page>
<exception-type>
com.XXX.logic.UncheckedCommunicationException
</exception-type>
<location>/WEB-INF/jsp/CommunicationException.jsp</location>
</error-page>
<error-page>
<exception-type>
com.XXX.logic.ConnectionNotCreatedException
</exception-type>
<location>
/WEB-INF/jsp/ConnectionNotCreatedException.jsp
</location>
</error-page>
<!-- error-page>
<exception-type>com.XXX.logic.UncheckedConnectionNotCreatedException</exception-type>
<location>/WEB-INF/jsp/ConnectionNotCreatedException.jsp</location>
</error-page-->
<!-- filter>
<filter-name>MyFacesExtensionsFilter</filter-name>
<filter-class>org.apache.myfaces.component.html.util.ExtensionsFilter</filter-class>
<init-param>
<param-name>maxFileSize</param-name>
<param-value>20m</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>MyFacesExtensionsFilter</filter-name>
<url-pattern>*.faces</url-pattern>
</filter-mapping-->
</web-app>
从LoggedInToXXXFilter.java过滤代码:
(堆栈跟踪发生在
filterChain.doFilter(servletRequest, servletResponse)
行中。public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse,
final FilterChain filterChain) throws IOException, ServletException {
boolean ok = false;
if (servletRequest instanceof HttpServletRequest) {
HttpServletRequest request = (HttpServletRequest) servletRequest;
String servletPath = request.getServletPath();
if ((servletPath.equals(signOnPage) == true) || servletPath.endsWith(".css") || servletPath.equals(autologoutPage)) {
ok = true;
} else {
Controller controller = Controller.getControllerFromSession(request.getSession(false));
if ((controller != null) && controller.isSignedOn()) {
ok = true;
}
}
if (ok) {
filterChain.doFilter(servletRequest, servletResponse);
} else {
// Hop to the sign on page.
// http://forum.java.sun.com/thread.jspa?threadID=548967&messageID=2676856
ServletContext servletContext = filterConfig.getServletContext();
URL url = new URL(new URL(request.getRequestURL().toString()), (request.getContextPath() + signOnPage));
((HttpServletResponse) servletResponse).sendRedirect(url.toString());
}
} else {
// Only for http requests
filterChain.doFilter(servletRequest, servletResponse);
}
}
可能的原因是我们仍然带来了我们自己的JSF库(带有Tomahawk的MyFaces 1.1.4)吗?
编辑:用完整(但匿名)web.xml更新了问题。请注意,有很多注释掉的东西。我将其保留以免意外删除重要信息
编辑:尝试了sun-web-app配置文件,发现并没有什么不同。有趣的是,登录后,登录页面会引发异常,但我可以手动导航到主页(也是JSF),并看到另外两个功能良好的页面。除了引发异常的登录页面之外,还有三个页面。
我最初的想法是,分离功能将是t-taglib(用于“战斧”),但是经过快速调查后似乎并非如此,因为某些工作页面使用了“战斧”,而有些则没有。
编辑:比较两个jsp页,其中一个失败,另一个未显示任何明显的差异,应引起此。正如已经指出的那样,有报道称Tomahawk 1.1出现了这个错误,我们使用的是1.1.3,我现在已经升级到最新的Apache Myfaces Tomahawk 1.1.9,它似乎已经解决了该问题(没有sun-网络应用)。
最佳答案
我没有完整的解释(即,我不知道getWriter
的调用位置),但这可能是Tomahawk 1.1.3/MyFaces 1.1.4中的错误,如TOMAHAWK-579或MYFACES-1310(具有相同的IllegalStateException
)的Jira问题中所述根据Servlet规范)。请注意,正如您所遇到的那样,此错误似乎与容器有关。
因此,请尝试使用更新版本的Tomahawk/MyFaces(请参阅compatibility matrix),或获取与patch中的修复相对应的r442340并将其应用于Tomahawk的分支1.1.3。后一种选择也许是最简单的选择。至少,这是我会尝试的。