JSF 2.0登錄驗證中的非法狀態異常。爲什麼？

Question

我試圖重定向直接輸入主頁的URL而無需登錄的用戶。

因此，我將此事件附加到主頁。

<f:metadata> 
     <f:event type="preRenderView" listener="#{login_bean.verifyAccessOut}"/> 
</f:metadata> 

內部的login_bean我有這個方法...

public void verifyAccessOut() { 

    ExternalContext context2 = FacesContext.getCurrentInstance().getExternalContext(); 
     if(logstatus==false) 
     try { 
      message="Unauthorized Access: Please Login First"; 
      style="color:red;text-decoration:blink"; 
      context2.redirect("index.xhtml"); 
    } catch (IOException ex) { 
     Logger.getLogger(HomeBean.class.getName()).log(Level.SEVERE, null, ex); 
    } 
} 

它拋出非法狀態異常。像這樣，

WARNING: StandardWrapperValve[Faces Servlet]: PWC1406: Servlet.service() for servlet Faces Servlet threw exception 
java.lang.IllegalStateException 
    at org.apache.catalina.connector.ResponseFacade.sendRedirect(ResponseFacade.java:522) 
    at com.sun.faces.context.ExternalContextImpl.redirect(ExternalContextImpl.java:572) 
    at org.mit.care.LoginBean.verifyAccessIn(LoginBean.java:48) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 
    at java.lang.reflect.Method.invoke(Method.java:597) 
    at com.sun.el.parser.AstValue.invoke(AstValue.java:234) 
    at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:297) 
    at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43) 
    at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:72) 
    at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:98) 
    at com.sun.faces.facelets.tag.jsf.core.DeclarativeSystemEventListener.processEvent(EventHandler.java:118) 
    at javax.faces.component.UIComponent$ComponentSystemEventListenerAdapter.processEvent(UIComponent.java:2345) 
    at javax.faces.event.SystemEvent.processListener(SystemEvent.java:102) 
    at com.sun.faces.application.ApplicationImpl.processListeners(ApplicationImpl.java:1993) 
    at com.sun.faces.application.ApplicationImpl.invokeComponentListenersFor(ApplicationImpl.java:1941) 
    at com.sun.faces.application.ApplicationImpl.publishEvent(ApplicationImpl.java:285) 
    at com.sun.faces.application.ApplicationImpl.publishEvent(ApplicationImpl.java:243) 
    at javax.faces.application.Application.publishEvent(Application.java:1660) 
    at com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:114) 
    at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) 
    at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:139) 
    at javax.faces.webapp.FacesServlet.service(FacesServlet.java:313) 
    at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1523) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215) 
    at org.primefaces.webapp.filter.FileUploadFilter.doFilter(FileUploadFilter.java:79) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215) 
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:277) 
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:188) 
    at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:641) 
    at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:97) 
    at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:85) 
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:185) 
    at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:332) 
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:233) 
    at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:165) 
    at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:791) 
    at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:693) 
    at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:954) 
    at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:170) 
    at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:135) 
    at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:102) 
    at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:88) 
    at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:76) 
    at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:53) 
    at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:57) 
    at com.sun.grizzly.ContextTask.run(ContextTask.java:69) 
    at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:330) 
    at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:309) 
    at java.lang.Thread.run(Thread.java:662) 

爲什麼會發生這種情況？爲什麼不能使用外部上下文重定向到prerender視圖事件中的必要頁面？

請幫我理解這個問題。謝謝....

Answer 1

視圖不是控制請求的正確位置。改變回應可能爲時已晚，因爲視圖本身就是迴應的一部分。終端用戶已經在執行這行代碼時已經獲得了服務器的部分響應。這是一個不歸路。服務器無法取回已發送的響應併發送另一個響應。在之前，您需要完成的任務，並將任何位發送到響應。

對此，您通常使用Filter，它在請求的最初一開始運行。將所有受限制的頁面在某個文件夾中，像/private/*，/secured/*，/app/*或任何和它做了以下工作在doFilter()方法URL模式映射Filter：

if (((HttpServletRequest) request).getSession().getAttribute("user") == null) { 
    ((HttpServletResponse) response).sendRedirect("/home"); 
} else { 
    chain.doFilter(request, response); 
} 

此示例假設登錄用戶作爲會話屬性出現，名稱爲user。它甚至可以是會話範圍的JSF託管bean。