droideparanoico/myhealth
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Filtro para peticiones AJAX y detección de sesión expirada.

Browse Source
This commit is contained in:
Marcos Garcia Nuñez
2019-12-20 00:04:17 +01:00
parent 318680d5c0
commit 66a00616e5
1 changed files with 23 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
1.sources/MyHealth/src/managedbean/common/AuthorizationFilter.java
View File

@@ -4,7 +4,6 @@ package managedbean.common;
import java.io.IOException; import java.io.IOException;
import javax.faces.application.FacesMessage; import javax.faces.application.FacesMessage;
import javax.faces.application.ViewExpiredException;
import javax.servlet.Filter; import javax.servlet.Filter;
import javax.servlet.FilterChain; import javax.servlet.FilterChain;
import javax.servlet.FilterConfig; import javax.servlet.FilterConfig;
@@ -29,14 +28,25 @@ public class AuthorizationFilter implements Filter {
} }
private boolean isAJAXRequest(HttpServletRequest request) {
boolean check = false;
String facesRequest = request.getHeader("Faces-Request");
if (facesRequest != null && facesRequest.equals("partial/ajax")) {
check = true;
}
return check;
}
@Override @Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = null;
HttpServletResponse resp = null;
try { try {
HttpServletRequest req = (HttpServletRequest) request; req = (HttpServletRequest) request;
String reqURI = req.getRequestURI(); String reqURI = req.getRequestURI();
HttpServletResponse resp = (HttpServletResponse) response; resp = (HttpServletResponse) response;
HttpSession ses = req.getSession(false); HttpSession ses = req.getSession(false);
// Para recursos publicos permitimos el acceso exista sesión o no. // Para recursos publicos permitimos el acceso exista sesión o no.
@@ -46,15 +56,15 @@ public class AuthorizationFilter implements Filter {
return; return;
} }
// Sesión expirada if (this.isAJAXRequest(req) == true) {
if (req.isRequestedSessionIdValid() == false && req.getRequestedSessionId() != null) {
chain.doFilter(request, response); chain.doFilter(request, response);
return; return;
//throw new ViewExpiredException("Session expired!", "error"); }
//resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
//SessionUtils.addMessage(ses, FacesMessage.SEVERITY_ERROR, "Su sesión ha caducado", "Su sesión ha caducado, por favor inicie sesión de nuevo."); // Sesión expirada
//resp.sendRedirect(req.getContextPath() + "/error.xhtml?type=expired"); if (req.isRequestedSessionIdValid() == false && req.getRequestedSessionId() != null) {
//return; resp.sendRedirect(req.getContextPath() + "/error.xhtml?type=expired");
return;
} }
// Si el usuario está logeado comprobamos si está autorizado a ver la página solicitada. // Si el usuario está logeado comprobamos si está autorizado a ver la página solicitada.
@@ -144,14 +154,14 @@ public class AuthorizationFilter implements Filter {
} }
resp.sendRedirect(req.getContextPath() + "/login.xhtml"); resp.sendRedirect(req.getContextPath() + "/home.xhtml");
} catch (Exception e) { } catch (Exception e) {
System.out.println(e.getMessage()); resp.sendRedirect(req.getContextPath() + "/error.xhtml");
} }
} }
@Override @Override
public void destroy() { public void destroy() {
System.out.println("Sessión destruida");
} }
} }