O filtro de servlet é executado em loop de redirecionamento infinito quando o usuário não está conectado
Eu tenho dois arquivos HTML
login.htmlTest.htmlMinha exigência é que o Usuário não consiga acessar test.html, a menos que ele efetue login com sucesso através do login.html
Este é o meu arquivo login.html
<html>
<head>
<title>Login Page 122</title>
</head>
<body>
<form action="LoginServlet" method="post">
Username: <input type="text" name="user">
<br>
Password: <input type="password" name="pwd">
<br>
<input type="submit" value="Login User">
</form>
</body>
</html>
Este é o meu LoginServlet que recebe a solicitação quando clicado no botão Enviar
package com;
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
private final String userID = "admin";
private final String password = "password";
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
String user = request.getParameter("user");
String pwd = request.getParameter("pwd");
if(userID.equals(user) && password.equals(pwd)){
HttpSession session = request.getSession();
session.setAttribute("user", "LoggedIN");
response.sendRedirect("LoginSuccess.jsp");
}else{
RequestDispatcher rd = getServletContext().getRequestDispatcher("/login.html");
PrintWriter out= response.getWriter();
out.println("<font color=red>Either user name or password is wrong.</font>");
rd.include(request, response);
}
}
}
Esta é minha classe Filter, que protege os recursos * .html
package com;
public class AuthenticationFilter implements Filter {
private ServletContext context;
public void init(FilterConfig fConfig) throws ServletException {
this.context = fConfig.getServletContext();
this.context.log("AuthenticationFilter initialized");
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
String uri = req.getRequestURI();
this.context.log("Requested Resource::"+uri);
HttpSession session = req.getSession(false);
if(session == null || !session.getAttribute("user").toString().equals("LoggedIN")){
this.context.log("Unauthorized access request");
System.out.println("Into session is null condition");
res.sendRedirect("login.html");
}else{
System.out.println("Into chain do filter");
chain.doFilter(request, response);
}
}
public void destroy() {
}
}
E este é o meu arquivo web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app>
<display-name>LoginFilter</display-name>
<servlet>
<description></description>
<display-name>LoginServlet</display-name>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>com.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/LoginServlet</url-pattern>
</servlet-mapping>
<servlet>
<description></description>
<display-name>LogoutServlet</display-name>
<servlet-name>LogoutServlet</servlet-name>
<servlet-class>com.LogoutServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LogoutServlet</servlet-name>
<url-pattern>/LogoutServlet</url-pattern>
</servlet-mapping>
<filter>
<display-name>AuthenticationFilter</display-name>
<filter-name>AuthenticationFilter</filter-name>
<filter-class>com.AuthenticationFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>AuthenticationFilter</filter-name>
<url-pattern>*.html</url-pattern>
</filter-mapping>
</web-app>
O problema que estou vendo é que
Estou vendo essa declaração várias vezes no console do servidor.
Into session is null condition
Into session is null condition
Into session is null condition
Into session is null condition
Into session is null condition
Into session is null condition
Into session is null condition
Into session is null condition
Into session is null condition
Into session is null condition
Into session is null condition
Into session is null condition
Into session is null condition