6 Replies Latest reply on Nov 24, 2006 2:47 PM by 807575

    Cannot find FacesContext when redirect from inside SecurityFilter.doFilter

    807575
      I am attempting to implement JAAS security into my web application created using Studio Creator 2 Update 1 and am running into a conflict between my Security filter and the FacesContext.

      I've followed the steps in the JAASAuthentication sample and technical articles from the Studio Creator site. I am using the Sun App Server 8 that came bundled with Creator 2U1.

      When I debug my application the filter kicks in properly and the doFilter method executes, but when the app tries to redirect to "login.jsp" I get the "Cannot find Faces Context" error.

      How do I have my filter work in such a way that it does not interrupt the FacesContext?

      My web.xml entries are as follows (created using the Creator GUI, so should be in correct order):
      <filter>
      <description>Handles redirection to login.jsp</description>
      <filter-name>SecurityFilter</filter-name>
      <filter-class>cdmweb.security.SecurityFilter</filter-class>
      </filter>
      ...
      <filter-mapping>
      <filter-name>SecurityFilter</filter-name>
      <url-pattern>/faces/*</url-pattern>
      </filter-mapping>

      (Note: when I set my url-pattern to "/faces/*.jsp" the filter does not kick in when the app starts up index.jsp.)

      My doFilter method is as follows (standard based on the jaasauthentication sample):
      public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws java.io.IOException, ServletException{

      HttpServletRequest req = (HttpServletRequest)request;
      HttpServletResponse res = (HttpServletResponse)response;
      HttpSession session = req.getSession();

      String requestedPage = req.getPathTranslated();
      String user=null;

      //We dont want to filter certain pages which include the Login.jsp/Register.jsp/Help.jsp

      if(request.getAttribute(FILTER_APPLIED) == null) {

      //check if the page requested is the login page or register page
      if((!requestedPage.endsWith("Login.jsp")) && (!requestedPage.endsWith("Register.jsp")) && (!requestedPage.endsWith("Help.jsp"))){
      //Requested page is not login.jsp or register.jsp therefore check for user logged in..
      //set the FILTER_APPLIED attribute to true
      request.setAttribute(FILTER_APPLIED, Boolean.TRUE);
      //Check that the session bean is not null and get the session bean property username.
      if(((cdmweb.SessionBean1)session.getAttribute("SessionBean1"))!=null) {
      user = ((cdmweb.SessionBean1)session.getAttribute("SessionBean1")).getUserId();
      }

      if((user==null)||(user.equals(""))) {
      res.sendRedirect("login.jsp");
      return;
      }
      }
      }

      //deliver request to next filter
      chain.doFilter(request, response);

      }

      Thanks, Rebecca
        • 1. Re: Cannot find FacesContext when redirect from inside SecurityFilter.doFil
          807575
          Try this for the redirect instead of the res.sendDirect.
                  try {
                      FacesContext.getCurrentInstance().getExternalContext().redirect("faces/Page2.jsp");
                  } catch (Exception ex) {
                      log("Error Description", ex);
                  }
          I found this thread in the JSF forum helpful ( http://forum.java.sun.com/thread.jspa?threadID=402993&messageID=1761908).

          Cheers!
          -David
          • 2. Re: Cannot find FacesContext when redirect from inside SecurityFilter.doFil
            807575
            Thanks for the suggestion, but when FacesContext.getCurrentInstance().getExternalContext().redirect("faces/login.jsp"); executes an exception is thrown.

            The exception does not have a detailed message, but cause is #94.

            I have tested this on two separate machines - my existing development laptop and my new-today development laptop.

            The exception occurs when deploying to the server that ships with Studio Creator 2 Update 1 with all updates applied.
            • 3. Re: Cannot find FacesContext when redirect from inside SecurityFilter.doFil
              807575
              Is there an exception in your creator_install_dir/Sunappserver8/domains/creator/logs/server.log file?

              Thanks!
              -David
              • 4. Re: Cannot find FacesContext when redirect from inside SecurityFilter.doFil
                807575
                {Had to switch to using "System.err.println(ex)" to capture the exception in the filter class}.

                I am posting 2 exceptions - 1st is from the app server used by Creator when I debug the application; 2nd is from my stand-alone instance of Sun App Server 8.2 that I have deployed my application to.

                Exception occurs right after statement FacesContext.getCurrentInstance().getExternalContext().redirect("faces/login.jsp"); is executed.

                Exception caught when debugging in Creator
                [#|2006-08-02T16:23:05.937-0400|WARNING|sun-appserver-pe8.2|javax.enterprise.system.stream.err|_ThreadID=22;|java.lang.NullPointerException
                     at cdmweb.security.SecurityFilter.doFilter(SecurityFilter.java:95)
                     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:210)
                     at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:55)
                     at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:161)
                     at java.security.AccessController.doPrivileged(Native Method)
                     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
                     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:263)
                     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
                     at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:225)
                     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:173)
                     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
                     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
                     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
                     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:132)
                     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
                     at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:933)
                     at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:189)
                     at com.sun.enterprise.web.connector.grizzly.ProcessorTask.doProcess(ProcessorTask.java:604)
                     at com.sun.enterprise.web.connector.grizzly.ProcessorTask.process(ProcessorTask.java:475)
                     at com.sun.enterprise.web.connector.grizzly.ReadTask.executeProcessorTask(ReadTask.java:371)
                     at com.sun.enterprise.web.connector.grizzly.ReadTask.doTask(ReadTask.java:264)
                     at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:281)
                     at com.sun.enterprise.web.connector.grizzly.WorkerThread.run(WorkerThread.java:83)
                |#]

                Exception caught when debugging deployed app on stand-alone Sun App Server 8.2
                DetailsTimestamp: Aug 2, 2006 16:33:41.000
                Log Level: WARNING
                Logger: javax.enterprise.system.stream.err
                Name-Value Pairs: _ThreadID=13;
                Record Number: 1186
                Message ID: java.lang.NullPointerException at cdmweb.security.SecurityFilter.doFilter(SecurityFilter.java
                Complete Message
                95)     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:210)     at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:55)     at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:161)     at java.security.AccessController.doPrivileged(Native Method)     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:263)     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)     at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:225)     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:173)     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:132)     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)     at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:933)     at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:189)     at com.sun.enterprise.web.connector.grizzly.ProcessorTask.doProcess(ProcessorTask.java:604)     at com.sun.enterprise.web.connector.grizzly.ProcessorTask.process(ProcessorTask.java:475)     at com.sun.enterprise.web.connector.grizzly.ReadTask.executeProcessorTask(ReadTask.java:371)     at com.sun.enterprise.web.connector.grizzly.ReadTask.doTask(ReadTask.java:264)     at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:281)     at com.sun.enterprise.web.connector.grizzly.WorkerThread.run(WorkerThread.java:83)

                Diagnostic Causes


                Diagnostic Checks
                • 5. Re: Cannot find FacesContext when redirect from inside SecurityFilter.doFil
                  807575
                  Please try changing this:
                   res.sendRedirect("login.jsp");
                  to this:
                   res.sendRedirect("faces/login.jsp");
                  Hope this helps.
                  • 6. Re: Cannot find FacesContext when redirect from inside SecurityFilter.doFil
                    807575
                    In fact it might be better to use "../faces/login.jsp" because the navigation also works when pages are in subdirectories then.