我遇到了这个问题,我不确定这是否是“预期的”行为,但这是我的问题:
我有一个Http过滤器:
@WebFilter(filterName = "VerificationFilter", urlPatterns = {"/activation/*"})
public class VerificationFilter implements Filter {
private static final Logger logger = LoggerFactory.getLogger(VerificationFilter.class);
private static final String ACTIVATION_CODE_PARAM_KEY = "vc";
@Inject
private UserInfo userInfo;
@Inject
private ActivationInfo activationInfo;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
logger.debug("************VerificatoniFilter initializing*************");
}
/**
* This filter filters requests by path - anything in the /activate/ namespace will
* be filtered to first determine if the user has already passed through this filter once.
* If the user has been "filtered" and the validation code was deemed to be valid, navigation will
* be permitted to pass through. If not, then they will be redirected to an error page
*
* If the user has not yet been filtered, (determined by the presence of details available in the user's
* current session), then the filter will check the validation code for validity and/or allow or reject
* access.
*
*/
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
if (!activationInfoPopulated()) {
String activationCode = request.getParameter(ACTIVATION_CODE_PARAM_KEY);
if (StringUtils.isEmpty(activationCode)) {
throwActivationInvalid();
} else {
try {
ActivationService aService = new ActivationService();
ClPersonInfo info = aService.findActivationCodeUser(activationCode);
if (info == null) {
throwActivationInvalid();
}
userInfo.setClPersonInfo(info);
setActivationInfoPopulated();
setActivationValid();
} catch (ServiceUnavailableException sue) {
throw new IamwebApplicationException(sue.getMessage());
}
}
} else {
// if the validationCode is not valid, send the user directly to error page. Else, continue...
if (!activationInfo.getValidationCodeIsValid()) {
throw new ActivationCodeInvalidException();
}
}
// if all is good, continue along the chain
chain.doFilter(request, response);
}
private boolean activationInfoPopulated() {
return (activationInfo.getValidationCodeChecked());
}
private void setActivationInfoPopulated() {
activationInfo.setValidationCodeChecked(Boolean.TRUE);
}
private void setActivationValid() {
activationInfo.setValidationCodeIsValid(Boolean.TRUE);
}
private void setActivationInvalid() {
activationInfo.setValidationCodeIsValid(Boolean.FALSE);
}
private void throwActivationInvalid() throws ActivationCodeInvalidException {
setActivationInfoPopulated();
setActivationInvalid();
throw new ActivationCodeInvalidException();
}
@Override
public void destroy() {
// TODO Auto-generated method stub
}
/**
* @return the activationInfo
*/
public ActivationInfo getActivationInfo() {
return activationInfo;
}
/**
* @param activationInfo the activationInfo to set
*/
public void setActivationInfo(ActivationInfo activationInfo) {
this.activationInfo = activationInfo;
}
/**
* @return the userInfo
*/
public UserInfo getUserInfo() {
return userInfo;
}
/**
* @param userInfo the userInfo to set
*/
public void setUserInfo(UserInfo userInfo) {
this.userInfo = userInfo;
}
}
和UserInfo和ActivationInfo都为@SessionScoped,如下所示:
@Named("activationInfo")
@SessionScoped
public class ActivationInfo implements Serializable {
private static final Logger logger = LoggerFactory.getLogger(ActivationInfo.class);
private static final long serialVersionUID = -6864025809061343463L;
private Boolean validationCodeChecked = Boolean.FALSE;
private Boolean validationCodeIsValid = Boolean.FALSE;
private String validationCode;
@PostConstruct
public void init() {
FacesContext context = FacesContext.getCurrentInstance();
HttpSession session = (HttpSession) context.getExternalContext().getSession(true);
logger.debug("ActivationInfo being constructed for sessionId: " + (session == null ? " no session found " : session.getId()));
}
和
@Named("userInfo")
@SessionScoped
public class UserInfo implements Serializable {
private static final Logger logger = LoggerFactory.getLogger(UserInfo.class);
private static final long serialVersionUID = -2137005372571322818L;
private ClPersonInfo clPersonInfo;
private String password;
/**
* @return the clPersonInfo
*/
public ClPersonInfo getClPersonInfo() {
return clPersonInfo;
}
@PostConstruct
public void init() {
FacesContext context = FacesContext.getCurrentInstance();
HttpSession session = (HttpSession) context.getExternalContext().getSession(true);
logger.debug("UserInfo being constructed for sessionId: " + (session == null ? " no session found" : session.getId()));
}
当我尝试访问一个调用过滤器的页面时,在控制台上看到以下内容:
2014-02-20 21:32:22 DEBUG UserInfo:35 - UserInfo being constructed for sessionId: no session found
2014-02-20 21:32:22 DEBUG ActivationInfo:27 - ActivationInfo being constructed for sessionId: no session found
2014-02-20 21:32:22 DEBUG VerificationFilter:38 - ************VerificatoniFilter initializing*************
而且,如果我使用其他浏览器并输入“错误的”验证码,则永远不会重新注入UserInfo / ActivationInfo。 IE,具有不同的会话,我看不到新的UserInfo / ActivationInfo。
我的问题是:
1.构建UserInfo / ActivationInfo时为什么找不到会话(请参阅日志消息)
2.如何实现此功能,以便以后可以将UserInfo和ActivationInfo注入我的其他CDI bean中,以便它们具有我需要的user / activationInfo?当前,由于这个问题,我直接在VerificationFilter中的用户会话上设置activationInfo,但是当我将其注入CDI bean时,将注入DIFFERENT UserInfo和DIFFERENT ActivationInfo。
我将Tomcat 7与JEE 6,WELD一起使用。
提前致谢!
最佳答案
如果您使用的是Tomcat 7,则您没有完整的Java EE 6容器,因此默认情况下JSF和CDI不可用,并且不清楚如何设置它们。
实际上,我希望context.getExternalContext()在您的会话作用域的bean中抛出一个NullPointerException,因为当过滤器调用bean方法时没有FacesContext。
在FacesServlet有机会设置FacesContext之前调用过滤器。
因此,您的问题似乎是基于不清楚和/或错误的假设。