Alterei o web.xml para utilização dos filtros conforme a aula explica, mas depois disto a aplicação fica em looping no login, ele passa a acao para autenticar mas fica somente na acao login, se remover o filtro do web.xml ele passa a funcionar corretamente, apesar de liberar o acesso direto sem login. Segue o WEB.xml e a classe de autenticação
Web.XML
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd" id="WebApp_ID" version="4.0">
<display-name>gerenciador</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>ListaEmpresasServlet</servlet-name>
<servlet-class>br.com.magna.gerenciador.servlet.EntradaServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>ListaEmpresasServlet</servlet-name>
<url-pattern>/entrada</url-pattern>
</servlet-mapping>
<filter>
<filter-name>MF</filter-name>
<filter-class>br.com.magna.gerenciador.servlet.MonitoramentoFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>MF</filter-name>
<url-pattern>/entrada</url-pattern>
</filter-mapping>
<filter>
<filter-name>AF</filter-name>
<filter-class>br.com.magna.gerenciador.servlet.AutorizacaoFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>AF</filter-name>
<url-pattern>/entrada</url-pattern>
</filter-mapping>
<filter>
<filter-name>CF</filter-name>
<filter-class>br.com.magna.gerenciador.servlet.ControladorFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CF</filter-name>
<url-pattern>/entrada</url-pattern>
</filter-mapping>
</web-app>Classe Autenticacao
public class AutenticaUsuario implements Acao{
@Override
public String executa(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
System.out.println("Autentica Usuario - 1");
String userid = request.getParameter("user");
String pwd = request.getParameter("password");
Banco banco = new Banco();
Usuario usuario = banco.getUsuario(userid, pwd);
System.out.println("Autenticando o usuario: " + userid + " - senha: " + pwd);
if(usuario != null) {
System.out.println("Usuario Logado");
HttpSession sessao = request.getSession();
sessao.setAttribute("usuarioLogado", usuario);
return "redirect:entrada?acao=ListaEmpresas";
}else {
System.out.println("usuario nao autenticado!");
return "redirect:entrada?acao=LoginPagina";
}
}
}
Filtro autorizacao (copiei o codigo exato que está no projeto do Instrutor):
/**
* Servlet Filter implementation class AutorizacaoFilter
*/
//@WebFilter("/entrada")
public class AutorizacaoFilter implements Filter {
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException {
System.out.println("AutorizacaoFilter");
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
String paramAcao = request.getParameter("acao");
HttpSession sessao = request.getSession();
boolean usuarioNaoEstaLogado = (sessao.getAttribute("usuarioLogado") == null);
boolean ehUmaAcaoProtegida = !(paramAcao.equals("Login") || paramAcao.equals("LoginPagina"));
if(ehUmaAcaoProtegida && usuarioNaoEstaLogado) {
response.sendRedirect("entrada?acao=LoginPagina");
return;
}
chain.doFilter(request, response);
}
}o projeto completo está no git: https://github.com/WagnerCruz/gerenciador
